ITIF Logo
ITIF Search

The Impact of the EU’s New Data Protection Regulation on AI

The Impact of the EU’s New Data Protection Regulation on AI
March 26, 2018

The EU’s new data privacy rules, the General Data Protection Regulation (GDPR), will have a negative impact on the development and use of artificial intelligence (AI) in Europe, putting EU firms at a competitive disadvantage compared with their competitors in North America and Asia.

The EU’s new data privacy rules, the General Data Protection Regulation (GDPR), will have a negative impact on the development and use of artificial intelligence (AI) in Europe, putting EU firms at a competitive disadvantage compared with their competitors in North America and Asia. The GDPR’s AI-limiting provisions do little to protect consumers, and may, in some cases, even harm them. The EU should reform the GDPR so that these rules do not tie down its digital economy in the coming years.

The EU’s new data privacy rules, the General Data Protection Regulation (GDPR), will go into effect on May 25, 2018. The GDPR regulates EU organizations that use or processes personal data pertaining to anyone living in the EU—regardless of where the data processing takes place. These new regulations will kick in at a time when companies around the globe are fiercely competing to develop and use artificial intelligence (AI)—a set of technologies that allows computers to perform tasks much like a human—as a means of boosting productivity through its more efficient processes and higher-quality outputs.

While a substantial number of AI's uses do not involve personal data, the many others that do will be subject to the GDPR. Consumers who routinely interact with AI-enabled services such as personal assistants that respond to spoken queries, robo-advisors that provide automated financial advice, and movie recommendations on streaming services will be significantly affected, as will virtually every European company that processes personal data—such as payroll—and can use AI to make their operations more efficient. As such, by both indirectly limiting how the personal data of Europeans gets used and raising the legal risks for companies active in AI, the GDPR will negatively impact the development and use of AI by European companies.

Despite different jurisdictions having different goals when it comes to privacy, policymakers and citizens in the EU should understand that the GDPR will come at a significant cost in terms of innovation and productivity. At a time when two major world powers, the United States and China, are vying for global leadership in AI, EU policymakers need to recognize that a failure to amend the GDPR to reduce its impact on AI will all but consign Europe to second-tier status in the emerging AI economy.

Back to Top