Internet or Splinternet? The Consequences of European Tech Sovereignty
Sitting atop resounding commercial success in the domestic as well as the global marketplace, the CEOs of four U.S. digital behemoths appeared last week before the House of Representatives to respond to public and congressional concerns about market domination.
The size and success of these champions, under fire for lack of transparency and anticompetitive practices, have triggered similar, more exaggerated concerns in Europe, which are playing out in a frenzy of proposed rulemaking at both the Commission and member-state level. As Congress probes the market behavior of U.S. digital companies, it is important for U.S. legislators to consider parallel rising pressure for digital and industrial protectionism in Europe, particularly in Germany and France. This flurry of regulatory activity endangers transatlantic data transfers—the lifeblood of many innovative U.S. firms—and will hurt U.S. business success globally while simultaneously distracting both Europe and the United States from the broader threat posed by China’s authoritarian state capitalist system.
Many Europeans are deeply worried about the continent’s ability to compete long term in the global digital economy, given its challenges in developing competitors to the U.S. and Chinese tech giants. Yet European economies have tremendous strengths—highly educated workforces, depth in engineering, advanced technologies, and a leadership role in a host of industries that are rapidly digitizing, such as agriculture, infrastructure, transportation, logistics, manufacturing, and knowledge-intensive services, for example, financial, business, environmental, and engineering services. Constructing new European regulations for the digital era should be guided first by the do no harm warning.
The United States and Europe share an interest in piloting, investing in, and leveraging disruptive technologies like artificial intelligence (AI), blockchain, and the Internet of Things in these key industries, and liberalizing market access for services in emerging markets. The United States and Europe can also work together to ensure firms and workers in more underserved and remote regions are able to apply technologies, access educational and training opportunities, and increase productivity. But improved transatlantic cooperation in supporting innovation, productivity, consumer welfare, and sustainable job creation in a flourishing transatlantic digital economy, under an open and free internet architecture, seems all the more remote in light of where European regulators say they are headed.
The Commission released a series of documents earlier this year outlining Europe’s regulatory future, including a White Paper on Artificial Intelligence, a Communication on European Strategy for Data, and a framing paper related to Shaping Europe’s Digital Future. These documents and many more speak to the European desire to achieve “digital autonomy” and “tech sovereignty” through an array of regulatory and tax changes aimed at nurturing indigenous tech firms, developing independent European data pools, and tamping down on large, innovative foreign firms offering attractive digital services to European consumers.
Following the General Data Protection Regulation (GDPR) model of being the first mover with comprehensive regulation, the Commission is taking aggressive aim at being the preeminent “global standards setter” in AI. The European Union’s heavy-handed preliminary proposal for AI regulation diverges sharply from the U.S. approach. In its white paper on AI, the Commission has proposed ex ante conformity assessments to control access to the EU market for AI applications originating outside of the EU. That would likely require a new framework with criteria, benchmarks, and standards that European authorities will use to determine if an AI product is “trustworthy, secure and in respect of European values and rules” before it is allowed entry into the European market. This approach could include a pre-market review by EU authorities of algorithms, training data, documentation on programming, and how the system was built, as well as accuracy tests and other requirements.
Also under consideration are data quality and traceability requirements that would require non-EU firms to train AI applications on GDPR compliant data, an extraterritorial regulation that seemingly would burden U.S. firms with requirements to completely retrain many proprietary algorithms developed in the United States with new data sets as a condition of market access in the European Union.
Unlike its inaction in the area of federal privacy regulation, which has allowed Europe to set a de facto global standard, the United States has led an international, cooperative effort through the G7 to reach common standards in the challenging area of AI research and development. A coordinated interagency team in the United States focused on AI regulation and emerging issues makes transatlantic collaboration is this new regulatory space a possibility.
New Activist Competition Measures
In a February 4, 2020, letter to Commission Executive Vice-President Vestager calling for more activist competition policy, France, Germany, Poland, and Italy describe their two overarching goals: (1) moderating competition emanating from “state-backed and subsidized” foreign competitors (e.g., China); and (2) controlling “emergence of large players in the digital economy relying on the accumulation of data and unparalleled network effects resulting in . . . excessive market power.” (e.g., large U.S. and Chinese tech companies.) The four European governments advocate for policies to tackle the “digital platforms with paramount importance for competition,” saying that these firms should be subject to “specific scrutiny” in Europe and an enhanced regulatory framework.
