The question of whether data privacy laws and legislations like the GDPR have held Europe back in the global AI race is often framed as well as debated in the world of technology and innovation. The General Data Protection Regulation (GDPR), enacted in 2018, was designed to protect personal data and give individuals greater control over how their information is used. While it has undoubtedly introduced compliance complexities, attributing Europe’s slower AI scaling solely to GDPR overlooks broader structural and market factors.

According to the Foreign Minister of Finland Elina Valtonen, the General Data Protection Regulation (GDPR) rules and regulations were decided in a world that was different from the current one that we inhabit. She is of the opinion that although AI was emerging in that period, the main idea behind the framing of the rules was to protect the ownership of each and every individual’s data.

“The GDPR regulations were decided in a different world than the current one. Although AI was emerging in that period, the main idea was to protect the ownership of each and every individual’s data. But, maybe, it ended up being rigid,” Valtonen told ETCIO.

Critics argue that GDPR’s strict requirements around consent, data minimization, and cross-border data flows have made it harder for European companies to access and process large datasets—fuel that is critical for training advanced AI models. Compared to the data-rich ecosystems of the United States and China, European firms often face higher regulatory overhead, slower experimentation cycles, and increased legal risk. This can discourage startups and limit rapid iteration, especially in data-intensive domains like generative AI.

“GDPR does not in itself affect the EU’s risk-based regulatory approach to artificial intelligence, but it is relevant to the use of data, i.e. personal information, in developing AI. Many AI systems depend on large volumes of data that often include personal data, bringing them within the scope of the GDPR. Rather than preventing progress, the GDPR sets harmonised conditions for how such data can be used across the single market of 450 million Europeans, promoting accountability, transparency, and trust towards AI. While these requirements can place limits on certain data practices, they also support a more responsible and sustainable foundation for AI innovation in Europe,” elaborates Valtonen.The GDPR has created a foundation for trust, which can become a competitive advantage. As global concerns around issues such as surveillance, data misuse, and AI ethics grow, Europe’s approach positions it as a leader as far as responsible AI is concerned. The emphasis on transparency, privacy, and user rights has heavily influenced global standards, with the result that several countries are adopting GDPR-like laws and legislations.

Join the community of 2M+ industry professionals.

Subscribe to Newsletter to get latest insights & analysis in your inbox.

All about ETCISO industry right on your smartphone!