Europe’s new General Data Protection Regulation is, all being well, likely to be enacted by the end of 2014, after which businesses will have a two-year transition period to comply. Although the Regulation is seen as a step in the right direction in Europe, where the current fragmented approach to data protection legislation based on the 1995 Data Protection Directive is seen as more of a hindrance than a help to business, it’s not being received so warmly around the world.
A study released by the US Chamber of Commerce last year assessed the potential external trade impact of the proposed GDPR and concluded that:
‘If services, trade and cross-border data flows are seriously disrupted (assuming that binding corporate rules, model contract clauses and EU-US Safe Harbor framework are no longer recognized), the negative impact on EU GDP could reach -0.8% to -1.3%. EU services exports to the United States drop by -6.7% due to loss of competitiveness. As goods exports are highly dependent on efficient provision of services (up to 30% of manufacturing input values come from services), EU manufacturing exports to the United States could decrease by up to -11%, depending on the industry. In such case, the export benefits produced by the EU-US FTA are eradicated by a good margin.
‘The direct negative welfare effect (under the same assumptions) of the regulation could reach up to 1,353 USD (1041 euro) per year for a household of four people.
‘If the ‘right to be forgotten’ rule is added, the regulation could cause a GDP decrease for the EU of -1.5% to -3.9%, and welfare loss of or 4,566 USD (3,512 euro) per household. This rule, however, is contested and considered by experts to be ‘technically impossible’ to implement.
‘To offset the potential negative effects from trade and productivity losses under the assumption that the ‘right to be forgotten’ rule is not implemented, final private consumption in the EU would have to be boosted by 13% on all goods and services.’
While it’s hardly surprising that legislative changes will be resisted by those who will be restricted by them, the transfer of data between the EU and the US remains a contentious issue following the disclosure of the NSA’s monitoring of private communications, and the effectiveness of the Safe Harbor is being re-examined.
According to the US’s National Law Review, the EC has already proposed 13 recommendations to change the Safe Harbor Framework, which will undoubtedly be challenged by the US. It’s hoped that negotiations to ensure continuing, mutually beneficial trade between the EU and the US don’t last as long as the negotiations to introduce the GDPR itself.
We will of course keep you up to date with developments as they occur.