AP

U.S. companies are largely unprepared for what's about to hit them when sweeping new EU data laws take effect next year. The regulation — the General Data Protection Regulation (or GDPR) — is intended to give users more control of how their personal data is used and streamline data processes across the EU. Companies that fail to comply with the complex law will face steep fines of up to 4% of their global annual revenue.

Why it matters: Europe has by far taken the most aggressive regulatory stance on protecting consumer privacy and will in many ways be a litmus test for regulating the currency of the data economy. It impacts a huge number of businesses from advertisers to e-commerce platforms whose data flows through EU countries. That means everyone from Google to your neighbor who sells shoes on eBay could be affected.

Compliance challenge: Firms in all sectors are dealing with more data than ever before, so managing it requires more resources. Experts tell Axios that complying with the law is a daunting and expensive task for many companies. Niche legal firms are cropping up to help companies deal with it.

"People aren't fully ready for managing this," said Hilary Wadell, general counsel and chief of data governance at TrustArc. "A lot of organizations are still trying to wrap their arms around appropriate data governance and to understand the types of data they have and how it is used." According a recent TrustArc survey, 61% of organizations haven't even begun implementation.

Tech watch: Companies in all sectors will have to comply, but tech companies in particular will have steep climbs. "Were going to see innovative things from Google and Facebook in terms of how they deal with it," says David Downing, EVP at ASG technologies. On its Q2 earnings call, Facebook COO Sheryl Sandberg told investors that when they look at regulatory issues, including GDPR, they make sure those regulators understand how Facebook contributes to economic growth in their countries.

The EU perspective: Wojciech Wiewlorowski, Assistant Supervisor for the European Data Protection Supervisor in Brussels, stressed that the regulation won't slow down innovation or the flow of data. Rather, it's a necessary step to deal with the explosion of the data economy in a "civilized" way — similar to how society had to impose rules on automobile traffic.

"The road code [was] created in order to facilitate the way that we transport things and transport people," he said on a call discussing the GDPR implementation. "But, of course, in some ways it limits the way that we try to invent solutions. This is the kind of price we pay for a civilized way for the flow of personal data in the world."

Go deeper

The risk of branding NASA's wins

Illustration: Eniola Odetunde/Axios

President Trump, like some of his predecessors, is branding NASA's recent wins as political, presidential accomplishments even though they are the result of efforts that span administrations.

Why it matters: Experts warn that partisan politicking with NASA can lead to whiplash that leaves the agency scrambling to chase new goals whenever a new administration arrives in Washington.

Death spiral for consumers

Illustration: Eniola Odetunde/Axios

Despite some recent good news about dwindling household debt, the financial health of U.S. consumers is rapidly deteriorating — and families with children are faring the worst.

Why it matters: As Congress deadlocks over pandemic relief and President Trump issues executive orders of dubious potency, many Americans are suffering from a quintuple whammy: unemployment, overdue rent, mounting bills, food insecurity and health fears.

The end of Hong Kong's political freedom is here

Illustration: Annelise Capossela/Axios

The end of Hong Kong's relatively free political system is no longer looming. It's here.

Why it matters: The Chinese Communist Party is already wielding the new national security law it forced upon Hong Kong just over a month ago.

  • And through the extraterritoriality enshrined in the new law, Beijing has signaled that its push against pro-democracy activism is going global.