Pages

27 October 2023

Europe’s Tech Curbs Are a Double-Edged Sword

Jeremiah Johnson

In July, the European Commission released a new strategy agenda for the so-called metaverse. The metaverse is a broad grouping of immersive virtual reality worlds, where everything from work to gaming to socializing could take place. It’s widely seen as a giant flop right now, with only a handful of users registered even on the most popular platforms like Meta’s Horizon Worlds, and few practical applications.

Still, many in the industry are convinced the metaverse will dominate tech’s future, and it’s no surprise that states are jockeying for influence. But as with other technologies, Europe doesn’t seem capable of—or even interested in—leading in the actual technology around the metaverse. Instead, it is interested in leading the policy discussion, or the regulation of that new technology.

That’s a common dynamic on the continent—and in the United Kingdom. The U.K. is hosting a summit on AI safety this year, and British Prime Minister Rishi Sunak wants the country to be a world leader in “the governance of AI.” Of course, few of the most important AI firms—except Google’s DeepMind—are located in the U.K. The U.K. has little to no chance to lead in AI development, but it is eager to lead in AI regulation.

The European Union’s General Data Protection Regulation (GDPR), Digital Markets Act (DMA), and Digital Services Act (DSA) are all regulatory bills aimed at internet commerce and technology companies and have been described as leading efforts in their respective legislative areas. The EU is also trying to become the first entity to comprehensively regulate AI with its upcoming Artificial Intelligence Act. The EU’s practice of aiming for and achieving global regulatory dominance is so common it even has a name and Wikipedia page—the Brussels effect.

These regulatory efforts are shaped by the reality that Europe’s leading tech companies are essentially a rounding error compared to U.S. tech giants. The social media companies, retailers, software providers, and platforms that define our online existence are overwhelmingly American. This naturally raises a series of questions: Will Europe’s approach to tech regulation stop the continent from ever successfully building its own tech sector? And with bill after bill strictly regulating every area of the field, has Europe given up on even trying to succeed in tech?

It’s well known that the U.S. tech industry is larger and more influential than its European counterpart, but the scale of that dominance can be surprising. Of the 50 largest tech companies in the world, 36 are American. Ten are East Asian, and one—Shopify—is Canadian. Only three are European: France’s Schneider Electric, Germany’s SAP, and the Netherlands’ ASML. That level of dominance is just as stark in unicorn startups. Of the 51 global unicorn startups valued at $10 billion or higher, 30 are American and 12 are East Asian. Four are headquartered in the U.K., and only a single one is located in the EU.

It’s not for a lack of talent. There are plenty of Europeans who’ve founded successful tech companies—Stripe’s Collison brothers are Irish, WhatsApp’s Jan Koum is Ukrainian, Google’s Sergey Brin hails from Moscow. But all those founders moved to the United States before starting their companies. It’s not hard to figure out why. Atomico’s “State of European Tech 2023” report sizes the entire European technology industry at $3 trillion. Apple, at the time of publication, is by itself worth $2.7 trillion.

To be sure, the United States’ relatively laissez-faire approach to regulation has produced some disastrous results—from illegal collusion to hold down worker salaries to Facebook becoming implicated in genocide in Myanmar. There’s plenty of appetite in Washington for greater tech regulation.

But even then, Europe doesn’t offer a tempting model. The EU’s history of major tech legislation is littered with poor implementation and shoddy legal principles. Take the GDPR, implemented in 2018, which has been a disaster in practice. It’s best known for maddening cookie pop-ups that make little practical difference for privacy but annoy web users all around the world. Its “right to be forgotten” is a bizarre principle used to cover up crimes and remove bad reviews. And the GDPR’s regulation of data transfers borders on ex post facto punishment of previously legal practices. Meta was fined $1.3 billion under the GDPR for data transfer standards that were legal under the EU-U.S. Privacy Shield Framework but became disallowed after an EU court struck down that agreement.

Europe’s more recent bills don’t inspire confidence, either. Civil society groups are already sounding the alarm that the DSA could restrict freedom of speech with ambiguous and authoritarian “crisis mechanisms” for blocking content. French President Emmanuel Macron has already asked whether the DSA would allow him to block access to social media in response to civil unrest. European business leaders have also warned that the forthcoming AI Act could lead to an exodus of investment and talent and restrict economic growth, and industry experts have expressed concern the legislation may not even define AI properly.

Not to be outdone, the U.K. government has for years flirted with the absurd idea of banning encryption and recently passed the Online Safety Bill attempting to do just that. Banning encryption is one of the worst ideas regularly floated by legislators—universally opposed by technical experts and described as a “threat to human rights” that would “lower the security of the product” and “create more vulnerabilities that endanger the rights of all users.” The bill’s original legislative text was so untenable that major tech firms vowed to simply leave the U.K. market rather than comply, forcing a hasty rewrite and leaving the legislation a muddled mess.

The optimistic outlook is that Europe is simply overzealous in an understandable urge to regulate new technologies, and that poorly written laws will be refined over time in both practice and legislation. The more cynical, pessimistic outlook is that Europe has simply given up trying to win in tech and now only seeks to regulate and fine the United States’ tech giants out of a sense of ressentiment. After all, who do these EU bills largely target? The EU recently designated 22 “core platform services” under the DMA to be subject to strict oversight. Twenty-one of those services are American, with Chinese-owned TikTok as the sole exception.

There’s a chicken-and-egg dynamic here—American companies are the ones targeted by regulations because they are the firms that have succeeded and grown large enough to matter. The lack of significant European tech giants, then, is also one of the reasons the EU’s regulations are as harsh as they are in the first place.

No comments:

Post a Comment