After seven years of experiments, illusions and regulatory rigidity, Brussels finally seems ready to recognise what many in the European technology sector have long argued: the GDPR, in its current form, has been a powerful brake on development and innovation. And perhaps, ‘killing it’ – or rather, radically reforming it – would not be such a bad idea.

As Ole Lehmann, European analyst and critical voice of current regulations, pointed out: ‘The GDPR paralysed innovation in Europe while the US was building, scaling and conquering our market. This new course could represent the end of a long and paralysing regulatory winter for the European technology ecosystem.

Read also: European economic suicide, and how to be reborn

The General Data Protection Regulation (GDPR), introduced with great expectations in 2018, was supposed to protect citizens’ privacy and create a more level playing field. But the results, on balance, were quite different. The balance sheet? Crushing for startups, insignificant for American tech giants, and disappointing on the privacy protection front itself.

An advantage for the American giants

According to research conducted by the National Bureau of Economic Research (NBER), the introduction of the GDPR has caused an 8% drop in profits for small European technology companies, while American multinationals – such as Google and Meta – have easily absorbed the costs of compliance. In other words, Europe has offered its market to the overseas giants on a silver platter.

Indeed, the regulatory burden of GDPR has required companies to equip themselves with expensive legal teams, implement complex consent management mechanisms, comply with often opaque data movement rules and face the constant threat of fines of up to 4 per cent of global turnover. Unsurprisingly, many start-ups have given up growing or even closed their doors.

An economy of fear

To make matters worse, a veritable ‘compliance ecosystem’ has developed, made up of consultants, law firms and professionals who have thrived on the complexity of the system, often to the detriment of the very innovation that Europe would like to promote. The result? Fewer apps, less competition, less ability to compete with the US and China in the key sectors of the future – from artificial intelligence to biotechnology.

The paradox is obvious: a regulation that was created to rebalance the market has ended up distorting it further, fuelling a bureaucracy that has stifled the dynamism of younger companies.

Brussels changes course

But now something is moving. The European Commission has announced a plan to radically simplify the GDPR, aiming to:

– reduce the burden on small and medium-sized enterprises;

– clarify the conditions for legitimate use of data;

– simplify cross-border transfers;

– make the required documentation less onerous;

– adopt a more proportionate approach to sanctions.

This is an important step change, which fits into President Ursula von der Leyen ‘s broader plan for Europe’s ‘competitiveness compass’, an initiative to reduce regulatory overload and boost innovation.

Even Mario Draghi, Italy’s former Prime Minister and a key figure in the European competitiveness debate, emphasised the need to lighten the GDPR to give SMEs breathing space and boost competition.

An opportunity not to be missed

Revising the GDPR does not mean abandoning privacy protection, but recognising that data protection cannot become an economic boomerang. Europe can no longer afford to lag behind: if it wants to become a leading player in innovation again, it must free its businesses from the regulatory shackles it has forged.

This new course could represent the end of a long and paralysing regulatory winter for the European technology ecosystem. It is time to give oxygen to those who want to build, innovate and compete. And perhaps, yes: ‘killing the GDPR’, in its current form, could indeed be the best decision taken by the European Union on digital matters in recent years.