The wounds inflicted by the General Data Protection Regulation (GDPR) are still so fresh for many marketing and in-house compliance departments that the thought of going another round with a new European privacy law is almost too much to bear. And yet, more is coming.
The next step will be adoption of the EU’s ePrivacy Regulation, due towards the end of 2018 or early 2019. Implementation will have impacts on current business operations and future innovation. European tech is already lagging behind Chinese and North American competitors and this will just create one more obstacle.
The substance of the regulation has avoided extensive public scrutiny, overshadowed by the coming into force of GDPR. This is unfortunate, because the law addresses essential issues of data privacy and introduces important paradigm shifts. And like GDPR, the law will apply to companies outside Europe, with heavy fines for infringers. But the proposed text contains serious ambiguities that, unless they are resolved, will only make it harder for Europe to get back in the race.