Data Protection fit for the Startup Age

By SME Europe

SME Europe of the EPP was delighted to host a Working Breakfast titled: “Data Protection fit for the Startup-Age”. The Event focused on the correct implementation of EU legislation in this field and whether it is suitable for the requirements of European SMEs and more specifically, startups.

Michał Boni MEP welcomed SME EUROPE and the cooperation partner Allied for Startups, as well as the Polish start-ups and all other speakers and participants. Mr. Boni explained that the implementation of the Data Protection Regulation itself is just the beginning of a long “to do list” which should be seen as an opportunity for Start-ups and SMEs to build a relationship of trust between the businesses, consumers, and policy makers. He supported startups by classing them as the creators of new innovative business models of the future, and sees this as a great opportunity for further legislative harmonisation.


Honorary President of SME EUROPE, Dr. Paul Rübig MEP, made his own welcome remarks and added that the aim should be to create a capacity in which NGOs can make their voices heard on such important matters. He sees this birth of the startup culture in Europe as a revitalized way in which to take the European economy to new bounds by cutting the red tape of unnecessary bureaucracy and avoiding the hindrance of business development.

Lenard Koschwitz, Director of European Affairs of Allied for Startups led the formal introduction by presenting the functions of Allied for Startups and how they act as an umbrella corporation of startups, who´s aim is to commence dialogue between the startups and policy makers. Mr. Koschwitz is a passionate believer in the idea that data is now at the core of startup growth and development, and also highlighted that the privacy of data is also essential, agreeing wit Mr. Boni´s statement of building a relationship based on trust. He is convinced that this change in regulation is hugely beneficial to startups and SMEs in order to set up an effective dialogue between stakeholders and policy makers all the way through the implementation phase. He raised practical matters and questions surrounding the impact assessment; including the delay a consultation period may cause, to which he suggested the introduction of a “sand box” mechanism in order to separate running programmes.


Honourable speaker, Giovanni Butarelli, the European Data Protection Supervisor sees this new piece of legislation as revolutionary in reinstating innovation to the European Commission. He expects GDPR to act as a real catalyst to both this issue and European economic growth. He then went onto matters of privacy and how the issue of privacy design versus privacy by default needs to be developed so that everyone in the relevant markets complies with this new framework whilst refraining from harnessing creativity. He added as a closing remark that dialogue must also be pursued on a national level as well as the EU level.


The Keynote speeches were commenced by Kamil Kiljanski, the Chief Economist at the European Commission for DG Growth, Internal Market, Industry, Entrepreneurship and SMEs. He focused on how SMEs are treated by GDPR, and explained how he feels that there is always a tradeoff between data protection and innovation whilst innovation itself remains an unmeasurable commodity. Mr. Kiljanski made the point that machine to machine communication is responsible for vast quantities of data, whilst he questions who is liable, and who owns the streaming platforms. He is convinced that the more protection introduced, the more barriers go up for startups. As a result, startups are treated on an exceptional basis, this is because designing rules for startups must be done very differently. As a closing remark, Mr. Kiljanski said that there must be room in this trade-off for innovation, he also believes that more risks need to be taken in the policy development stages in this area.
Mrs. Kruczkowska, CEO of Startup Poland explained how her company aims to act as a single point of contact for policy makers and the company ambassadors who represent the Polish startups on a regional scale in Poland. She explained that she felt data protection is not momentarily fit for startups as it seems to be developed as a “one size fits all” framework, which is costly and ignores the varying needs of different startups while, as already mentioned, the consultation period lasts too long. Mrs. Kruczkowska suggested that regular dialogue is the only way to iron out these difficulties.


Richard Thomas, Global Strategy Advisor at the Centre for Information Policy Leadership opened the Impulse Statements by explaining how he felt SMEs and startups can inflate the risks for consumers as well as being at risk themselves. He agreed that the “one size fits all” approach is certainly not possible, but is convinced that there is lots of flexibility in the legislation. He noted that parts of the legislation are indeed far too complicated and are not tailored enough to the needs of SMEs and startups. Mr. Thomas is also convinced that through dialogue, there is plenty of scope for developing this piece of legislation suitably for everyone.


Natalia Krzeslak, Head of Legal Affairs at Algolytics.pl started fueling discussion further by asking how exactly the regulations will work in the future, and what effects it will have on the startups in terms of cost. She felt that speaking about implementation on paper is all well and good, but trying to create a feel of what this may be like in reality for SMEs and startups in the future remains a hefty hurdle.


Piotr Slomian, CEO of Telemedi.co highlighted his thoughts by showing his support for development of legislation by explaining how the new regulation will allow more international cooperation whilst making it easier to acquire new customers. His fear, is that the costs will be too high, which is a danger facing all startups which can potentially prohibit their existence.


After the Impulse Statements, the event moved to a brief discussion phase which included questions on external cooperation with eastern European countries such as the Ukraine, and creating awareness for startups lacking legal expertise. Mr. Butarelli answered the latter by making the suggestion that as well as being on the receiving end of legislation, startups should take the opportunities to involve themselves in finding solutions through dialogue with policy makers, so they become directly involved. Mr. Boni addressed the former by explaining his personal work on digital partnership schemes with Ukraine which should allow greater cooperation in the future.