Below is a transcript of a CNBC interview with the European Commission Vice-President for the Digital Single Market, Andrus Ansip, and CNBC's Joumanna Bercetche.
JB: Thank you very much for taking the time to chat with us this afternoon. Of course we are in Brussels and Mr. Zuckerberg was here in Brussels only a couple of days ago doing his first testimony in Europe since the Cambridge Analytica scandal broke. Can I just ask you what you thought of the hearing and how he performed?
AA: We had meeting with Mr Zuckerberg and Mrs Sheryl Sandberg in California just a couple of weeks ago, and I'm pretty sure I got much more information than people got during this very short hearing here in Brussels. But I think it was nice to be here and to take those questions in the European Parliament. I got the feeling that Facebook is taking all those issues conducted with privacy of our people very seriously. Today we have some problems, some bad people, they know how to use social media channels to manipulate with public opinion, how to manipulate with democratic institutions and democratic elections, and good people they don't know how to protect our people, our institutions.
JB: You said that you met with Mr Zuckerberg and Mrs Sandberg a couple of weeks ago. He said a couple of days ago that they are, as far as they're aware, fully GDPR compliant. Do you have assurances that they are essentially fully GDPR compliant now?
AA: Yes, short answer is yes, but let's see what we will get from real life. But as I said according to my understanding Facebook is taking this scandal with Cambridge Analytica very seriously. They are dealing with fake accounts, they are trying to figure out who is behind of some kind of disinformation campaigns and…all those issues very seriously. We have to work together. I believe in self-regulatory measures. We can set tough regulations and we did it already. But I believe much more on self-regulatory measures because trust is one of those most important, most valuable assets, for social media channels also and it is in their own interests to regain this trust when trust was eroded, or to build trust when they are just starting with their businesses.
JB: Trust is obviously a big issue and many people have lost trust in social media companies in the wake of Cambridge Analytica and also other revelations that have come up since then. I just wonder whether or not you're going to be monitoring the behavior of businesses once GDPR has been rolled out and whether or not if you detect a discernible influence of businesses, business flow on back of this regulation, whether that might cause you to reconsider some of the draconian measures that have been introduced?
AA: General Data Protection Regulation is a really good thing. It's good for our people. They can be more sure that their personal data will be well protected. But this General Data Protection Regulation is really good also for big companies because to deal with the one set of rules it's much easier than to deal here in the European Union with a 28 different sets of rules. And of course General Data Protection Regulation will be especially good for our startups, for them to understand about 28 different sets of rules in 28 member states, it's practically impossible or very complicated and if we will continue with this fragmentation then we will send a very bad message to our startups: stay at home or go to the United States where they have this huge single market with more than 300 million healthy customers, and we don't want to send that kind of messages to our people. We already had data protection rules in all the member states. Now those rules are harmonized and in practice I can say that this is not really big news for companies acting in the European markets but now it will be easier to understand about those rules.
JB: Has the coordination been difficult amongst all of the national regulators?
AA: I don't think it's somehow especially difficult to coordinate those activities but of course also national regulators they have to fully understand about this General Data Protection Regulation. But we're talking too much here also here in Europe about penalties, how somebody will be punished and so on. But as we discussed already people's trust is especially needed for our people and for those social media companies. But this issue is much broader than only about social media. I myself, I gave also my consents to third parties cookies when using my internet bank but I don't know who was behind of those cookies, maybe Cambridge Analytica once again – kidding of course.
JB: This brings me to another question, is this the end of the regulation or just the beginning? Can we expect more regulation to roll out after GDPR? I think you've mentioned this concept of cookies or e-privacy in the past as well.
AA: We will go on with the e-privacy regulation. Today we have a e-privacy directive but this directive was implemented in 28 member states differently. Once again we would like to harmonize our approach and that's why we proposed this e-privacy regulation proposal which will be directly applicable. E-privacy directive is only about telecom operators but 92 percent of European citizens they said that they would like to be absolutely sure that confidentiality of communication will be protected, also will be quarantined also when they are using some kind of top services, when they are using platforms. So, our aim is to create a level playing field, our aim is to protect everybody's privacy, our aim is to guarantee confidentiality of communication, whatever means of communication people are using.
JB: Now Europe has been very much at the forefront in terms of introducing all of this regulation and Europe are leading with GDPR, which could potentially be a new template for the rest of the world. Do you think that because of that Europe is placing itself at a disadvantage versus the rest of the world because tech companies will be less incentivized to operate on the continent?
AA: I'm absolutely sure that for tech companies, for investors more generally, legal certainty, predictability is definitely needed. For global service providers, it's also important to know about those rules about different dividing lines, and they can adapt. But for our people it's it's a real need to follow those fundamental rights and privacy is one of those fundamental rights.
JB: One final question for you. How closely are you coordinating with the UK on the rollout of GDPR in light of Brexit?
AA: This was our common decision and the United Kingdom is one of EU member states today…
JB: For now…
AA: For now, yes but what kind of relations we will have between the United Kingdom and EU 27, it depends on the negotiations between the United Kingdom and the EU 27 but I don't think no deal will be better than bad deal. Nobody wants a bad deal but no deal is really bad for both parties, for the United Kingdom and the European Union, because if no deal then no data flows between EU 27 and the United Kingdom anymore, if no deal then let's forget about room like at home. British people they can enjoy when traveling in some other EU member states today, if no deal then let's forget about portability of digital content people they can enjoy in Europe since this April. Deal is definitely needed and I'm looking forward to have a really good deal for both parties.
JB: Thank you very much sir.