“The Mobile Century” è un forum unico, globale e multi dimensionale per immaginare leadership di pensiero sulla natura trasformazionale della tecnologia digitale su piattaforma mobile , in tutti i settori della vita e del lavoro.
I flussi di pensiero comprendono le sfide dell’innovazione, lo sviluppo economico e l’imprenditorialità, così come i progressi nella salute, istruzione, finanza, retail e governo. Il secolo del mobile andrà oltre l’approccio caratterizzato dalla raccolta dati per arrivare alle numerose sfide dell’era digitale, per individuare sinergie e opportunità di avanzamento in modi innovativi. Questa rubrica è stata lanciata da WebTimeMediain collaborazione con le Global Telecom Women’s Network durante il Mobile World Congress a Barcellona, alla presenza della Vice Presidente della Commissione europea Viviane Reding, la Presidente del GSMA, Anne Bouverot, ed il Presidente IFC della Banca Mondiale Jessica Rosenworcel e di Candice Jonson, presidente e fondatrice del GTWN che ne è animatrice e promotrice. Media Duemila proporrà i testi più innovativi lanciati dalle donne più influenti del mondo delle telecomunicazioni mondiali.
Ecco il discorso di Vivian Reding sulla protezione dei dati quale diritto universale. “I have in front of me many women who know how to run a business. Women who have been in the digital economy for long. Women who understand that trust in the digital economy is a condition sine qua non for market profits and economic success. Working, as you do, in an extremely fast-moving industry, it is probably hard for you to believe that two years after I first set out the European Commission’s plans to reform the EU’s data protection rules, they have still not been adopted.
That is the problem of the two speeds: the fast lane in technology, and the slow lane in political implementation. Politics is complicated. Top-down decisions are rarely on the agenda. The normal path is one of shaping compromises negotiated in endless discussion rounds. The Americans among you might be astonished to hear that the European Parliament is much quicker in its capacity to move than the Council of European Ministers!
EU Heads of State and Government have committed to a “timely” adoption of the new framework. But in real terms there has been little action.
It is up to Member States to deliver because Europe needs this reform. A reform that will at the same time strengthen citizens’ rights and help us complete our digital single market – in which businesses like the ones some of you represent can thrive.
1/Why the reform is good for business
You all know the enormous economic value of data. In 2011, the data of EU citizens was worth EUR 315 billion. This has the potential to grow to nearly EUR 1 trillion by 2020. You know better than me the potential of the digital economy for growth and jobs. Just take the apps business, 6 years ago it did not exist; now it is one of the sectors with the fastest growth curve. Last week a well-known company valued a messaging app. at an unprecedented level of 19 bn dollars! The app business is also flourishing in Europe: in 2013, developers earned EUR 11.5 bn making apps. And they can expect to earn up to EUR 46 bn by 2018. This business is creating jobs, just here in Barcelona for instance with the mobile app developer Golden Gekko that won in 2013 a number of prizes for best apps.
Yet, to fully unlock the value of data, we will have to ensure we have a true digital single market. The reform we put on the table two years ago does just that. It is a market opener.
Why? Because it replaces a fragmented and complicated regulatory framework with one clear set of rules. Today businesses are faced with 28 different national laws. Our regulation will establish a single, pan-European law for data protection. One law, not 28.
That also means that companies will in the future only have to deal with one single supervisory authority, not 28. This will make it simpler and cheaper for companies to do business in the whole of the EU – this will be especially important for smaller companies and start-ups, who will find it easier to break into new markets. The system will also benefit citizens, who, unlike today, will always be able to take their complaint to their local authority.
Within a single market for data, identical rules on paper will not be enough. We have to ensure that the rules are interpreted and applied in the same way everywhere. That is why our reform introduces a consistency mechanism to streamline cooperation between the data protection authorities on issues with implications for all of Europe. Internet services or smartphone apps do not stop at national borders. It is therefore often frustrating for citizens and businesses when they are faced with different regulatory decisions and different levels of protection concerning the very same service or application.
Our data protection reform is a building block of the digital single market. A single set of rules in a crucial sector, consistently applied.
2/The need to rebuild citizens’ trust
Yet opening the market and creating opportunities for business is only one side of the coin. The other is citizens’ trust. Only if people are willing to give out their personal data will companies reap the full rewards of our digital single market.
And here is the problem: at the moment, people’s trust in the way private companies handle their data is low. 92% of Europeans are concerned about mobile apps collecting their data without their consent – no wonder when you hear that the Angry Birds were spied upon… And 89% of people say they want to know when the data on their smartphone is being shared with a third party.
In fact, apps are services are often advertised as “free”. But they are not free. Citizens pay with their data – the currency of the digital economy.
