We are in a unique moment where governments around the globe seem to be trying to take on everything, everywhere, all at once – and in the process often missing the big picture of how policies interact with each other.

The U.S. Congress, states, the European Union (EU), and other countries all seem to be in a race to be the first to fix what they perceive as problems related to tech security, privacy, and innovation. This is especially true in the EU where they often attempt to address what they believe are problems one-by-one instead of holistically. We all want a technology ecosystem that is dynamic and competitive, and that protects security, safety and privacy. But in each domain, by looking too myopically, policymakers can end up attempting to fix one problem only to simultaneously create another – and in many cases undermining basic European values. One analysis found that for the digital sector in the EU (as of the fall of 2023), there were 72 applicable laws, 25 in negotiation, and another 9 planned initiatives. The analysis found: “There are countless overlaps and contradictions, both on the legislative and the enforcement level. This will create huge legal uncertainty and enormous compliance costs that will particularly affect smaller market players like SMEs and startups.”