What German startups really think of web privacy rules

The U.S. and European Union have very different levels of data protection and online privacy rules, something that significantly warps the market when it comes to online services.

Companies on one side of the Atlantic that want to serve customers on the other have to comply with at least two sets of rules –- and in Europe, each country gets to interpret the federal law its own way, leading to even more headaches. Ultimately, what’s legal in America may not be legal in France or Austria.

Both the U.S. and EU are currently revising their regulations, and the last couple of months have even seen a tentative plan develop to create some harmony between them. That flirtation gained a loose formality on Monday, when a joint statement talked about “a defining moment for global personal data protection and privacy policy.”

It’s a dry read, but fun if you enjoy weighing up nuance. It’s not talking about eliminating all regulatory differences, but what it does say very clearly is that the U.S. and EU want to “increase interoperability in privacy laws and regulations, and to enhance enforcement cooperation”, and that there should be international “standards in the area of personal data protection.”

But of all the countries in Europe, none interprets EU data protection law more literally and rigidly than Germany — just ask Facebook or Google. So I thought it would be useful to see how local startups view the idea of the U.S. and EU’s data protection and privacy laws being more in tune.

Here’s what they said:

Steffen Kiedel, CFO, 6wunderkinder (producer of Wunderlist and Wunderkit task-management apps)
In terms of international competition, the German and European regulations really slow things down. We can’t use servers in the U.S. or other data services without having extra policies. Harmonization would allow us to be more competitive worldwide and bring our products to market easier.

Edial Dekker, CEO, Gidsy (experience-finding service)
[The EU’s data protection regime] is a really difficult topic and sometimes hurts companies. For example, there are many interesting analytics tools that we cannot use fully due to this (like Mixpanel). But the good thing is that what [complies] in Germany, probably also works in the entire rest of the world. If you can make it work here, you can do it anywhere.

Philipp Strube, CEO, cloudControl (platform-as-a-service provider)
It’s a common complaint that the less restrictive U.S. data security laws are a significant advantage for U.S. startups. Playing by the EU data security laws is like showing up to the grand prix with a race car missing one wheel. At least harmonization should let everyone show up with three wheeled cars. While of course not the only reason, one shouldn’t underestimate the effect stricter data security laws certainly have on the fact that Europe hasn’t produced a true global web leader yet.

Ezeep co-founder Sascha KellertSascha Kellert, CEO, Ezeep (cloud printing service)
Irrespective of the quality of the current proposals, we believe it will most likely level the playing field a little as EU regulatory burdens would act as a barrier to entry for U.S. players. It is too early to tell if a revised EU-U.S. approach to privacy will have a positive effect on the competitiveness of EU-based internet businesses. At this stage it appears to be more of a tool to streamline operations [for] regulators as opposed to being truly motivated by market and consumer needs.

Wahwah.fm (mobile radio app)
Companies capitalize a little too much on people’s private information, I do think this needs to be addressed. We’d like to think a level playing field might help us, as Europe has taken the lead in a lot of these privacy issues. If the U.S. follows, it will serve to make things a little more cooperative and well-rounded for companies around the world.