(Ed. Note: The “Innovation Fact of the Week” appears as a regular feature in each edition of ITIF’s weekly email newsletter. Sign up today.)
This is emblematic of one of the core problems with the GDPR: It is a confusing and impractical set of rules that organizations must dedicate an enormous amount of time and money to comply with, but it offers consumers little to no benefit. Instead of hiring engineers, companies are hiring privacy lawyers. Instead of investing in R&D, companies are buying GDPR insurance.
Fortunately, this is also a teachable moment. No, it is not an opportunity for companies to learn how to better protect consumer data—they are too focused right now on avoiding fines. Instead, it is an opportunity for policymakers to discover the consequences of laws demanding privacy at any cost.
We are already witnessing the fallout:
- Instapaper, the popular online service for saving articles and webpages to read later, announced that it was indefinitely suspending service for European users.
- Klout, the social media startup acquired for $200 million in 2014, revealed it would shut down its well-known reputation score service on May 25.
- The Czech social media company, Seznam.cz, said it will shut down its social network due to the new regulations.
- Uber Entertainment, an online gaming company, shut down its Super Monday Night Combat game because of the rules.
- And the blockchain startup Parity announced that its identity verification service will shutter as a result of the new law.
In short, the GDPR is an innovation killer. And the list of victims will keep growing as compliance costs for businesses increase and online ad revenues decrease.
But while it is too late to stop GDPR in the European Union, other countries do not need to go down this dark path. Instead of heavy-handed rules, they should be streamlining their regulatory systems to promote light-touch regulation of the digital economy focused on preventing consumer harm and enabling digital innovation.