GDPR blocks growth opportunities 

The EU’s General Data Protection Regulation (GDPR) promised harmonised rules and a stronger internal market. In reality, interpretations vary between member states, and case law is inconsistent. Companies live in uncertainty about which rules to follow in which country and this undermines the competitiveness of the entire economic area. 

The obligations of the GDPR are in many respects overly detailed and rigid. Contractual requirements, the 72-hour breach notification, and unclear rules on anonymisation and pseudonymisation create extra bureaucracy without real added value for data protection. Supervisory authorities treat guidelines as binding regulations, leaving risk-based thinking aside. 

Excessively strict interpretations also prevent the use of data in healthcare, research, and new digital services. When pseudonymisation cannot be applied flexibly, innovation stalls and international cooperation dries up. For example, telecom operators have enormous opportunities to develop business by using pseudonymised data generated by their networks: mobility patterns could be used in urban planning, service capacity, or tourism development without compromising individual privacy. Current restrictive interpretations, however, make this nearly impossible. 

The situation is made worse by conflicts between the GDPR and ePrivacy rules, as well as by authorities’ low notification threshold, which burdens oversight and wastes resources. In addition, the sanction mechanism is unbalanced: companies may face heavy penalties, while the public sector rarely faces administrative fines, even though authorities handle massive amounts of personal data. This is neither acceptable for citizens’ legal protection nor for equal treatment. 

A correction to the GDPR is essential. We need more consistent interpretations, risk-based regulation, sanctions that also apply to the public sector, and proportionality – so that data protection genuinely works for citizens rather than stalling European companies’ growth and the development of new business models.