As Data Flows Across Boundaries, a Patchwork of Laws Stifles Innovation 
COMMENTARY

August 21, 2023by Rony Shalit, Vice President of Compliance and Ethics, Bright Data
As Data Flows Across Boundaries, a Patchwork of Laws Stifles Innovation 

The EU-U.S. adequacy decision implemented last month is the latest example of the difficulty of setting up, implementing and enforcing a global data standard to support current and future innovation.

The European Commission concluded that existing U.S. data privacy standards were sufficient to allow personal data to flow safely from the EU to U.S. companies under the EU-U.S. Data Privacy Framework. While the framework aims to provide an adequate level of protection for personal data flowing between the continents, we’re not out of the woods yet. 

The 137-page document is set to frame the processing of personal data and the free movement of such data after the Court of Justice of the European Union in July 2020 invalidated the previous adequacy decision on the EU-U.S. Privacy Shield.

But history could repeat itself. A court could determine this decision also does not adequately protect the privacy of EU citizens’ data when transferred to the United States.

Multinational businesses need to align with the EU’s General Data Protection Regulation, which is one of the strictest data protection laws in the world, but they also need to take into account the U.S. regulation, which does not have a single federal data protection law. Instead, some states have no regulation, while the California Consumer Protection Act mirrors GDPR’s stringent nature, and others fall somewhere in between

Here’s an example of how counterproductive non-federal (and non-global) data regulation can be. On New Year’s Day, Montana’s total ban on TikTok goes into effect, but it’s the only state so far to make such a sweeping move. The legislation was signed following discussions about protecting U.S. residents from data gathering through TikTok, creating a very disjointed approach to regulation. 

No one knows how the law can be enforced and what will happen to a user’s mobile when crossing from Wyoming to Montana while scrolling through TikTok. Will the Apple app store block the app while flying from Toronto, Canada, to Seattle, Washington, just as the plane goes over the Treasure State?

This type of one-off legislation demonstrates the difficulties and challenges of implementing regulations across states and countries.

The complexities of crossing boundaries become amplified an ocean away. It took 28 years for the Data Protection Directive, the EU’s predecessor to GDPR, to establish the first phase of a data transaction deal across the Atlantic. Today innovation moves much faster and no such rules or regulations are in place for the new developments happening by the hour.

AI is the perfect current example, and we can’t wait another 28 years for that. There are more than 100,000 AI tools currently.

As more tools emerge and become part of day-to-day life, an agreed-upon ethical framework and regulation are of paramount importance. In May, OpenAI CEO Sam Altman suggested that the U.S. should consider a combination of licensing and testing requirements to develop and release AI models above a threshold of capabilities.

We know there is a need for global regulation, but we also understand the challenges in setting, agreeing and implementing such regulation. There are a number of reasons countries (and states) run into roadblocks when trying to reach agreement on regulation, such as perspective, ethical standpoint, cultural difference, the complexity of the market or changes in governance.

It’s up to organizations, startups, conglomerates and AI pioneers to self-regulate and build the data ethics that will govern every new emerging technology.

We have the responsibility to protect the privacy of users by developing and implementing strong data protection practices, collaborating across industries to share information and best practices, and even developing a common standard for data protection.

This is not a substitute for promoting cross-regional regulation by lobbying governments to adopt strong data ethics laws and working with regulators to develop and enforce global data ethics standards. The EU-U.S. adequacy decision is another step in the long journey of global data regulation, but we need to run together.

More work must be done to achieve a global data regulation that protects not only our data but also our need and thirst for amazing innovation to come.


Rony Shalit is responsible for overseeing global compliance with Bright Data’s products and growing and shaping Bright Data’s ethical approach to web data collection and proxy usage that sets the standard for the industry. Bright Data is the world’s leading web data platform. He can be reached on LinkedIn.

A+
a-

In The News

Health

Voting

Opinions

E15 Fuel Can Be an Important Tool to Tackle Climate Change

On Earth Day this April, many Americans reflected on what we can do to protect our planet. We are already... Read More

On Earth Day this April, many Americans reflected on what we can do to protect our planet. We are already seeing the effects of climate change, and we know this is not a problem for future generations to solve — it’s up to us. One fact remains clear:... Read More

Latest Cyberattack Is Yet Another Wake-Up Call to Protect the Practice of Independent Medicine

With the rapid increase in drug and labor costs, more administrative burdens from insurance companies, and growing demand for health... Read More

With the rapid increase in drug and labor costs, more administrative burdens from insurance companies, and growing demand for health care, it’s more challenging — yet even more important — for doctors to continue serving their communities. Nevertheless, independent practices in towns across the country have... Read More

June 11, 2024
by Trump Agonistes
Trump Agonistes

One of the intriguing stories in the Bible about the power of vengeance is that of the death of Samson,... Read More

One of the intriguing stories in the Bible about the power of vengeance is that of the death of Samson, which is described in Judges 16.  The strong-man judge of Israel and scourge of the uncircumcised Philistines had finally been betrayed by Delilah and captured by... Read More

The Supreme Court: Term Limits and Mandatory Retirement

Recent Supreme Court decisions have served as reminders of the politicization of the high court. This does not imply that... Read More

Recent Supreme Court decisions have served as reminders of the politicization of the high court. This does not imply that there hasn’t always been a political element to Supreme Court nominations, confirmations and subsequent decisions. However, in recent years, replete with acrimonious Senate hearings, the politicization... Read More

Large Cannabis Companies Spending Millions to Shut Down Hemp 

The year thus far has been enlightening for lawmakers and hemp industry stakeholders. Just as the hemp industry started to... Read More

The year thus far has been enlightening for lawmakers and hemp industry stakeholders. Just as the hemp industry started to recover after a rocky start, a fellow product category took aim — the cannabis industry. And coming out of the House Farm Bill markup, the agenda... Read More

Congress Should Do More for Fans of Live Events

The Department of Justice’s lawsuit against Live Nation/Ticketmaster tells the story of the company’s monopolistic behavior and calls for the... Read More

The Department of Justice’s lawsuit against Live Nation/Ticketmaster tells the story of the company’s monopolistic behavior and calls for the company to be broken up.  The complaint highlights incidents regarding Ticketmaster’s use of exclusive contracts, pressure on artists to use its services, threats of financial retaliation... Read More

News From The Well
scroll top