Can Silicon Valley expect European-style regulation here at home?

Can Silicon Valley expect European-style regulation here at home?
© Getty

During one of the most closely followed congressional hearings of all time, Republican Sen. Lindsey GrahamLindsey Olin GrahamRon Johnson signals some GOP senators concerned about his Obama-era probes Democrats ramp up warnings on Russian election meddling Hillicon Valley: Facebook removed over 22 million posts for hate speech in second quarter | Republicans introduce bill to defend universities against hackers targeting COVID-19 research | Facebook's Sandberg backs Harris as VP pick MORE (R-S.C.) looked Facebook CEO Mark ZuckerbergMark Elliot ZuckerbergFacebook removed over 22 million posts for hate speech in the second quarter Hillicon Valley: Trump order targets TikTok, WeChat | TikTok fires back | Chinese firms hit hard in aftermath Female lawmakers pressure Facebook to crack down on disinformation targeting women leaders MORE square in the eye and asked him a very simple question: “Do you think the Europeans have it right?”     

Graham wasn’t the only legislator to make reference to Europe during their questioning. Sen. Maria CantwellMaria Elaine CantwellThe Hill's Coronavirus Report: Mike Roman says 3M on track to deliver 2 billion respirators globally and 1 billion in US by end of year; US, Pfizer agree to 100M doses of COVID-19 vaccine that will be free to Americans Overnight Energy: Supreme Court reinstates fast-track pipeline permit except for Keystone XL | Judge declines to reverse Dakota Access Pipeline shutdown OVERNIGHT ENERGY: Watchdog accuses Commerce of holding up 'Sharpiegate' report | Climate change erases millennia of cooling: study | Senate nixes proposal limiting Energy Department's control on nuclear agency budget MORE (D-Wash.) also queried Zuckerberg, “Do you believe the European regulations should be applied here in the U.S.?”


We don’t usually turn to the EU to set precedent for how to best regulate our businesses in the United States. Generally, it’s quite the opposite. The U.S. prides itself on being a more business friendly environment — allowing for American innovation to thrive without too much red tape.


However, when it comes to setting a legislative agenda for the digital economy, we’ve fallen behind.

By long relying on big technology companies to self-regulate, we’ve put ourselves in a unique position where Congress is now in a hurry to solve serious data protection problems. Solving problems in a crisis is never easy. The simplest way forward can often mean leaning on others ideas or rules and adapting them as your own. That’s why so many members of Congress are curious about Zuckerberg’s opinions on the EU’s regulatory approach. They are the first to do it.

In fact, the conversations we’re only just beginning to have here in the US — from SESTA to the CLOUD Act to Cambridge Analytica — have been going on for almost five years in Europe.

In 2015, the European Commission announced plans to prioritize and launch a set of regulations known as the “Digital Single Market.” The DSM will provide a single group of laws governing digital policy for all 28 (soon 27) member states. Everything from copyright, to platform regulation, to artificial intelligence, to intermediary liability to consumer protection and hate speech are all on the table, and have been for a while.

It’s no secret that the EU has always taken a different approach to privacy and data protection, but they’re also the only ones who have taken any significant action to craft such extensive rules to govern these issues. The first comprehensive piece of legislation to emerge from the DSM, the General Data Protection Regulation (GDPR), tackles this issue.

Zuckerberg referred to it during the hearing, and to the actions Facebook has already taken to adhere to it. The GDPR comes into force on May 25, and it addresses how companies manage the personally identifiable information of EU citizens when processing data both within and outside of the EU. That means any company in the U.S. that has customers in the EU is liable, from tech giants like Facebook and Google to some of America’s smallest startups. Companies that fail to comply by May 25 may face fines of up to 20 million euros or four percent of their annual turnover.

However much we may have in common with our allies in Europe, let’s be careful not to copy and paste the EU’s solution to this complex problem. In the same way they take a different approach to privacy, we too should take a different approach to regulating it. The months ahead should be an opportunity to learn from companies that implement the GDPR, what works and what doesn’t.

The conversations around data protection and the future of the digital policy in the US will be difficult. They were difficult in the Europe as well. But let’s take the time to hear from all voices affected — whether they’re a three employee startup, or a tech behemoth with 30,000 employees. These rules impact all of us. So it’s vital that we take the time to develop our own approach — one that will provide protection without stifling American innovation that has made Silicon Valley the technology leader around the world.

Melissa Blaustein is the founder and CEO of Allied for Startups, a global network for startups, entrepreneurs, VCs, and advocacy organizations working together to build a worldwide consensus on key public policy issues impacting startups.