How GDPR kills innovation economy
May 25, 2018 entered into force General rules on data protection (GDPR) of the European Union. It is possible that the readers already know about the GDPR, but if not – then this is the most important legislative framework to regulate the use of the data for the last time.
Not only every company dealing with EU citizens must comply with the GDPR, but most large Internet companies (such as Google, Facebook, etc.) has already announced that it intends to export “spirit” GDPR to all its clients, regardless of their physical location. Given that most governments still don’t know how to treat the data as a social or legal asset, GDPR is probably the most important new social contract between consumers, business and government in the history of the Internet. And, in order to evade significant, I think it’s bad for almost all Internet companies, except the largest.
This is quite a serious statement, and I’m not ready to defend it fully, but I want to explain why I came to this conclusion. However, the first is to present the fundamental principles driving GDPR.
First of all, this law is a reaction to what many have called the “surveillance capitalism”, the business model, largely (but not entirely) driven by the development of digital marketing. Everyone is familiar with such complaints: corporations and governments collect too much data about consumers and citizens, often without our direct consent. Our privacy and the “right to be let alone” under threat. Although we are not one year broke with this hand (I started thinking about the “database of intentions” back in 2001 and proposed a “bill of rights for data” in 2007), namely Europe, with its own history and particular sensitivity, was finally taken significant and decisive action.
Although capitalism observations can best be understood as a living system – an ecosystem consisting of many different parties – there are three main players, if we talk about the collection and use of personal data. First, it is Internet giants – companies like Amazon, Google, Netflix and Facebook. These companies are a favorite of most consumers, almost entirely driven by his ability to turn the clients into data that massturbate and used to support their business models. These companies can best be understood as “large-scale first-party” – they are in direct relations with customers and, because we depend on their services, can easily get our consent to use our data. Ben Thompson calls these players “aggregators” – they are aggregates powerful direct relationships with hundreds of millions or even billions of consumers.
The second group is thousands of players in the field of advertising technologies, often visualized on maps LUMAscape. These are companies that grew up in intricate, primarily the open wilds of the world wide web, mainly in the service of the digital advertising business. They collect data on consumer behavior on the Internet and sell this data to marketers amazingly diverse and complex ways. Most of these companies are not in a direct relationship with consumers, are “third parties” – they collect data, with the relationship with the first small-scale parties such as webmasters and application developers. The whole ecosystem lives in precarious and weaker position in comparison with the first large-scale parties, such as Google and Facebook, which, undoubtedly, has consolidated power in the digital advertising market.
Some say that companies like Netflix, Amazon and Apple are not advertising driven model and is therefore free from the adverse effects inherent in such players as Facebook and Google. In response to this argument I will gently remind readers: – “first party” use personal data to support your business, regardless of whether the is their main channel of income. And when companies are using data, computing power and algorithms to determine what you may or may not encounter in their services, there are many both positive and negative consequences.
The third player is, of course, the government. Governments collect lots of data about its citizens, but, contrary to our fantasies about the American intelligence apparatus, they are not so good in using these data as corporate players – first and third parties. In fact, most governments are heavily dependent on corporate players to understand their controlled data. This relationship is a separate story, which I’ll take on another time. Suffice it to say that governments, particularly democratic, act in a thoroughly regulated environment, if we talk about how they can use the data of its citizens.
But until recently, enterprise first and third parties could practically do with your data whatever. Largely driven by the us philosophy of “hands off the Internet” – which I was fully agree to the consolidation of the Internet oligarchy, a Corporation governed primarily by the terms of service and end user license agreements are rarely read legal agreements give corporations a comprehensive control over the use of customer data.
With effective from 25 may GDPR, everything changed. The regulatory authority is responsible for putting it into effect, outlined seven principles covering the integrity, use, storage, accuracy, accountability etc. are All important, but I’m not going to go into detail in this article (it is already happened long). The real importance is the following: the intention of the GDPR is to protect the privacy rights of consumers against capitalism observations. But the reality of the GDPR, as in almost any comprehensive regulation is such that it favors the first large-scale parties, which can easily obtain “consent” of the billions of consumers that use their services, and poses a significant threat to the ecosystem of the small-scale the first and third sides having fragile or short-lived relationship with consumers whom they serve indirectly.
In other words: you are more likely to click “I Agree” or “Yes”, when did you and your regular dose of dopamine from Facebook will pop up a form GDPR. But you are unlikely to do the same thing when some small webmaster you will be asked to give consent in a letter resembling spam.
A great example of such inequality of forces in action: Facebook runs on its platform third party data providers after the scandal with Cambridge Analytica, whether referring to the GDPR to consolidate their power as large-scale first hand. In short, because they have the scalability, resources and direct relationships with users, the first large-scale parties can benefit from GDPR to expand their power and further protect your business from smaller competitors. Innovation ecosystem loses and technological oligarchy increases.
I have long felt that innovation closed walled aggregators – it’s awful. They are deprived of public network the most important for growth: data, attention and income. In fact, almost all of the “innovators” of the open web in one way or another are in bondage to Amazon, Facebook, Apple and/or Google – they depend on them in terms of advertising services, ecommerce, processing, distribution and/or income as such.
Until now, according to preliminary results, it is obvious that GDPR, despite good intentions, has brought a large and unexpected consequences: rather than limiting the scope of the most powerful players in the data world, he actually achieved the opposite effect.