Big data regulations should balance rights of individuals and enterprises

THE EUROPEAN UNION'S GENERAL DATA PROTECTION REGULATION, or GDPR as it is more commonly known, came into effect on Friday. Beijing Youth Daily comments:

The new regulation requires each EU member state to establish a special data supervisory agency to conduct monitoring and administration of the data-related operations of enterprises, and these new data watchdogs are comparable to proxies of individual citizens, who as owner of their personal data have absolute say over how their data is used. For instance, individuals can request the deletion of their data at any time.

However, while the GDPR protects the rights of individuals it imposes far more restrictions and duties upon enterprises, and may hamper the digital economy's development in Europe. The regulation expands the scope of what companies must consider to be personal data, and it requires them to closely track the data they collect. It is predictable that enterprises will face more resistance to profiting from personal data, which will slow down the development of relevant technologies and industries.

The GDPR applies to all organizations holding and processing the personal data of EU residents, regardless of geographic location. Many organizations outside the EU are unaware that the EU GDPR regulation applies to them as well. If an organization offers goods or services to EU residents, it must meet GDPR compliance requirements.

The regulation may have gone too far.

There should be a more reasonable balance than the one the new regulation strikes, which passes the buck to companies, so as to avoid stifling the burgeoning digital economy.

With the digital economy a robust driver of the Chinese economy, China should heed the downsides of the EU's new regulation, and better match the obligations and rights of individuals with those of enterprises.