Thank you for hosting me again at your great Institute.
I am here to discuss with you the EU-US cooperation in the wake of a tech revolution. On both sides of the Pond we face similar problems and have a similar challenge to find the right answers.
Digitalisation has changed our lives beyond recognition; it has revolutionised the way we work and travel, the way we learn about things. It offers no doubt many opportunities for society and for economic innovation.
But recently, we have become acutely aware of the challenges that digitalisation and technology can pose to the rule of law, democracy and fairness. Regularly we see shocking revelations, whether in relation to Cambridge Analytica, foreign meddling in elections or security gaps in critical infrastructure like 5G. And I see that more and more politicians in the U.S. are starting to ask difficult questions: are the tech giants too big to handle, should they be broken up, are our competition rules up to speed with today's reality, do we have tools to protect our privacy?
I came to the US to share a European view on some of these issues, but also with a strong call to our American allies that it is time to shift up the gear, to work together and to become global rule maker, rather than wait on the sidelines and become a rule taker.
Before I elaborate briefly on these points, I wanted to share two small personal remarks, because they will help you to understand what drives my actions.
First, a small confession. I wouldn't describe myself as a coder. And I even deleted my Facebook account a few years ago because I felt it had become a place for hatred.
I am a sociologist and a lawyer by training and this background is shaping my views and my actions on the tech revolution in general, and on the Internet in particular.
As a sociologist I am mindful of the effects digitalization and social media have on our society.
As a lawyer and EU Justice Commissioner, I am focusing on equality before the law and legal protection of the people and our values. My mantra is what is illegal offline should be illegal online.
And the second thing I wanted to tell you is that I don't have a knee-jerk reaction that regulation is the best way to solve all the problems. I am a fan of a more light-touch approach.
To me the main question is not to break up Facebook or not. The big question is how we can maintain our values and export them to the new digital age.
Let's start with Europe's response.
First, despite all the changes, I think we want to maintain who we are. Modern Europe, like the United States, has been built on a solid foundation of democracy, freedom, fairness and the rule of law.
Digital or not - for values this should not matter. Technology is a means to an end, not an end itself. It should serve the people.
Yet, many of the tech champions were labelled as the disruptors, sometimes disregarding even those core values.
The only long-term solution I see is for a democratic society to reassert control of this process and put people at the centre of the technological revolution.
In Europe, we wanted to create a regulatory floor to help people gain more control and to make choices.
The key element of this regulatory floor is our new data protection legislation, the GDPR.
Now, the GDPR is almost one year old and the first conclusions are that it is working well. We are starting to see positive trends when it comes to innovation and data security or when it comes to citizens making use of their new rights, for instance data portability.
This was not a foregone conclusion as I still recall the first reactions, many of them from the U.S., that privacy is a European obsession, that in the age of social media privacy is obsolete. Today we hear from those social media that they would welcome a GDPR standard globally, and that they want even more regulation. What a difference a few years can make.
Here is why I think GDPR works. The GDPR is based on simple principles: it is a “federal” law with a core set of rights and is enforced by independent authorities. The advantage of this approach is that it creates the same rules for businesses in the biggest single market of 500 million consumers. Hence, it offers an easy way to move data between each other.
Despite criticism, none of the then 'doom and gloom' scenarios have materialised. Companies report that it was an opportunity to put their house in order when it comes to the data they hold, and increase its security. It also helps them develop more trustworthy relationships with their customers and offer innovative, more privacy-friendly services.
Online content and responsibility of platforms
But legislation is not the only thing we do. When it comes to online content, we wanted to preserve the broad freedom for platforms to operate, but we also wanted them to start fixing the problems, they themselves helped to create.
We adapted our response to different types of content. The bigger the potential harm for the people, the faster and stronger the reaction should be. Terrorist content and child sexual abuse images are the biggest threats. On terrorist content we proposed legislation.
Then, for illegal hate speech that is banned in all Member States by European law, I worked with platforms on the voluntary Code of Conduct to ensure that the rules that apply offline are also respected online. And we achieved good results quickly.
On disinformation, we take a more nuanced approach. In self-regulation we focus on transparency. In parallel we create networks of fact checkers and systems to be able to detect massive fake news campaign fast and to react, And more long term, we invest in media literacy in education and in support for independent quality journalism.
When it comes to Artifical Intelligence, we want to support it, but ensure that it benefits people and eliminate bias. That's why just earlier this week we have proposed an ethical human-centred approach to AI. We have to find a way that AI as a technology will be a force of good rather than multiply bias.
Learning from the case of the US elections but also in Europe, we are also now working with platforms on a voluntary basis to inject more transparency to election campaigns online. They cannot be a black hole with no information on who stands behind an ad and who paid for it. Debate in a true democracy is transparent. And this must include political advertising in social media. Otherwise, we become vulnerable for possible manipulation, including by foreign actors.
Today, the US and the EU are facing similar challenges. It would make our response much stronger if we came up with similar solutions.
To simplify, today I see two camps, globally: a people-friendly camp that understands that we should have more control over our data including in the online environment. A camp that shares the view that all players, including governments, have to respect limitations when it comes to the processing of personal data and be transparent. Europe is a proud member of this club because it is based on our values; on who we are.
And there is the other camp that has a lax approach to privacy, prioritizes uninhibited and uncontrolled access to data in the name of business or government interests.
I would want the US to join us in the first camp and to build on our successful privacy work, for instance in the Privacy Shield. It's time to work together , also with Japan and others like minded allies, on setting the global standard and leading the way. I believe this is the right moment to build a global coalition and promote secure flow of data and people-friendly tech, based on trust and respect of strong privacy rules.
Europe will be going through a political transition this year, starting with the European Parliament elections and then, towards the end of this year, with a new European Commission with new ideas. And I am sure that the response to tech challenges will be high on the agenda.
Second - we should focus on independent ethical evaluation on the impact of the tech innovation on the people and our lives. We should not aspire to become the next episode of the Black Mirror TV show.
Third, we should think how to implement the 'values by design' approach by companies. This would mean for example ensuring that programmers think from the start of building algorithms about how this could affect our fundamental rights.
Fifth - resist temptation of over-regulation. Rather we should look into adopting the existing rules on for example, product safety, data, discrimination or cars to take into account new developments, e.g. in AI.
Sixth - we have to find a way to allow start-ups to innovate and to grow. Help them to find the smart money. We could think of lessons we learn from the fintech industry and think of regulatory sandbox for start-ups.
The way we shape our societal and political response to tech revolution will influence the next generations. I want to see Europe and America working together because we are democratic societies built on similar values, and we are exposed to similar problems.