FEATURED:

Can Silicon Valley expect European-style regulation here at home?

Can Silicon Valley expect European-style regulation here at home?
© Getty

During one of the most closely followed congressional hearings of all time, Republican Sen. Lindsey GrahamLindsey Olin GrahamCongress raises pressure on Saudi Arabia Saudi Arabia's myopia is the cause of the Khashoggi blunder Graham on Saudi Arabia: 'I feel completely betrayed' MORE (R-S.C.) looked Facebook CEO Mark ZuckerbergMark Elliot ZuckerbergSenate Dem asks tech companies to look into Saudi propaganda efforts Hillicon Valley: Russia-linked hackers hit Eastern European companies | Twitter shares data on influence campaigns | Dems blast Trump over China interference claims | Saudi crisis tests Silicon Valley | Apple to let customers download their data Public funds support proposal to remove Zuckerberg as Facebook chairman MORE square in the eye and asked him a very simple question: “Do you think the Europeans have it right?”     

Graham wasn’t the only legislator to make reference to Europe during their questioning. Sen. Maria CantwellMaria Elaine CantwellHillicon Valley: Facebook deletes accounts for political 'spam' | Leaked research shows Google's struggles with online free speech | Trump's praise for North Korea complicates cyber deterrence | Senators want Google memo on privacy bug Congress moves to ensure the greater availability of explosives detecting dogs in the US Overnight Energy — Presented by Southern Utah Wilderness Alliance — Trump ends law enforcement program at wildlife refuges | Pruitt canceled trips he already had tickets for | Senate panel approves new parks fund MORE (D-Wash.) also queried Zuckerberg, “Do you believe the European regulations should be applied here in the U.S.?”

ADVERTISEMENT

We don’t usually turn to the EU to set precedent for how to best regulate our businesses in the United States. Generally, it’s quite the opposite. The U.S. prides itself on being a more business friendly environment — allowing for American innovation to thrive without too much red tape.

 

However, when it comes to setting a legislative agenda for the digital economy, we’ve fallen behind.

By long relying on big technology companies to self-regulate, we’ve put ourselves in a unique position where Congress is now in a hurry to solve serious data protection problems. Solving problems in a crisis is never easy. The simplest way forward can often mean leaning on others ideas or rules and adapting them as your own. That’s why so many members of Congress are curious about Zuckerberg’s opinions on the EU’s regulatory approach. They are the first to do it.

In fact, the conversations we’re only just beginning to have here in the US — from SESTA to the CLOUD Act to Cambridge Analytica — have been going on for almost five years in Europe.

In 2015, the European Commission announced plans to prioritize and launch a set of regulations known as the “Digital Single Market.” The DSM will provide a single group of laws governing digital policy for all 28 (soon 27) member states. Everything from copyright, to platform regulation, to artificial intelligence, to intermediary liability to consumer protection and hate speech are all on the table, and have been for a while.

It’s no secret that the EU has always taken a different approach to privacy and data protection, but they’re also the only ones who have taken any significant action to craft such extensive rules to govern these issues. The first comprehensive piece of legislation to emerge from the DSM, the General Data Protection Regulation (GDPR), tackles this issue.

Zuckerberg referred to it during the hearing, and to the actions Facebook has already taken to adhere to it. The GDPR comes into force on May 25, and it addresses how companies manage the personally identifiable information of EU citizens when processing data both within and outside of the EU. That means any company in the U.S. that has customers in the EU is liable, from tech giants like Facebook and Google to some of America’s smallest startups. Companies that fail to comply by May 25 may face fines of up to 20 million euros or four percent of their annual turnover.

However much we may have in common with our allies in Europe, let’s be careful not to copy and paste the EU’s solution to this complex problem. In the same way they take a different approach to privacy, we too should take a different approach to regulating it. The months ahead should be an opportunity to learn from companies that implement the GDPR, what works and what doesn’t.

The conversations around data protection and the future of the digital policy in the US will be difficult. They were difficult in the Europe as well. But let’s take the time to hear from all voices affected — whether they’re a three employee startup, or a tech behemoth with 30,000 employees. These rules impact all of us. So it’s vital that we take the time to develop our own approach — one that will provide protection without stifling American innovation that has made Silicon Valley the technology leader around the world.

Melissa Blaustein is the founder and CEO of Allied for Startups, a global network for startups, entrepreneurs, VCs, and advocacy organizations working together to build a worldwide consensus on key public policy issues impacting startups.