The current state of transatlantic relations in the field of digital trade is unclear. For companies and consumer this is an unacceptable and difficult limbo state to be in.
Digital trade is crucial for nearly all firms, from large multinationals to small businesses that rely on online platforms to connect and trade with customers around the world. But more than anything, digital trade is about the consumer. Customers bought product, consumer use them and engage with them in a way that is much more interconnecting. Companies and consumer have a close relationship – closer than ever before. Consumer share their most private habits with companies. Here differing approaches for consumer protection across the Atlantic can create a disconnect between the consumer, the user of a product and the elite, the company. This disconnect can lead to distrust and ultimately a society which sees itself further and further removed from digitalisation and instead of feeling empowered, they will feel sceptical of it. This can ruin the potential of future trade agreements as a policy tool and stifle innovation on both sides. In order to close this emerging gap and regain trust in companies, the US and Germany can come together to update their laws and regulations around consumer protection and make them more inclusive. This is a team effort if both governments want to see their companies thrive and consumers happy.
To illustrate this, let’s look at anti-spam legislation which regulates information services provided by companies across the Atlantic. Most were passed nearly two decades ago and have been updated only sparsely since then in the EU and the US.
As a German consumer you are given the theoretical option by law to opt-in to receive personalised information services from companies. In reality though this opt-in becomes an opt-out or a no option at all. Although laws clearly define what companies have to do, consumers do not know what their rights are when it comes to using services from a US company and how they can enforce them. Why is that? Take three different companies and they all do their newsletter sign up differently, the rights and use of data are hidden. For a consumer that makes it complicated. Which is the right one and where do I have to look to see what is done with my data? For example, a US company operating in Germany and which uses a DE domain, let’s consumers only receive personalised newsletters. “But shouldn’t there be an opt-in?”, asks the German consumer. “No,” says the company and argues that when they signed up for an account they agreed that all data can be used which is created by them. This makes the anti-spam regulation law in Germany useless and the option is not an option anymore. For the consumer, it is now difficult to find out, if this is okay. Which consumer protection agency would they go to?
For companies this is also not an ideal situation. To be in the legal clear when it comes to, for example, providing newsletter or other information services, companies or other organisations, also NGOs need to bone up on many legislations. Why so many, if we talk about the EU and the US? This is partly due to the EU ePrivacy Directive passed in 2002 being a directive, not a regulation. Thus every member state adopted the guidelines differently into their national laws. Moreover, companies should also know the US law and Canada’s to be on the safe side, because the law does not apply to the company’s jurisdiction but to whom the company targets its services. Who defines this? That is unclear. Usually cases pop up because companies hold themselve accountable, but maybe in this case, this will not happen because the companies are afraid themselves that they might mess it up for everyone. There has been no case which clearly defines if a company targets consumers with its services by for example using the country’s’ domain or by simply providing the service in the national language. Therefore, enforcing German law, such as the opt-in for personalised newsletters on a company which has German consumers is difficult and has not been done yet because the scope of when is someone targeting German consumers and German law applies has not been made yet. This leaves German consumers powerless and companies unsure about what they have to comply to and what not.
This simple example showed that the situation we are in right now hurts companies and consumers alike. Across the Atlantic we need to work together on an update and achieve more inclusive laws which can bring consumers confidence and legal certainty for businesses. The US and Germany are already part of discussions to update these laws, however, they have only consulted businesses to this date. It is necessary to take the consumer and their rights more seriously. Even if the US and Germany balance freedom and privacy differently, the consumer has a right to know and see this. In this case, when companies rightly apply US regulations, then it should be made easier for the consumer to recognise this and on the other hand enforce rights which they have. This could be achieved for example, with an international alliance of consumer protection which must have legal powers as well. Or by empowering the user with simple to understand design standards. Of course companies should be free to design their website but certain important aspects like what data is used, how consumers can opt-out or in should be designed in a way that is recognisable and easy to use. Just like food labels which are harmonised so they can be read and understood by everyone. With that at least the consumer has some power and can engage in a more concrete conversation. They then do not feel left out and trade agreements become a less scary policy tool. Simply stated, when making laws, keep the consumer in mind and listen. A proactive stand to empower the consumer is necessary to have trust in companies, new technologies and globalisation. With that the transatlantic relationship can take the next step and build a closer partnership embracing new technologies and the exciting opportunities which they bring.