The European Union's Data Protection Rules, known by the acronym GDPR, are one of the most significant and far reaching of Europe's technology regulations in for since twenty eighteen. It's been described as a gold standard for data protection, but has come in for criticism from the Trump administration for unfairly targeting American tech companies. The pressure from the US comes amid a drive in Brussels to reduce regulatory burden for companies,
which includes changes to the GDPR. The European Data Protection Board ensures consistent enforcement of these data rules across the twenty seven EU members, and its chair an It Talus, joins us from Brussels this morning for more and a good morning. Welcome to Bloomberg Radio. Now, this review process is underway for the GDPR, but you've argued against some of the changes to the digital rule book.
Why well, to start with, we also did see some of these such distance as a positive positive elements. The digital environment is getting increasingly complex and multi layered, so there are also increasing number of laws which regulate the digital environment. And it's not only about a question of the GDPR. It is also a question about the interplay with the GDPR and this other legislation, and there has been a call for simplification, and this is actually something
we quite well understand. And when it comes to making the legislative framework more simple, cutting the red tape, without touching the core of the GDPR, without touching the core of the values tried to protect with the GDPR, we have actually been quite open for the sugestence. But when it comes gets closer to the core of the GDPR, and this is what we think, when it touches upon the definition of personal data, then this is where we
see that it would, for example, create legal uncertainty. The suggest to amend the definition of personal data would go beyond the court's case law, and it would create a legal uncertainty. And I actually don't think that this would be beneficial for anyone. No one wants legal uncertainty.
So what's the risk then if these rules that that definition were to change, will people's personal data be at risk?
Well, it would most certainly create.
Well more.
Well, it would most certainly create legal uncertainty, So you would you would still need to find the stabilized interpretation for the new new definition. So I would say that that's the legal uncertainty is one of the core risks. At the same time, some of the data which is covered by the by the regulation for the time being
would not necessarily be covered then in the future. But now we also need to recognize that there is already a core ruling in place which has changed the current interpretation, and this is something we are implementing at the moment.
Do you feel that the Commission, with this proposal is bending to pressure from the United States to try and ease some of the regulatory burden that they've complained so much about.
Well, I think that it's important to note that there was the Drugging Report which also referred to the complexity in the digital legal framework. And like I said, the digital environment itself is getting more complex, and there is increasing number of different claws regulating this digital environment and different phenomen in the digital environment. So the interplay between these different legislations is getting increasing increasingly complex as well.
So there has been a call for the simplicity, for the simplification, and actually we the regulators, we have also taken some measures to answer these concerns.
Part of the conversation that's had around this is whether regulation can keep up with technology, or whether actually we're starting innovation by regulating too much. Is this an example that you see of that happening, where as you say, the environment's changing, but the rules seem perhaps out of.
Data when the environment is changing. I think it's important to recognize that, for example, GDPR, it is technology in nutural, so many of its provisions do actually fits are applicable also in new emerging technologies. But of course it takes some time to see how the rules are applied in the new technology. So there is constantly new new scene, new technology. I think that this is very very characteristics for the implementation of the Data Protection Loan. You're always
facing with new situations with the new technology. It's not only the new legislation, it is the new technology as well.
But of course another new element to this is the continued pressure from the Trump administration. If complained publicly and repeatedly about European technology regulation, Are the regulators that you work with across Europe feeling extra pressure from the United States?
Well, we the regulators. Well, I think that you also properly know that's the level of independence of the regulators. It's actually quite high. It's enshrined in the Charter of Fundamental Rights, and the regulators are really making the decisions outside of any political pressure. And we are also we
are also investing gating European companies. It is not only to US companies the regulators are investigating and focusing on the data protects and authoritis are are equally equally equally investigating European companies.
So is the criticism that unfair that the US companies are being unfairly targeted?
I do think that that's inaccurate. Yes, I definitely think so.
I mean, MEPs have raised also concerns about the data sharing agreements between the US and the EU. I wonder do you share any of their concerns about the change rules that we've seen in the US and how that will affect European consumers data well.
When the current data privacy framework was put in place with the European Data Protects on board and European Data Products Products and Supervisor, we did give our opinion in the in the context of the of the procedure or putting putting it in place, and in our opinion we set a lot of emphasis on the judicel remedies and the red dress mechanism and these are, of course something what we will be also focusing on when there will be the bi annual review, time for the bi annual
review and then other than that, it is the European Commission who monitors the Data Privacy Framework