Some say that this is a question of individuals’ knowledge – or rather lack of knowledge – being overtaken by technological change. But what does a citizen do when he or she understands, disagrees even, but cannot act? Let’s take a simple example. What happens when a citizen wants to play a game on a tablet. He or she has to pay for the app, but doesn’t want personal data, for instance location data, to be collected. He or she might also be spied upon. Often with applications, the rule is ‘take it or leave it’. That’s when trust evaporates. That’s when people feel forced to part with their privacy.
I believe that this is a question of individuals’ rights being overridden by technological change. That’s why it is important to put individuals back in control by updating their rights. Explicit consent, the right to be forgotten, the right to data portability and the right to be informed of personal data breaches are important elements. They will help close the growing rift between citizens and the companies with which they share their data, willingly or otherwise.
And people should see that their rights are enforced in a meaningful way. Take the change to Google’s privacy policy decided in March 2012. Several national data protection authorities in the EU found that this does not comply with existing data protection rules. Google has been sanctioned in two countries, France and Spain, and is under investigation in four other countries, including Germany. In Spain, Google was fined the maximum amount of EUR 900,000, while in France, whose data protection authority is one of the most feared in Europe, the fine levied was EUR 150 000, also the highest possible sum. Taking Google’s 2012 performance figures, the fine in France represents 0.0003% of its global turnover. For them, this looks more like pocket money than a fine.
We need to get serious. And that is why our reform introduces stiff sanctions that can reach as much as 2% of global annual turnover of a company.
Our reform will thus not only open the market to companies, it will also help them to conquer this market by helping to build citizens’ confidence. And what is more, strong data protection rules will also give companies with serious privacy policies a competitive edge. Trust is bankable. A survey carried out by the Cloud Security Alliance after the recent surveillance revelations found that 56% of respondents were hesitant to work with any U.S.-based cloud service providers. And the Information Technology and Innovation Foundation estimates that the surveillance revelations will cost the U.S. cloud computing industry USD 22 to 35 billion in lost revenues over the next three years.
Companies and politicians have understood this: data protection is a competitive advantage; a big tech giant just recently announced it will give its users the option of storing users’ data in Europe, where it’s safe. Chancellor Merkel and President Hollande have just announced they will work on a European capacity for digital storage.
Let me remind you that the European Commission is already active in this area: in September 2012 we presented a European Cloud Computing strategy to drive European business and government productivity and competitiveness via cloud computing.
I am personally very much in favour of the development of European clouds. Public authorities could stimulate this market as first mover by making sure that data processed by them are only stored in clouds to which EU data protection laws and European jurisdiction applies. For the private sector, such European clouds could become also attractive as they could advertise “These are European clouds, so your personal data is safe.” The new EU data protection Regulation that the Commission has put on the table in January 2012 is creating the necessary legal framework for this development.
3/ EU-US relations
But European solutions alone are not a panacea. We also need to work with our American partners. As many of you have travelled to Barcelona from the US, I will say a few words on the EU-US relationship in the area of data protection.
The Commission’s Data Protection proposals triggered a debate on privacy in the US. In March 2012, immediately after the Commission’s proposals were made, the White House said that it would work with Congress to produce “a privacy bill of rights”. The recent discussions in Congress testify to the growing importance attached to privacy in the U.S as well. The creation of a bipartisan privacy working group has given some impetus to the process. I hope that President Obama’s address on surveillance will also boost the process.
The problems the US will confront are similar to those I have mentioned in Europe.
An IPSOS poll released in January says that 45% of U.S. adults feel they have little or no control over their personal data online. In addition, there is also no single U.S. Federal law on data protection. Instead, a maze of State laws offers varying degrees of security and certainty. In Florida, not a single law lays down a definition of “personal information”. In Arizona there are five. The same goes for rules on security breaches. Some States have them, others don’t.
Given the significance of personal data for transatlantic trade, legislative progress on the U.S. side is important for Europe. The privacy bill of rights will form the basis of future transatlantic regulatory dialogue and cooperation.
In Europe, data protection is a fundamental right. It is different in nature to the tariff of a good or to the schedule of a service. That’s why a discussion on standards of data protection should be kept separate from the give and take of a trade negotiation. I am grateful to my colleague Karel de Gucht for saying that data protection is outside the scope of the Transatlantic Trust and Investment Partnership (TTIP).
And finally: We must make Safe Harbour safer – the scheme that is used by all major companies to exchange commercial data between the EU and US. The Commission has made 13 concrete recommendations. 13 ways to improve all aspects of the functioning of Safe Harbour. Let me put it simply: we kicked the tyres and saw that repairs are needed. For Safe Harbour to be fully roadworthy the U.S. will have to service it. This summer, we will see how well those repairs were carried out.
Conclusion
We want to open new growth opportunities that Europe needs, and at the same time, we want to make data protection an effective right for everybody. We will deliver effective, practicable and future proof data protection rules that enable growth. And I hope I can count on your support, too. To deliver what businesses want. To deliver what citizens want. And to bring European data protection rules into the digital age”.
