问：在全球电动汽车行业中有一个流行的术语，如软件定义的汽车，就像提出对数据保护的担忧一样，以概括 GDPR 将如何影响欧洲的电动汽车市场。
Q: So my next question will be, so like recent years, like in recent weeks, companies like papaya global. So it's ceo announcing that the company plans to withdraw funds from Israel. As did Israel bc bounds just disruptive and disruptive ai what's your opinion? Like, what would be the profound impact of this political change in Israel on the majority of the investment?
A: Yeah, I think this is very, very interesting, because essentially a lot of the companies, the big important companies in Israel, now saying we're happy to invest here as long as you maintain the democracy and the current political system. If you change it, we will go away.
And the thing is, I think that the changes that may be coming to Israel, they will mainly, perhaps please, other parts of Israel, maybe the more religious part of Israel. But that's also a path that does not contribute so much to the economy.
And so I think it will be very difficult for Israel from a economical point of view, if the changes actually go through, because Israel is a big tech economy, if they lose their tech companies, they could go somewhere else.Then what will Israel do? Like? How will they sustain their people and their economy? So it's not just about the politics. It's also very much about the economy. And this could indeed endanger their economy.
So I think it will affect Israel's credit rating, which could increase the interests in his role, meaning that common Israeli people would have less money, essentially, because the mortgages become more expensive.And so it would be a bad situation for the people of Israel. Like, how will they deal with this new financial reality? Actually, a lot of people in Israel have dual citizenship. I think 10 % of the population had dual citizenship. It's also easy for them to relocate. And then what will be left?
Q: My third question will be, he suggested that if the like the judges in Israel no longer appear impartial, then Israel will not meet the eu standard when its position is reassessed in the future. He scares a lot of tech companies who have business in there.
So what impact would it have? Actually do? You think would be on the semiconductor industry?
A: So this is also very interesting, because obvious ly, there are a lot of Israeli companies that have in a global presence or operate in other markets, such as the European markets. But if let's say, an Israeli company operate in Europe, and then Israel is no longer adequate because of the reforms. What will happen? First of all, they will necessarily be able to send their data to Israel. They won't be able to send customer data to Israel.
Then the question is, then why should they stay initial? Because it will become very difficult for a company, an Israeli company to operate in other markets if they cannot actually exchange their data.
And I think it will maybe give other countries benefit, because then suddenly Israeli companies will maybe struggle a bit more and need to spend a lot of money on compliance may be relocate. Whereas other companies may not have that issue. So it affects kind of the competition situation as well.
And then one thing is just normal an Israeli companies offering products or kids. You actually also have a lot of Israeli companies that are working on personal data like the product is doing something with personal data.
And for them, it will be even more difficult, because they will then need to maybe move their service to a different place, maybe to Europe, maybe somewhere else. Because actually, if you're in a not adequate country, there are so many things you need to do in order to make a transfer personal data lawful.
Q: What if the European Data Protection Board and the EU Data Council will announce data laws in the summer?
A: Yeah, so it's a very complex matter. So in 2020, the court of justice of the European union said that American surveillance was too intrusive, and therefore, we needed to stop sending European data to to the US what has happened since is that there have been negotiations between the EU and the US and the US have actually changed their legislation quite a bit to mitigate the issue.
So what we are now assessing is whether these changes to their surveillance laws, whether they are sufficient to meet the European standard.
And there are a lot of details and it's very complex. I think that we are definitely going in the right direction. There have been very positive developments from the US side. So let's see. It's the European commission that will formerly take a decision, maybe this summer. But I think with all the positive changes, there is a chance that they will approve the new mechanism, and we can start sending data to the US again.
But there is also a challenge here, because the European commission that's just one voice, and other people may disagree, because there are still some issues. There are always some issues. So I think it will go to the court again. So in this case, I think the court will have the final say. Right.
Q: Can you elaborate on how the GDPR works as an enforcement model?
