On December 6th, 2017, the Atlantic Council’s Global Business & Economics Program, the Bay Area Council Economic Institute, and the Delegation of the European Union to the United States co-hosted a public panel discussion to review the European Union’s Digital Single Market strategy in San Francisco, CA. The Digital Single Market’s (DSM) goal is to transform the existing 28 separate, national markets into one European market by removing barriers and harmonizing regulation. According to the European Commission, the DSM strategy “aims to open up digital opportunities for people and business and enhance Europe’s position as a world leader in the digital economy.”

This piece explains what the DSM is and why its reforms matter to US businesses. In addition, it outlines key DSM reform proposals, discussed at our event, such as the upcoming launch of the General Data Protection Regulation and efforts to boost e-commerce in the European Union (EU).

The DSM is divided into three pillars: access, environment, and economy and society. With the access pillar, the Commission aims to improve consumer protection, modernize the EU’s copyright framework, and boost cross-border e-commerce by reducing cost of parcel delivery and outlawing geo-blocking. The DSM’s environment pillar focuses on advancing the EU’s high-speed internet infrastructure to foster innovation and participation in the digital economy. Finally, the economy and society pillar targets barriers to the free flow of personal and non-personal information and aims to harmonize standards and promote digital skills among EU citizens. In short, the DSM’s purpose is to fully translate the four freedoms the European single market guarantees, i.e. free movement of goods, capital, services, and labor, to the digital domain. Once implemented, the European Commission projects that the DSM’s three pillars will generate more than €400 billion per year, which equals roughly 2.7% of the EU’s gross domestic product, in additional economic activity.

Why should US businesses care? Well, in addition to the commercial opportunities that the DSM will offer, Bruce Andrews, Managing Director of Rock Creek Global Advisors, who took part in our panel discussion in San Francisco argues:

“The Digital Single Market in the EU will have a significant impact on American businesses operating in the EU or with major transatlantic operations. The goals of DSM are very important but the proposal must bring down all barriers and open-up EU markets, not just build new walls to outsiders or disadvantage non-EU companies. The US-EU commercial relationship is critically important to both of our economies, so we must make sure that DSM is done right.”

In fact, as a result of the ongoing DSM reforms, many experts consider Brussels to be at the center of shaping global digital policy. The General Data Protection Regulation (GDPR), which will come into effect in May 2018, underscores this notion. GDPR has garnered questionable fame as the most lobbied piece of legislation ever introduced by the EU, and it was a focal point of the conversation in San Francisco. Once it is enforced in May, GDPR will introduce harmonized data protection and privacy rules across the EU to take the place of the EU’s more than 20-year old Data Protection Directive. GDPR was designed to achieve two seemingly contradictory goals: First, increase data privacy and grant EU citizens more control over their personal data. Second, reduce the cost of doing business in the EU by unifying data and privacy regulations. The EU estimates that companies will save €2.3 billion per year as a result of having to comply with one instead of 28 different laws when engaging in cross-border business in Europe. GDPR is of great significance for US corporations because it “applies to all companies processing the personal data of data subjects residing in the [EU], regardless of the company’s location.” Put simply, a US-based company, without an office or subsidiary in the EU, must comply with GDPR, if it collects EU citizens’ data. To ensure compliance, GDPR has teeth. It threatens companies with a fine of up to 4% of annual global revenue or €20 million (whichever is higher), if they violate its rules and/or regulations. Thus, as mentioned above, experts contend the introduction of GDPR will move the needle on global data protection standards because companies around the world are forced to comply. The question of how to boost cross-border e-commerce in the EU was another key issue discussed in San Francisco. While most European businesses have access to the internet and own a website, only 8% of companies sell their goods and services in other EU countries. Similarly, only 15% of consumers make online purchases in other European countries. This week, in a move expected to foster cross-border e-commerce, the European Parliament approved a proposal by the European Commission to ban unjustified geoblocking. As the name suggests, European companies use geo-blocking to treat internet users differently based on their location or nationality. Restricting content or redirecting users to different websites enables businesses to adjust their products’ prices for users’ location. For example, tickets to Disneyland Paris might cost more for online users in Germany than in Poland. EU citizens attempting to buy clothing articles in a different EU country are often redirected to a website located in their country of residence. In 2015, 63% of websites restricted cross-border purchases in the EU. In addition to unjustified geo-blocking, EU cross-border e-commerce is also hampered by high parcel delivery costs and complex tax rules for electronic commerce. To lower parcel delivery costs, the European Commission is pushing a legislative proposal to make parcel delivery prices more transparent and thus bolster competition by empowering consumers to compare prices. Moreover, the EU has adopted a simplified VAT framework to “make it easier for consumers and businesses, in particular start-ups and SMEs [small and medium-sized enterprises], to buy and sell goods cross-border online.” However, the EU member states must still implement the new VAT rules.

Despite the apparent progress, our panelists in San Francisco agreed that more reforms are necessary to enhance cross-border trade and fulfill the vision of the DSM. Panelist Usman Ahmed, Head of Global Public Policy at PayPal Inc., suggested three areas for reform:

“First, the EU must improve access to trade finance for SMEs. The EU is doing great work in the financial services arena to enhance access to online lending tools. Trade finance could be bolstered by improving online portals where traders can access a wide variety of trade financing tools including those offered by online lenders.

Second, the EU must introduce a reform to digitize trade facilitation. Customs Application Programming Interfaces (APIs) would enable small businesses to build customs and duties cost calculators and compliance forms directly into transaction flows, helping to reduce the burden on end consumers, small businesses, and governments. Member states’ governments should also require, or at least recommend, electronic submission and payment for customs and duties in order to speed up processing.

Third, the EU must support digital education initiatives for SMEs. Many small firms are concerned that their product or service cannot be delivered across borders. Others are concerned about trust. Some companies are uncertain about common customs and practices in foreign markets. Still others are concerned about getting paid. All of these problems have solutions, but it is a matter of making small businesses aware of these solutions. The EU and member states’ governments can help to fill that void by providing small businesses with trusted guidance on how they can leverage the latest that technology has to offer to help their business grow.”

To sum up, the DSM matters to US businesses because, once completed, it creates a unified digital market with over half a billion potential consumers that will offer vital commercial opportunities to US companies. However, the DSM comes with strings attached. US-based businesses, even those without a physical location in the EU, will have to comply with GDPR when they process data of EU residents or citizens. In addition, US firms and companies worldwide will likely see an increase in global data protection standards as a result of GDPR. At this point, it is unlikely that the EU will meet its goal to fully implement the DSM by 2019. Nonetheless, key DSM reform proposals, particularly efforts to boost e-commerce in the EU, are making significant, albeit slow, progress. Going forward, Chris Riley, Director of Public Policy at Mozilla, who took part in the discussion on the DSM in San Francisco, urges:

“The EU needs to continue what it has been doing – taking a serious look at emerging socioeconomic issues within the tech sector – while making sure to ground its processes and policies in full understanding of how the underlying technologies and business practices work.”

It is important to note that our panel discussion in San Francisco concluded a series of four events the Global Business & Economics Program hosted as part of the Getting to Know Europe program. Sponsored by the Delegation of the European Union to the US, this program is part of a concerted effort by the Atlantic Council to reach a wider audience beyond the Washington, DC Beltway.