In different EU jurisdictions, competition authorities are increasingly weaving the precautionary principle into regulation of technology markets with the idea that new ex ante rules should be imposed ahead of any actual anticompetitive behavioral violation. Legislation pending in the German Bundestag is in this vein. For its part, the French government has put forward a legislative proposal to regulate “systemic platforms.” Under the French plan, competition regulators would be authorized to surveil and block planned acquisitions of European tech startups of almost any size.
Also, there is pressure on Vestager to address Europe’s long-term industrial challenges in other sectors. Member states are pressing for a revamp of competition, merger control, and state aid rules through the adoption of new guidelines governing horizontal mergers and updated definitions of relevant market concepts. Details of these proposals are still forthcoming.
Describing her guidelines for the European Commission, President von der Leyen has instructed Thierry Breton, the commissioner for internal market, to put into place the right framework to allow Europe to enhance its “technological sovereignty.” In her program, she writes, “we will invest in blockchain, high-performance computing, quantum computing, algorithms and tools to allow data sharing and data.” She has directed him to define standards for 5G networks and other new generation technologies and has given him authority to lead a European approach to artificial intelligence and a strategy on data.
Digital Services Act
The Commission is drafting a new Digital Services Act (DSA) to update the landmark e-Commerce Directive from 2000, which set rules for online safety and liability of online intermediaries for third party content. Addressing all digital services, as well as digital platforms, the DSA is expected to address difficult questions regarding hate speech, disinformation, certain advertising on social networks, and election tampering. In addition to major changes to the EU’s intermediate liability framework, the DSA is expected to include new rules on use of data by online platforms, new transparency requirements for algorithms, and possibly the establishment of a regulatory body to monitor the activities of online firms. Many member states are also increasing liability risks and imposing content monitoring requirements for online communications. Gauging the potential impact of these proposals on U.S. business interests has so far not been of perceptible concern to Congress or the administration who are enmeshed in the domestic debate on similar themes.
European Commission officials are clear about their goals for achieving “tech sovereignty” through a new regulatory framework for the European digital economy. But these aspirations, couched in protectionist rhetoric, should be balanced against the need to avoid a balkanization of the internet and a further dampening of the environment for innovation in Europe. Fragmentation of the internet is not good for European companies, not good for U.S. companies, not good for governments on either side of the Atlantic, not good for economic growth generally, and not good for the internet.
The recent decision by the Court of Justice of the European Union (CJEU) to invalidate the 2006 U.S.- EU Privacy Shield has thrown transatlantic data flows once again into an unnerving state of regulatory uncertainty. But the decision is a reminder that the United States and the European Union can reach negotiated understandings on sensitive digital economy issues and have done so in the past, with the Privacy Shield and the Safe Harbor before that, even as negotiators appeared oceans apart and faced multiple setbacks, including several previous rulings by the CJEU.
Bilateral negotiations will be necessary to once again resolve the transatlantic impasse on privacy, but they offer the chance to hammer out a better transatlantic partnership in the commercial digital space that can be geared toward aiding a climate for innovation in Europe. When strategic considerations are taken into account, a partnership based on the principles of democracy, transparency, privacy, and individual liberty, which Europe and the United States share, would stand as a healthy contrast to China’s approach to privacy, AI regulation, competition policy, and free speech on the internet.
Although not the topic of last week’s headline grabbing congressional hearing, any active reset of U.S. antitrust policy should take into account the aggressive regulatory trends in Europe that threaten to stifle innovation there while unfairly targeting U.S. national champions.
Meredith Broadbent is a senior adviser (non-resident) with the Scholl Chair in International Business at the Center for Strategic and International Studies in Washington, D.C.
Commentary is produced by the Center for Strategic and International Studies (CSIS), a private, tax-exempt institution focusing on international public policy issues. Its research is nonpartisan and nonproprietary. CSIS does not take specific policy positions. Accordingly, all views, positions, and conclusions expressed in this publication should be understood to be solely those of the author(s).
© 2020 by the Center for Strategic and International Studies. All rights reserved.