The survey assessed the effects of key EU data strategy regulations, including the General Data Protection Regulation (GDPR), Digital Services Act (DSA), Digital Markets Act (DMA), Data Act (DA), Data Governance Act (DGA), and Artificial Intelligence Act (AI Act).

Surveyed startups expressed a wish for simplified regulation and reporting processes, a more coordinated approach among national regulators, and requested more help in GDPR compliance.

Most CEE startups think the EU data strategy regulations brought increased costs

54,6% of survey respondents reported the EU data strategy regulations had a negative impact on their operations, and 81,9% stated the regulations have increased their operational costs.

When asked about the impact of regulations on their innovation potential, 63.6% expressed dissatisfaction – stating that these regulations hindered their innovation potential. 18.2% believed it created challenges but also opportunities, while 13.6% believed these regulations had no impact on their innovation potential.

No negative feelings towards national data protection authorities, but startups ask for a more coordinated approach and AI-based tools to help them

CEE startups expressed no negative feelings toward data protection authorities in their respective countries. Only 4.5% of respondents viewed their interactions with the authorities as negative, 9.1% viewed them positively, 45.5% were neutral, and 40.9% admitted they didn’t interact with these authorities at all.

Lack of interaction with national authorities was reconfirmed in other results, where only 9.1% of respondents admitted that they often seek guidance or clarification on EU data strategy regulations from EU or national authorities (multiple times a year). The majority – 45.5% – do this 1 to 2 times a year, 4.5% do so less than once a year, and a whopping 40.9% have no interactions with regulators at either the national or EU level.

Survey respondents want a ‘one-stop-shop’ among national regulators and stronger moves towards a Single Digital Market

Surveyed CEE startups asked for more simplicity in regulation and reporting processes, stating they need clearer guidelines and simplified reporting requirements to reduce the administrative burden.

Moreover, many requested either a single agency or better collaboration between regulators to clarify EU data strategy compliance requirements for startups. They also suggested introducing digital tools, possibly AI-powered, to streamline the compliance process for startup representatives.

Most respondents want to see a stronger move towards the Single Digital market via better cooperation between the EU and national regulators, seeing it as a crucial step towards more consistent and coherent regulations across different jurisdictions.

GDPR-specific recommendations: startups need more incentives, reconsidered scope of personal data & rebalanced data subjects’ access rights

CCCE’s survey revealed that startups expect more incentives from national authorities for startups in the form of practical recommendations, good practice examples, friendly and functioning regulatory sandboxes, checklists, and similar practical tools to support innovation while ensuring compliance.

Some respondents also believe that the current treatment of almost all data as personal data makes its practical use for product development nearly impossible. Proper anonymization, while intended to help, often renders the data unusable for product development.

Lastly, respondents argued that the right to access data is currently too absolute, with local privacy bodies requesting access to data that might include sensitive trade secrets, which could jeopardize their business continuity.

CEE startups want to continue working in the EU but are ready to relocate if the regulatory burden becomes too heavy

The majority of surveyed CEE startups admitted they lack the resources and time to keep up with updates to the EU regulatory framework, let alone actively participate in policymaking dialogue.

CEE startups remain realistic about their future perspectives. They are prepared to comply with EU data strategy regulations and want the EU to succeed, but they do not rule out relocating after scaling if the regulatory burden becomes too heavy.

Many expressed a desire for EU and national policymakers to strike a better balance between ensuring data privacy and enabling technological growth at scale, stating that the scope of regulatory guardrails is negatively impacting the future of data-driven companies in the EU.

Originally published here