Sometimes if you want to win, you need to change how the game is played. At least that’s the case with the European Union’s new General Data Protection Regulation, which takes effect May 25 and imposes tough new rules on companies that traffic in the personal data of EU citizens. Firms that fail to protect users’ information will face steep fines of up to 4 percent of their global sales.
Why so strict? Put yourself in the EU’s shoes. You know you risk falling behind the US and China in the race to develop artificial intelligence and other next-generation technologies that rely on processing massive amounts of data — some of it very sensitive. The danger is not just that you will miss out on the economic gains that will come from harnessing the next phase of the digital revolution (although that is important). It’s that a world dominated by foreign technology might not reflect your values.
But catching up will be hard; the digital revolution is being driven by the private sector. Huge US and Chinese internet companies like Google, Facebook, Baidu and Alibaba have serious advantages in attracting talent and resources, including raw data, that European rivals will struggle to match. So, what do you do? If you’re Europe, you worry less about winning the race and focus on shaping the rules instead.
There’s a catch, though. Put too many expensive hurdles in their way, and innovative companies may decide that offering services in Europe is no longer worth the hassle. That could leave the EU even further behind in the technology race.
