We live in a digital world in which personal data has enormous economic value. Just look at the figures: while in 1993 the Internet carried only 1% of all telecommunicated information, by 2007, this figure was more than 97%. In 2011 the European market for cloud computing services had a value of €3.5 billion for software products and €1.1 billion for hardware products. Estimates for 2014 predict that this market will grow to €11 billion. This is exponential growth. With more than 1 billion people worldwide connected to smartphones, an increasing variety of data can now be linked to individual identities. The insights that can be derived from linking previously separate bits of data have become essential for business and for innovation.
Europe needs to take advantage of this new computing and information-sharing landscape. We need rules that don't penalise companies for working cross-border. We need a solid legislative framework that will protect citizens and at the same time allow companies to take advantage of Europe's digital single market, with 500 million potential customers. Some estimates show that EU GDP could grow by a further 4% by 2020 if the EU takes the necessary steps to create a modern digital single market.
These new business models depend on collecting, understanding and moving personal data. That is why the European Commission, the European Parliament and the Council under and the Irish Presidency of the EU are currently spearheading a reform of the EU's data protection rules which date back to 1995 – pre-Internet times. Our goal is to make the EU common market for goods and services, more accessible to businesses who process data and improve the trust and confidence of consumers who use their services.
The proposed EU data protection reforms will do three things to help business to innovate and contribute to growth:
First, it will cut costs and increase legal certainty by replacing the current patchwork of laws in Europe with a single uniform set of rules for all 27 European Union countries. We are cutting red tape by introducing a one-stop shop for businesses to deal with regulators. In the future, companies will only have to deal with the data protection authorities in the EU country in which they are based: one interlocutor, not 27.
Second, we should never forget that violations of data protection rules can have an enormous cost. Getting companies to think ahead about the need for data protection safeguards will reduce the risk. Making sure customers are notified fast when their data is hacked will generate trust. More people will do business online: good for growth and good for jobs. This is common sense.
Third, the new rules will provide clarity for international data transfers. Personal data can be collected in Berlin and processed in Bangalore. The new EU data protection rules will improve the current system of binding corporate rules to make these types of exchanges less burdensome and more secure.
The EU Data Protection reforms were discussed by Justice Ministers and Members of the European Parliament in Dublin two weeks ago. They received strong support, helping to accelerate the pace for getting this important reform agreed before the end of this year. The message is clear: a uniform and modern data protection law for the European Union is exactly what we need to secure trust and generate growth in the digital single market.