Silicon Valley innovators often see Europe as a fragmented landscape of independent markets with myriad regulation at the European and national level. At the same time, on personal data protection and data ownership, this picture of fragmented Europe does not apply.
There are fundamental differences between privacy regulations in Europe and the US. The US approach relies primarily on industry self-regulation, which has created a situation where consumers have little control over personal data and few chances to act when they find their privacy has been invaded. In Europe, privacy is considered a fundamental value and a human right that must be safeguarded, not left to companies.
The US regulation typically allow companies to reveal only what they want about their practices in terms of collecting and using personal data. Privacy policies and terms of use are often incomprehensible and companies are free to rewrite their policies after collecting your data, says Marko Turpeinen, Silicon Valley Hub director at EIT Digital.
The regulations also vary depending on the industry and the type of data being collected. For example, the health and financial information is more strictly controlled, and Federal Communication Commission (FCC) recently adopted new privacy rules that better empower the consumers to control the use of their own data in the telecommunications sector.
The European rules are stricter and more consumer focused. They are implemented uniformly in the EU member states, and the rules apply equally to all. New General Data Protection Regulation (GDPR) defines in detail what companies can and can’t do in terms of collecting, using, disclosing and storing personal information.
Companies are facing stringent requirements in terms of transparency, documentation, reporting and approval. Companies that don’t abide by these rules can face significant penalties, up to 4% of their global turnover.
Ownership of data, both personal and machine-generated, is at the core of the data-driven economy. New marketplaces for data are emerging, and companies are positioning themselves as trusted data operators. Digital transformation and personalisation of services require thorough data protection and privacy management.
Instead of being a hindrance to innovation, stringent privacy and data protection regulation is a sustainable and ethical European business advantage. It shifts control from industry to consumers who get the right to approve the way their information is being used. If a company complies with the rules in Europe, it meets the consumer requirements everywhere in the world.
At EIT Digital, the leading European digital innovation and entrepreneurial education organisation, we have made privacy and security one of our priorities by addressing this area within the Digital Infrastructure Action Line which is the core enabler of the digital transformation by providing secure, robust, responsive and intelligent communications and computation facilities. Read more about EIT Digital Digital’s Infrastructure Action Line.
The author of this blog is Marko Turpeinen, Silicon Valley Hub director at EIT Digital.
Comment on this article below or via Twitter: @ VanillaPlus OR @jcvplus
