Rethinking data protection: We urgently need to change the GDPR

The understanding and value of personal data has changed fundamentally.

What once meant bureaucracy and abstract data processing defines technical progress today.

Data means competition, value creation, prosperity and growth.

But they also mean research, safety, health and life.

The General Data Protection Regulation (GDPR) does not meet this requirement.

Nevertheless, many political representatives portray it as inviolable. Any objectively justified criticism is quickly demonized as an attack on the fundamental right to data protection per se. There are solutions to enable innovations without endangering the protection of the individual. It would be downright negligent if legislators did not constantly question their work and try to improve legal texts. Why is there a lack of courage to modernize data protection?

Yes, it's true, the GDPR was groundbreaking in many ways.

As a global model for data protection legislation, it is rightly regarded as the epitome of “Made in Europe” standards.

At the same time, however, it also became a symbol of the Brussels bureaucracy monster, which has given many - especially small and medium-sized - companies, as well as associations and private individuals, headaches to this day.

Their public outcry could not be ignored after the new rules came into effect in 2018.

Risk of becoming a data colony

Overloaded with highly complex concepts and at the same time ambiguous definitions, it takes legal experts to understand the regulation and implement it correctly. In contrast to large companies, most of those affected do not have access to the legal, technical and financial resources necessary for correct application. Nevertheless, the GDPR does not differentiate between different companies, sectors and also new technologies, since in theory it is intended as a framework for everyone. However, it is precisely this approach that fails due to reality.

It's not just about the already big problem of bureaucracy, which often makes it almost impossible for European medium-sized companies and start-ups to keep up with the big tech companies.

What was originally thought of as “technically neutral” prevents the innovations that will determine our future, such as artificial intelligence (AI), blockchain or cloud computing, from being used or further developed in Europe today.

Our technological dependencies only grow in this way, and we run the risk of becoming a data colony in the end.

In doing so, we not only risk our digital sovereignty, but also the possibility of using digital solutions for climate protection or in the healthcare sector for the benefit of all and using them more efficiently.

In the healthcare sector, for example, digital solutions are potential lifeguards. With the help of large data sets, technologies such as AI could be used both in diagnosis and in drug research and development. In the pandemic in particular, the central storage of data would have helped to manage the crisis better, as the Corona app could better track contact chains or contact those willing to vaccinate more quickly. The same applies to diseases such as cancer or dementia: If we want more effective research and treatment here, we have to feed the algorithms with clinical pictures, findings and analyzes. For these applications, however, an enormous amount of data is required - especially personal data.