We have this thing called the one stop shop in Europe and the GDPR. Essentially, let's say that you have a company that is established in one country, but they have customers all over Europe. And let's say that it's meta, like Facebook, Instagram, what's up the metal companies?
They are established in Ireland. If someone in Norway wants to make a complaint against them, they could actually come to us. We can refer the complaint to Ireland, the irish state of protection commission, and they will do the investigation.
So then we have this kind of cooperation. If someone has an issue with the Norwegian company, we will get the complaint and we can help to complain it, even though they are in Sweden or Spain or whatever. So that's good.
In terms of the unfair burden, the thing is that many of the biggest companies are all situated in a few countries, and most of them actually in Ireland. That means that Irish colleagues have a bigger enforcement burden because they have all the big tech companies. Often those cases are the biggest cases. The most complex cases, the cases that received the greatest interest from the general public and from the media. So the pressure on them is definitely a lot bigger.
Whereas, for example, in Norway, we have very few big international companies. We have less pressure. There's kind of like an uneven as especially if you look at Norway and Ireland, because our population is more or less the same. But they have so many more cases to us. And so it is kind of weird that some of the biggest cases end up just in one country.
Q: Electric vehicles are becoming more and more intelligent and personalized, so is driver data still safe?
A: And so these vehicles, which are very much connected and have a lot of senses and collect a lot of personal data, right? Because actually data about the driver will also be personal data.
So essentially the GDPR I will always apply to that processing and personal data, which means that so suddenly you can't do whatever you want with our sensor data. Sometimes you need consent from the driver actually to collect those data. And for sharing those data could be even more tricky, especially if you want to send those data overseas.
What companies sometimes don't think about is what if the driver then wants to have access to the personal data or delete the personal data, or put the personal data to a different vehicle from a different manufacturer, like, do they actually have the systems in place to deal with the exercise of their rights. And sometimes we see in practice that not all manufacturers have good systems for this.
It actually means that you need to be very mindful of how we use the data, because it is actually data about the people driving, right? It's their data. You need to be respectful of that.Yeah, you can imagine and there are many uses for this. So let's say you have a car manufacturer collects data about the driver. Then let's say they want to cooperate with an insurance company. So they share all the driver data with the insurance company, and then the insurance company will say these people are good drivers. These people drive too fast or they break rules too quickly, and we don't want to ensure them or they need to pay a higher premium. So when the data is shared, it can actually affect people in unexpected ways, right? Or what if they shared with the authorities?
Q: Will international data protection standards be more dispersed or used at the level of political management?
A: What an excellent question. I think it's a bit of both. So for example, what we are seeing right now in the advertising industry is that you have a lot of companies that are kind of monitoring what we're doing online. And then they are just giving away the data, selling the data. What if the people receiving those data is a country that we don't have a cooperation with? What if it's a country that doesn't necessarily support it, so doesn't have our best interest in mind.
It is actually an issue from a security point of view. But you are very right in pointing out that it could data protection could also be misused in a way and say that we have this strict data collection law, but it's not really about protecting privacy. It's about ensuring that no one gets our data because we want them for ourselves. It's about finding that balance.
But what I would say is that we are making some progress in terms of, so for example, EU, we have our laws, right? But we can actually approve other countries as being adequate like we did with Israel. We have also done that with, for example, japan and south Korea, and also several countries in Latin America.
Essentially, what we're saying is that you have different laws, and you also have government access to data, et. But we still think that it's more or less on the same level and is proportionate. It's necessary that way we can actually exchange data, even though we have different rules like we can send data from Europe to New Zealand, even though it's on the other side of the world.
And there are more and more countries gaining that approval. We call it adequacy decisions. So actually, I feel like right now, data sharing is increasing. And we're saying that we won't share data with you if there are security concerns. But if your authority is operating in a way that's transparent and proportionate, then you can actually have our data, even though there may be issues. So, yes, it really depends. I think you need to look at each and every country individually, but it is definitely going in the right direction.