One year after EU’s groundbreaking General Data Protection Regulation took effect, evidence is mounting that the law has shortcomings and unintended consequences that are hurting businesses, consumers and innovation.
Brussels has set out to make the bloc a leader in the digital economy, and policymakers are actively seeking to make GDPR the global standard for privacy and data use. Proponents argue that the regulation, which limits how companies can use information that touches on someone’s ethnicity, political opinions, religious beliefs or sexual orientation, is key to building user trust.
But a closer look shows that GDPR is holding European businesses back. For example, the law requires organisations to explain how they use personal data in artificial intelligence systems and other automated decision-making that has a significant impact on individuals, such as whether to offer a mortgage.