“Despite significant efforts to modernize privacy rules, the GDPR and the guidelines adopted by the European Data Protection Board (EDPB) are not entirely innovation-friendly or fit for a digital age. Certain rules seem at odds with fast evolving technology and may slow the pace of insurers’ digital innovation,” is one the conclusions of the insight briefing published by Insurance Europe.
The document cites two examples of situations where GDPR may hinder insurers’ innovativeness:
the use of blockchain technology, considered by insurers as presenting a high cost-reducing potential, as well as a source of increase transparency, could be jeopardized due to potential incompatibilities with the GDPR. “But how can the GDPR’s right to be forgotten and right to rectification be reconciled with the fact that blockchain technology is designed to be an immutable and permanent record of all transactions?” In short, a tool that is expected to have a significant contribution to reinforcing trust in the insurance industry might be lost.
the EDPB guidelines may discourage insurers from introducing automated processes. “This is because the guidelines allow insurers to use such processes only where they demonstrate that they are necessary, which would not be deemed to be the case if other “effective and less intrusive means” to achieve the same goal exist. In other words, the guidelines may prevent the development of innovative products based on solely automated techniques – such as real-time insurance offered through mobile phone applications – despite these enabling insurers to serve consumers better, faster and at a lower cost.”