WASHINGTON — Louis Brandeis, a great American jurist and one of the founders of modern privacy, once wrote that the “right to be alone is the most comprehensive of rights, and the right most valued by free people.” And yet when it comes to privacy and the role of data-hungry tech giants, today the United States is lagging behind.
The Cambridge Analytica scandal that broke last year opened our eyes to the fact that our data can not only be monetized, but also weaponized for political gains. The key question facing regulators has become: How do you protect people’s data while also allowing companies to thrive and reap the benefits of digitalization?
Europe’s privacy law reform — known as the General Data Protection Regulation — was an attempt to answer that challenge. The effects since we rolled out the new rules, almost a year ago, have been overwhelmingly positive, both for citizens and for business.
Because our world is deeply interconnected, we need international partners to make sure people’s rights online are truly protected.
To do so, Washington and the European Union urgently need to move closer on privacy issues and become global leaders for free and secure data flows.
There is a great deal at stake. Privacy is not only a consumer issue; it’s about the good functioning of our democracies.
Europe has taken the first steps to protect citizens’ privacy and our new regulations have proven to be effective — both for our citizens and our businesses.
Our regulation is based on simple principles: It is a federal law with a core set of rights and is enforced by independent authorities. The advantage of this approach is that it creates the same rules for businesses and offers them an easy way to move data between one another. And by enforcing a “one continent, one law” principle in Europe, companies avoid a hodgepodge of rules and save up on compliance costs.
In practice, our law means that people have more control over their personal data. They have the right to access the data, amend it and decide who can use it.
Companies report that the rollout of the new rules was an opportunity for them to put their house in order when it comes to the data they hold, and increase its security. It also helped them build trust with their customers and offer innovative, more privacy-friendly services. In a word, GDPR works.
It’s time for America to join us, Japan and many others in our work, and be part of setting the global standards on privacy.
Beyond the security of our data, privacy rules also play a crucial role in debates on the development of artificial intelligence, 5G networks and competition rules. They offer a regulatory base to these discussions, for example by outlining limits on sharing data with foreign governments.
These benefits could be part of America’s solution to its own privacy debate. The values enshrined in our privacy rules are the same ones on which the U.S. was built: individual freedom and the spirit of free enterprise.
Today, the world is split into two camps. There is a people-friendly camp that understands that we should have more control over our data and that our rights must be protected. It shares the view that everyone, including governments, must be bound by certain limits when it comes to processing of our personal data. Europe is a proud member of this club because it is based on our democratic values — it reflects who we are.
The other camp that has a more lax approach to privacy. It prioritizes uninhibited and uncontrolled access to data in the name of business or government interests. This camp is on a slippery slope and risks alienating people who are rightly concerned about their right to privacy.
Today, the U.S. is at a crossroads. Many U.S. tech companies have already understood the many upsides of our GDPR regulation and voiced their public support to strong privacy rules. But Washington has not yet committed to joining our camp.
Europe has taken the first steps to protect citizens’ privacy and our new regulations have proven to be effective — both for our citizens and our businesses.
If the EU and U.S. can find common ground on how to legislate privacy, the world’s tech giants would really be forced to embrace change.
It’s time for America to join us, Japan and many others in our work, and be part of setting the global standards on privacy. We should be building a global coalition to tackle the challenge together and promote free trade based on respect for strong privacy rules.
Many in the U.S. are calling for more drastic solutions, such as breaking up the tech giants. A better way to address the challenges the country faces is to sign up to better privacy rules.
If the EU and U.S. can find common ground on how to legislate privacy, the world’s tech giants would really be forced to embrace change. Only by working together can we create an environment where businesses can send data freely and citizens regain trust in the digital world.
Věra Jourová is European Commissioner for justice, consumers and gender equality.