Government’s 'underfunding' of data watchdog is bumbling and risky

Net Results: Multinationals worry about perception of petty vengeance over public services card

Multinationals worry about these optics. Photograph: iStock

Multinationals worry about these optics. Photograph: iStock

 

There’s an enduring public (and media) misconception that multinational technology companies looking to establish a base in Europe would be seduced by a country with weak regulatory oversight. The reality is less interesting, more complicated, and – in terms of potential international perception – of direct relevance to recent Government actions here.

As a baseline starting point, what most companies actually want is a national regulatory environment that is, if not overtly business-friendly, then at least aware of business issues. In addition they want regulatory stability and predictability.

Predictability, however, doesn’t mean predetermined decisions. Uncertainty about specific rulings and decisions should be a given, as a regulatory body fairly weighs evidence, facts, concerns and laws. But still, the idea persists that an accommodating regulatory environment would be corporate preference.

Let’s look closer at what companies want, and why.

First, set aside the notion that tech companies prioritise regulatory environment over other considerations because, no matter where they go, they will still be subject to an EU interpretation of EU – and for that matter, local – laws and policies.

So any decision at executive level to choose a country with a biddable regulator would be ridiculously short-sighted. There’s no secret system of regulatory arbitrage where a company can weigh up where to go based on the best deal on offer, because regulatory gaps are quickly bridged in practice.

In terms of data protection – which is the regulatory arena that arguably has the greatest bearing on the operations of all tech multinationals in Europe – challenging any decision by a national regulator is a well-defined process under EU data protection law.

It can be set in motion by any individual EU citizen, who can highlight the existence of such a gap, and file a complaint to their own national regulator or at EU level. If the gap is indeed a gap, it is going to be closed.

International ire

Any company hoping to exploit perceived gaps also faces the likelihood that its attempt to do so will become the stuff of international focus and ire. If your company ends up in Europe’s highest court, with its actions scrutinised in detail and reported internationally, the negative publicity fallout is potentially colossal.

Companies also really don’t want a random national regulatory system where decisions are wildly unpredictable and might fall anywhere on the scale of too lenient to too harsh.

In practice, that type of highly uncertain environment would end with decisions being routinely referred to the European Court of Justice to sort out the details – a long legal process for all parties that would be a costly addition to the bottom line. Better to opt for a location with regulation widely seen as balanced and considered.

All of this is to put into context why the Irish Government was misguided and bumbling in its recent budget decision to fund the Data Protection Commission no more generously than the discredited greyhound racing industry – and with only a third of the increase requested by an office tasked with a data protection oversight job rivalled in size and impact only by the US oversight bodies such as the Federal Communications Commission and Federal Trade Commission.

The decision risks being perceived as an international statement that Ireland is not overly concerned with adequately performing its critical oversight function, and that it is deliberately underfunding a regulator in order to better suit its large base of multinational tech companies – each of which is a point of huge concern to multinationals I’ve spoken to.

Election issue

There’s also a risk that, if the regulator is underfunded, investigations are hobbled and decisions will be poorer and open to further costly challenges. Investigations may drag on for longer (many here already have been going on for years) or not be pursued at all.

In addition, set in the context of the Government’s decision to – so far – refuse to comply with the regulator’s decision that it must curtail the use of the public services card, the funding refusal runs the risk of looking even more questionable, a petty tit for tat. A formal complaint expressing such a concern has been filed at EU level by Irish data protection specialist Daragh O Brien.

Multinationals worry about these optics. They know data protection regulation is an international election issue, a headline generator and a topic of close public interest. They can be damaged by perception that they want a weakened regulatory environment and might have encouraged a national government to undercut its regulator. Several have been taken aback by the State’s refusal to comply with the ruling on the public services card. One told me the decision to keep its base in Ireland had been quietly reviewed at one point because of these cumulative risks.

The Government would be wise to reconsider what constitutes adequate funding for a regulatory body that has such a significant international role, and take time to ponder the own-goal of undercutting its regulator’s international authority by refusing to recognise a critical domestic decision.

The Irish Times Logo
Commenting on The Irish Times has changed. To comment you must now be an Irish Times subscriber.
SUBSCRIBE
GO BACK
Error Image
The account details entered are not currently associated with an Irish Times subscription. Please subscribe to sign in to comment.
Comment Sign In

Forgot password?
The Irish Times Logo
Thank you
You should receive instructions for resetting your password. When you have reset your password, you can Sign In.
The Irish Times Logo
Please choose a screen name. This name will appear beside any comments you post. Your screen name should follow the standards set out in our community standards.
Screen Name Selection

Hello

Please choose a screen name. This name will appear beside any comments you post. Your screen name should follow the standards set out in our community standards.

The Irish Times Logo
Commenting on The Irish Times has changed. To comment you must now be an Irish Times subscriber.
SUBSCRIBE
Forgot Password
Please enter your email address so we can send you a link to reset your password.

Sign In

Your Comments
We reserve the right to remove any content at any time from this Community, including without limitation if it violates the Community Standards. We ask that you report content that you in good faith believe violates the above rules by clicking the Flag link next to the offending comment or by filling out this form. New comments are only accepted for 3 days from the date of publication.