Policy Brief on the GDPR and the market for service providers, especially European SMEs, to deliver innovations to older adults

• The GDPR introduces new requirements on how to collect and process personal data.

• Informed consent can be hard to achieve for users in general and even harder for older adults with cognitive decline. Evaluating the consequences of data processing can increase the difficulty.

• Artificial Intelligence (AI) can process trivial data elements to generate sensitive data such as political preference or sexual orientation.

• Some of the existing AI services have a requirement to share the data with a third party, spreading the data wider, and thus making informed consent harder.

• Access to large amounts of personal data is important both to train AI and to reach large markets. European SMEs generally do not have access to such data.

• Most SMEs cannot compete with services delivered at zero cost. Are there ways for the GDPR to give European SMEs better access to the market of online services?