There seems to be a budding consensus among tech pundits and stakeholders: The EU has solidified its role as a leader in one ICT sector—regulation. EU regulation is a growing industry in itself. However, such regulation may not necessarily be beneficial for business and technological progress. Professor Bradford, a leading expert on EU law and its international influence, agrees with the first two statements, but not necessarily with the third. She challenges (and ultimately rejects) the intuitive argument that excessive ICT regulation is responsible for the EU’s innovation lag in this sector. In making her claim, she maps out the many impediments to ICT innovation in Europe, identifying numerous factors beyond the content of regulation – such as its complexity, as well as underdeveloped capital markets, unfitting insolvency laws and the inability to attract and retain talent. Or, to paraphrase J.F.K.: Bradford explains that the EU’s ICT innovation failure has many fathers. Bradford thus argues that the link between regulation and the lack of innovation is weak and that there is no real lesson here for U.S. regulators and lawmakers contemplating tech-related policy.
To illustrate the weak connection between innovation and regulation, Bradford begins the article by outlining the U.S.’s centrality in the ICT sector. She highlights the dominant brands like Google, Meta, Microsoft, Amazon, and Apple that shape contemporary life and discourse, as well as the extraordinary wealth these firms have amassed. The article then examines the U.S.’s tech-friendly regulatory environment, particularly the relative immunity provided by Section 230 of the Communications Decency Act (as part of broader notion of promoting free speech) and the absence of comprehensive federal privacy legislation.
Bradford argues that this regulatory landscape was shaped by persistent lobbying efforts and an overarching U.S. policy commitment to “free market ideals.” She then systematically reviews key European laws and regulations affecting the tech industry— the General Data Protection Regulation (GDPR), Digital Markets Act (DMA), and Digital Services Act (DSA), among others. Beyond providing a thorough analysis of lobbying positions on these issues (and their influence on political discourse), Bradford acknowledges scholarly perspectives (including my own) that have suggested a possible connection between the EU/U.S. regulatory divide and the U.S.’s undisputed leadership in the tech market. The article subsequently engages with broader scholarly discussions on the relationship between innovation and regulation, while striving to prove that heavy regulation in the EU is not the key reason for the continent’s innovative lag.
Bradford then delves into specific regulatory domains and their relationship with innovation: privacy, antitrust, and AI. I will set aside the antitrust discussion, as Bradford’s argument that antitrust enforcement is crucial for innovation is fairly well-established. The relationship between privacy regulation and innovation, however, is more complex. Here, Bradford focuses on how the GDPR may hinder innovation by imposing high compliance costs. But she also explains how privacy laws “have the potential to alter innovation pathways” in different directions, some of which leading to the introduction of privacy-enhancing tools. At the same time, they might also “increase social innovation” (i.e., enhance social welfare as opposed to mere corporate wealth). She applies a similar analysis to the tensions between AI innovation and AI regulation. Subsequent research might consider linking these discussions of technological and social innovation and examine the impact of privacy laws on AI innovation (for a recent exploration of this connection, see Dan Solove’s recent article). The effect of the EU’s privacy laws (in the form of data usage restrictions) on AI development within the continent is likely to be significant.
If tech-related regulation is not the primary reason for the EU’s ICT lag, what is? Bradford identifies several alternative explanations for Europe’s limited technological leadership. Yet before doing so, the analysis presents three particularly insightful arguments, all aimed at weakening the assumed correlation between regulatory intensity and innovation constraints. First, she argues that EU regulation was not significantly different from that of the U.S. until 2010. Yet even during this period, Europe failed to produce ICT leaders, suggesting that other factors are at play. Second, she emphasizes that EU regulation serves dual objectives—protecting rights and fostering the internal EU market—and that the latter goal should, in principle, promote innovation and counterbalance regulatory burdens. Third, she points out that GDPR enforcement has predominantly targeted U.S.-based companies, with little evidence that innovation in these firms has been stifled as a result. While each of these claims can be countered, they are intriguing as part of the ongoing debate.
The final section of the paper examines structural impediments to innovation in the European tech sector, including:
- Regulatory complexity rather than regulatory stringency – Bradford notes that the key issue is not necessarily the severity of regulation but rather the complexity arising from fragmentation across member states and the absence of a true “Digital Single Market.”
- Limited capital markets – Europe faces a shortage of venture capital funding for startups, as well as limited government investment in military-driven technological innovation (more on this, later).
- Punitive insolvency laws and a risk-averse culture – European legal frameworks discourage entrepreneurial risk-taking.
- Inability to attract and retain global talent – This challenge is compounded by higher salaries in the U.S. and stronger institutional connections between academia and industry.
Summarizing these points, Bradford states: “Identifying these alternative explanations does not support an argument that all European tech regulation would enhance welfare and that digital regulations could never adversely affect innovation and slow down technological progress…”. She ultimately calls for a more nuanced discussion on the benefits and drawbacks of tech regulation.
This is a particularly timely article and discussion. Since its (very recent) publication, much has already changed. In the U.S., the new administration appears to be shifting even further toward a pro-business trajectory, particularly regardingthe tech industry. Thus, substantial regulation of the tech sector seems unlikely, except for some rules prohibiting certain forms of content moderation and censorship. Meanwhile, Bradford’s discussion of U.S.-China tensions has become increasingly relevant given the recent success of Chinese AI ventures like DeepSeek. Bradford’s intervention serves as an important reminder that competition in the ICT space is also coming from China. Consequently, the importance of the discussion Bradford chooses to promote has significantly grown. I recommend keeping the potential AI- and tech-related competition coming out of China constantly in mind when considering the arguments noted above. I also call attention to Bradford’s last book, “Digital Empires,” as an important source to acknowledge when reviewing the central approaches to regulating the digital economy, and the differences between them.
Bradford’s work is currently being supplemented by a growing body of scholarship examining the impact of the GDPR on innovation. Even if one accepts Bradford’s argument that the EU’s lack of ICT leadership is not directly attributable to privacy regulation, the GDPR’s enactment presents a valuable opportunity for empirical analysis: a natural experiment (though the absence of a “control group” limits the robustness of such findings). The GDPR serves as an instance in which an additional regulatory burden was introduced, allowing researchers to compare innovation trends before and after its implementation. Scholars have already started researching this question, but their findings remain inconclusive: some studies indicate lower levels of innovation in cutting-edge projects but increased innovation in more compliance-oriented sectors. Yet others showed a “variety of partly countervailing effects”.(see also a review of these discussions in Esra Damir’s dissertation, Ch. 3 and 7).
Looking forward, the introduction of strict EU regulations will allow for closer examination of the potential causal links between regulation and innovation (or the absence thereof). These developments may also facilitate a more precise assessment of the actual costs borne by EU citizens because of stricter data protection and information privacy laws, as well as the broader economic implications of such policies. Bradford’s paper provides a great start, with lots of thoughtful ideas and important facts for those striving to gain a deeper understanding of the reasons for the EU’s ICT innovation standing, including those related to various regulatory realms. Following its lead, questions regarding the connection between innovation and regulation will surely generate additional academic interest in the years to come.
