Pär Nygårds, Industry Policy Expert TechSverige

Debate: IT & Telecoms: Put the brakes on GDPR

Data Digitization Integrity

GDPR is basically sound, but now we need to stop and focus on long-term sustainability in order for the full potential of digitization to be realized, writes Pär Nygårds, business policy expert at IT&Telekomföretagen.

It is necessary to be very cautious about further legislation on data protection. Everyone processing personal data is now facing a major transition and struggling to adapt to the new rules of the game, but if further legislation is put in place before a proper assessment has been made, productivity, jobs and ultimately the well-being of society are at risk.

GDPR will protect privacy

It can't have escaped anyone's attention that the GDPR, or General Data Protection Regulation, came into force on May 25th in Europe. As a result, everyone's email inboxes were filled with information from various companies about how they will change their policies and adapt to the new legislation. The GDPR is meant to protect the privacy of individual citizens, essentially giving them more control over their personal data. As a result, those who handle personal data have a much greater responsibility, and breaches can result in hefty fines.

Healthy but costly

The legislation is fundamentally sound, but costly. The fact that companies and organizations have to spend countless man-hours implementing it is partly self-inflicted. In some respects, collecting or storing personal data has gone too far in the past. However, now the storage of personal data, without
a clear purpose, will become illegal.

At the same time, the digitisation of society has made data increasingly important - it has become a critical resource. The collection, storage and processing of different kinds of data is of great benefit to business, and ultimately contributes to the well-being of society. Some even call the digitized modern economy the data-driven economy. This is because when businesses are empowered to collect data, it can be used to build better, safer and cheaper products and services. Therefore, it is also in the interest of individuals to disclose information about themselves.

Long-termism

While managing personal data is a privacy issue, as the GDPR suggests, it is also a necessity to take full advantage of the
opportunities of digitization. Which is an explicit goal in the government's own digitalization strategy. If this is to be possible, long-term sustainable rules need to be established. Here, our elected representatives have a great responsibility to make complicated but necessary trade-offs. Privacy protection must not become a wet blanket on growth, new jobs and, by extension, our welfare.

It should therefore be in the interest of the government and Sweden to slow down further European legislation, until the GDPR and its societal effects
have been properly evaluated. This is urgent because new European laws are in the pipeline, including the so-called ePrivacy Regulation, which is intended to protect personal data in electronic communications.

Hurry up slowly

Within the EU institutions, there is now an inherent pressure to take decisions at a rapid pace. It is therefore important to be both vigilant and restrictive. It is crucial that the laws and regulations now being developed are sustainable, and allow companies to handle data in a balanced way, so that it is possible to take advantage of the opportunities of digitalisation in Sweden as well as in the rest of Europe. Therefore, hold the reins!