EU Officials Finally Coming To Terms With The Fact That The GDPR Failed; But Now They Want To Make It Worse
from the maybe-scrap-the-whole-thing dept
Ever since it came into effect, we’ve been calling out how the EU’s General Data Protection Regulation (GDPR) was an obviously problematic bit of legislation. In the four years since it’s gone into effect, we’ve seen nothing to change that opinion. For users, it’s been a total nuisance. Rather than take the big US internet companies down a notch, it’s only harmed smaller (often EU-based) internet companies. Multiple studies have shown that it hasn’t lived up to any of its promises, and has actually harmed innovation. And don’t get me started on how the GDPR has done massive harm to free speech and journalism.
But, for the past four years, within EU policy circles, it has been entirely taboo to even suggest that maybe the EU made a mistake four years ago with the GDPR. Any time we’ve suggested it, we’ve received howls of indignation from “data protection” folks in the EU, who insist that we’re wrong about the GDPR.
However, sooner or later someone had to realize that the emperor had no clothes. And in a surprising move, the first EU official apparently willing to do so is Wojciech Wiewiórowski, the EU’s Data Protection Supervisor.
So far, officials at the EU level have put up a dogged defense of what has become one of their best-known rulebooks, including by publicly pushing back against calls to punish Ireland for what activists say is a failure to bring Big Tech’s data-hungry practices to heel.
Now, one of the European Union’s key voices on data protection regulation is breaking the Brussels taboo of questioning the bloc’s flagship law’s performance so far.
“I think there are parts of the GDPR that definitely have to be adjusted to the future reality,” European Data Protection Supervisor Wojciech Wiewiórowski told POLITICO in an interview earlier this month.
Wiewiórowski, who leads the EU’s in-house privacy regulator, is gathering data protection decision-makers in Brussels Thursday-Friday to open the debate about the GDPR’s failings and lay the groundwork for an inevitable revaluation of the law when the new EU Commission takes office in 2024.
Of course, what’s funny is that when that event actually happened, the complaints were not about how maybe the entire approach of the GDPR was wrong, but that the real problem is that the Irish Data Protection Commission wasn’t willing to fine Google and Facebook enough.
European Data Protection Supervisor Wojciech Wiewiórowski on Friday said there isn’t enough privacy enforcement against tech companies like Meta and Google, hinting at a bigger role for a “pan-European” regulator.
In a speech marking the end of a two-day conference designed to scrutinize the EU’s flagship privacy code, the General Data Protection Regulation or GDPR, Wiewiórowski said enforcers had so far failed to rein in data protection abuses by big companies.
“I also see hopes that certain promises of the GDPR will be better delivered. I myself share views of those who believe we still do not see sufficient enforcement, in particular against Big Tech,” he said.
This is really a “no, it’s the children who are wrong” moment of clarity. The GDPR was sold to the European technocrats as “finally” a way to put Google and Facebook in their place. But, in practice, as multiple studies have shown, the two companies have been mostly just fine, and it’s a bunch of their competitors that have been wiped out by the onerous compliance costs.
Rather than recognizing that maybe the whole concept behind the GDPR is the problem, they’ve decided the problem must be the enforcer in Ireland (where most of the US internet companies have their EU headquarters) so the answer must be to move the enforcement to the EU itself.
Basically, the EU expected the GDPR to be a regular tool for slapping fines on American internet companies, and now that this hasn’t come to pass, the problem must be with the enforcer not doing its job, rather than the structure of the law itself. That means… it’s likely only going to get worse, not better.
Filed Under: data protection, gdpr, ireland, privacy
Companies: facebook, google, meta
Comments on “EU Officials Finally Coming To Terms With The Fact That The GDPR Failed; But Now They Want To Make It Worse”
This comment has been flagged by the community. Click here to show it.
Nope.
This is absolutely atrocious and hate-blinded… something. Journalism it sure ain’t. Like the GDPR or not as you will, but NOBODY paying ANY attention to NOYB’s efforts trying to get the Irish DPA to deliver any practical judgement at all for YEARS on end now absolutely would be aware there can be no argument for any sane person about whether the Irish DPA is in the right or not. For shame. For shame!
Re:
Is that you, Thors?
Re:
Good thing no one made that claim. Go take your shame elsewhere. Perhaps fill up a tub with it and have a soak.
Re: Re:
Projection much? Blinded by hatred describes the motivated reasoning behind GDPR as some sort of punishment. Which is more spiteful, stupidly blind hatred of whomever they are told to hate by the ‘grr Big Tech Bad’ contingent. I’ve flat out stopped following multiple websites because they never stopped ceaselessly grinding that axe and the dumb hate circle-jerk that Facebook and Google were entirely responsible for the rise of Trump because “filter bubbles” . Never mind that phenomenon of choosing what you want to hear existed well before the internet with talk radio, and the toxic movements run far deeper.
Re: Re:
Do you lack reading comprehension or something? The first two sentences of Max’s comment make it clear that they’re disparaging Mike’s article, not the GDPR.
But, for the past four years, within EU policy circles, it has been entirely taboo to even suggest that maybe the EU made a mistake four years ago with the GDPR.
Not to me. For the past three years now, I’ve been talking in meatspace about how this regulation has done nothing to stop the probing cookie problem caused by Google et al., even here in the UK, which is no longer part of the EU, and which could thus repeal it and replace it with something better. It’s a shame that legislation doesn’t feature amicus briefs in its drafting.
Re:
I somehow doubt you’re directly involved in “EU policy circles.”
Re: Re:
I think you need to read my comment without alcohol if that claim is what you got from it when I made it precisely nowhere.
Re: Re: Re:
Mike: “for the past four years, within EU policy circles, it has been entirely taboo…” (emphasis added)
You: “Not to me.”
Re: Re: Re:
Should have added – while you didn’t explicitly claim to be part of EU policy circles, one of the two reasonable ways to interpret your reply implies that you were. The other way, which I’m sure is what you meant, is “Maybe it’s taboo in EU policy circles, but it’s not taboo to me.”
Re: Re: Re:2
The other way, which I’m sure is what you meant, is “Maybe it’s taboo in EU policy circles, but it’s not taboo to me.”
Which is how I read it immediately I saw it. What took you so long?
Humans gonna human.
So what if it was a complete shitshow, did nothing we thought it would, we fought damn hard (and got donations) for this and we just need to law harder to make it work.
We can not consider it might be flawed at the most basic level, we just need to slap some lipstick on the pig and it’ll be a beauty queen in no time.
Sometimes it would be awesome to see humans try something, fail, and admit it was a stupid fucking idea & rather than keep it going go back to the drawing board & try something different.
Re:
I suspect that such admissions happen all the time. Unfortunately, we don’t have enough Ouiji board bandwidth for them to report back.
We Knew That
The German Democratic Peoples Republic (GDPR) failed 30 years ago. Everyone knows it was a useless fabrication.
Re:
Well yes, except no, because there was no such country. It was the DDR (Deutsche Demokratische Republik, or in English German Democratic Reepublic). Sorry to step on the joke.
same old story! those making the rules/laws dont have a friggin’ clue in how to make something right! they’re only interested in the number of times something can be made to look as if it was put right by them!!
I read the title as CDPR and it still made sense.