By: Henry Rademacher
On Tuesday, December 3, 2019, the Law and Economics Center hosted a panel discussion on GDPR, its negative economic effects, and the potential for those effects to impact the economy of the United States. Titled “Is EU Privacy Regulation Being Exported to the US?” the event highlighted the impact that the General Data Protection Regulation (GDPR) has on American companies, while also addressing what consumers and policymakers in the U.S. can do to prevent similarly disastrous regulation from becoming law in the U.S.
The opening remarks were given by Noah Phillips, a Commissioner at the Federal Trade Commission and former chief counsel to Senator John Cornyn of Texas. Phillips expressed concern with the precedent that GDPR has set and believes that similar regulations could be implemented in the U.S. if consumers and policymakers are not vigilant. He noted that despite the thoroughly documented adverse economic effects of GDPR, many in the U.S. still want legislation that mirrors it.
Liad Wagman is an Associate Professor of Economics at the Illinois Institute of Technology who has studied data collection regulation extensively. Wagman presented data showing that venture investment in European tech companies has fallen substantially since the enactment of GDPR. The falling levels of venture investment will have the biggest impact on startups and smaller companies, many of whom have shut down altogether due to an inability to comply with GDPR.
“Data regulation has costs. One year after GDPR, the picture it paints is pretty stark,” Wagman said.
James M. Sullivan is Deputy Assistant Secretary for Services at the Department of Commerce, a position that allows him to see first-hand the devastating effects that overbearing regulation can have on innovation, competition, and costs paid by consumers. Sullivan was especially concerned with the fact that many states are enacting their own privacy laws, frequently modeled on GDPR. He believes this will lead to “balkanization” of privacy laws and make it even more difficult for companies to do business.
Sullivan brought up privacy laws that have been passed in places like Brazil and India and pointed out that they follow GDPR’s lead by theoretically applying to corporations with no physical presence in those countries. Sullivan said that when he travels to developing countries, people frequently view European-style privacy laws as a form of neocolonialism because they place overbearing restrictions on non-European companies in order to satisfy European bureaucrats.
Lydia B. Parnes is a Partner at Wilson Sonsini Goodrich & Rosati, where she chairs the firm’s privacy and cybersecurity practice. She shares the concerns of her fellow panelists regarding GDPR’s impact on the economies of both Europe and the U.S. As a private sector employee who deals with security and data issues near the highest levels, Parnes is extremely qualified to discuss what a disaster GDPR has been for businesses.
She disputed the idea that the U.S. does not have good enough privacy laws, stating that “the U.S. has very strong privacy laws. They’re just different.”
Parnes discussed a number of strategies, including Privacy Shield, that her firm uses to assist clients struggling to comply with GDPR. However, she was not optimistic about the prospects for startups and smaller companies. Parnes did express optimism that eventually the regulatory climate would improve, but not by importing European-style federal overreach to the U.S.
The themes discussed most were loss of investment, loss of innovation, loss of competition, and extremely high compliance costs for the companies that have stayed in business. After a year and a half, the experts seem to be saying that GDPR is a losing proposition across the board. Uninformed liberal politicians continue to advocate for the U.S. instituting its own version of GDPR. This would be an unmitigated disaster and anyone who values free markets should fight against allowing it to happen.
Photo credit: Rock Cohen (Flickr)