The new European Commission structure confirms that the center of gravity for digital governance policymaking is firmly anchoring into the tech portfolio, mushrooming around more mature privacy laws. Henna Virkkunen and Michael McGrath are the names to remember as its main architects for the next five years.
The European Parliament was buzzing over the past two weeks as it held confirmation hearings of designate commissioners for the new College of Commissioners. Though many commissioners will have some influence over the tech policy agenda — including those in charge of health, for example, mental health issues related to social media, and those in charge of trade for negotiating digital chapters in trade agreements — the central figure should be Henna Virkkunen, designate executive vice-president for tech sovereignty, security, and democracy, together with Michael McGrath, designate commissioner for democracy, justice and the rule of law.
They both appeared before the European Parliament, each facing a three-hour grilling from no less than eight parliamentary committees covering the breadth of their respective anticipated portfolios. McGrath, Ireland's candidate, served as a politician for over 20 years, most recently as Ireland's finance minister. Finland's Henna Virkkunen has served as a MEP since 2014 after holding several ministerial positions in Helsinki.
Virkkunen and McGrath delivered solid, if slightly plain, performances. They stuck to talking points that had been carefully crafted ahead of time by European Commission's services.
Overall, they both came across as poised and knowledgeable, even when challenged with provocations from a handful of far-right MEPs.
If confirmed, Virkkunen will be tasked with taking the EU's digital ambitions forward, marrying values and competitiveness in her approach. McGrath will focus first and foremost on the application of the rule of law. Democracy is in both their titles, as a signal that the EU is doubling down on centering its political program around values.
Virkkunen talked about AI in the context of "ensuring innovation," and mentioned briefly that she would ensure data sharing for AI purposes is robust and within data protection standards. She was grilled on antitrust and competition in light of the Digital Services Act enforcement. Like her mission letter previewed, she confirmed her first 100 days will include fortifying health care cybersecurity posture.
McGrath was heavily grilled on the rule of law, referring to risks surrounding electoral processes — disinformation and manipulative techniques using AI. The first question he received was from a conservative MEP about the EU General Data Protection Regulation "overburdening" nature.
"We must defend upholding of the GDPR and data protection. They are not contradictory to our objective (Europe's) competitiveness and supporting innovation. But clarity and consistency are important," McGrath responded.
Both addressed the Digital Fairness Act, also the talk of the town these days. As McGrath put it, the DFA will "reinforce consumer protection and complement the European digital rulebook, and not layer additional requirements or duplicate what has already been done."
The new Commission must be elected by simple majority during the plenary session, the week of 25 Nov. If all goes well, the renewed College, including Virkkunen and McGrath, could take office the following week, though that timing is still uncertain as a couple of commissioners designate have yet to convince MEPs to sign off.
Isabelle Roccia, CIPP/E, is the managing director, Europe, for the IAPP.