I find it to be a telling sign of the culture at US companies when it comes to their response, or lack of response to EU regulations. I’ve been curating stories from the API providers that I track on when it comes to GDPR or PSD2, keeping a notebook or research that is ready when I get around to diving in deeper. The companies who are openly talking about these regulations and being proactive about responding to them, are usually the API providers who have a strong stance in the US market, and are poised to, or already expanding this reach to Europe. Companies who haven’t made any noise are probably not concerned with the European market, or just hoping the regulations fizzle out I guess?
After diving into my curation notebook the first company to stand out is Auth0, with a variety of blog posts, and resources on navigating both PSD2 and GDPR. Auth0 is in a good position to provide critical authentication and user information management APIs to other companies who are working to comply with the regulations, so it makes sense that they would be getting ahead of all of this. I fully grasp that many companies are simply issuing their press releases stating they can help with GDPR or PSD2, but you can quickly cut through the fluff by looking at how much they’ve invested in their response, materials, and services. Auth0 has a pretty extensive knowledge-base on GDPR, providing PSD2 guidance on their blog, as well as investing in their EU region for a couple of years–demonstrating it is more than just a press release.
I’m working my way through the list of US API providers, and service providers who are being active on the subject of EU regulations. I feel it is an important sign of the strength of the company, and demonstrates a healthy understanding of how regulations aren’t always bad, and that they can actually help industries thrive. I’m actively working on projects involving GDPR and PSD2 in Europe, and I’m eager to develop my understanding of how these regulations are changing the face of the technology industry in Europe, but also how this will impact US companies. I’m hoping that it will begin to shift and evolve the culture around data ownership, privacy, and APIs as industry standards in the US. I feel that as Internet technology matures, we are going to need to view data a little different, otherwise things won’t be sustainable. I’m hopeful that EU regulations can help set this into motion–we’ll see, maybe I’m naive.