The European Union’s new General Data Protection Regulation is now in full effect. As many companies still scramble to comply, there are still questions about what the full impact of the law will be and whether it’s even possible to fully comply with the law. One thing is clear, though: This is another case of Europe regulating first and considering the impact later.
At April’s Startup Launchpad conference, Bo Ji, the chief representative for Europe at CKGSB, reminded the audience of an oft-quoted saying: America innovates, China duplicates, Europe regulates. “So Europeans are the worst,” he said. “They regulate everything before they allow innovation to breathe.”
It’s a damning quote from someone who represents a company’s interests in Europe, but it’s not unfair. The GDPR will have wide-ranging effects and no one knows what they are yet. Some people think it could be good for Europe’s economy while others think it’s a bad omen.
When the law went into effect on May 25, many companies that felt ill-equipped to comply with the law believed the safe thing to do would be to just block all IP addresses of EU countries. A number of news sites, among other services, have taken this approach.
Generally speaking, good data protection policies are also good business, as we’ve explained on this blog before. The GDPR can complicate things for smaller businesses, though. Even businesses without a presence in Europe.
For now, no one seems sure what enforcement will look like. Violations can result in fines of 4 percent of global revenue. For companies with a physical presence in Europe, getting companies to comply might not be difficult. Given that all companies are global companies these days, compliance might be easier than the headache of trying to to comply with the law later when entering the European market.
Since the law applies to any company selling goods to or collecting data from EU citizens, it’s a good chance that many startups need to be thinking about how to compliance. Companies deliberately marketing and selling to Europeans will have to appoint a representative in the EU. Companies for which consumer data collection is a core activity are also required to have a data protection officer.
Ultimately, regulations like this add many expenses to companies and that always favors the dominant players in a market. However, the harsh regulatory environment is just one reason startups choose to expand to other markets first. We’ve made the case here for why startups should consider Asia first when looking at expanding overseas. Europe will still be there for you to conquer in the future.
Featured image from Frank Buschman.
Free Email Updates
Get the latest content first.
Congratulations. Welcome to the family.