David and Goliath: the GDPR and regulating the data-centric society

One year from the direct applicability of the new European Privacy Regulation…

“Regulating the internet giants: The world’s most valuable resource is no longer oil, but data” published in the May 6th 2017 edition of The Economist explains the enormous power that Internet companies have due to their control over data.  It rightly describes that “[q]uantity has a quality all its own” by arguing that data is ever-more valuable, pushing more traditional industries to become data firms. 

The article outlines two principles for consideration, calling for traditional antitrust rules to be updated taking into account data assets in the impact assessments of mergers and acquisitions while increasing transparency and thus giving more control to users, those who provide the very economic lifeblood of these companies.  I suggest, however, the addition of a third fundamental principle to be considered in the data society: Corporate Social Responsibility through Data Protection. 

Look at recent developments like the of Digital Out-of-Home advertising. The world of advertising has made incredible progress thanks to the digitalization of something as simple as the billboard.  Consumers are constantly bombarded with strategic advertisements not only on their personal devices but also by way of digitalised billboards and screens in public spaces that are capable of measuring impact and driving ROI.

No present or forthcoming legal framework (whether it be new competition rules or the EU’s much-discussed General Data Protection Regulation, which will apply one year from today in 25 May 2018) will ever be able to effectively regulate our data-centric society while also perfectly maximizing the benefits for citizens and effectively minimizing risks. Regulators and institutions can no longer be the police of the Internet. The time when companies were able to consider fair competition practices and data protection as mere legal compliance obligations is of the past. Instead, in this data-centric world businesses need to consider fair practices, privacy, and data protection as assets that can help them to responsibly further their economic targets.  It’s time for companies to actively take responsibility in the data-centric society.

Comments are closed.