ACT | The App Association represents app developers and small tech businesses creating new innovations in all parts of the globe. For Member Monday this week, we feature one of our European members, Barefoot&Co, whose in-house startups develop some of the most exciting mobile services. In order for companies like Barefoot&Co, and the startups they foster, to grow and become successful, customers need to trust their data are being handled safely and lawfully. The proposed Regulation on European Production and Preservation Orders gives businesses and customers that peace of mind.

Based in Brussels, Belgium, Barefoot&Co is a corporate startup studio. They identify opportunities of new businesses for their customers, primarily French and Belgian corporations. With the investment from their corporate partners, Barefoot&Co. recruits teams for the startups and provides a key advantage to these fledgling businesses. Barefoot&Co. provides their startups with everything and anything. From administrative support – like human resources and finances – to design, strategy, and communications, Barefoot&Co’s corporate studio caters to every stage of a startup’s lifecycle, so the startups can focus solely on their products.

Since Augustin van Rijckevorsel founded Barefoot&Co in 2015, seven businesses and products have been launched, and five more have been accepted in the accelerator program. Barefoot&Co can identify, test, and integrate emerging tech and innovative business models through their cutting-edge co-creation model. Once a startup is through the first steps—iterative analysis and feasibility study—Barefoot&Co matches them with experts in their field to create a joint venture. Through this joint venture, entrepreneurs can create efficient business models, benefit from collaboration with experts in their community, and take their business from idea to launch.

A Matter of Consumer Trust

The success of Barefoot&Co, and the companies in which they invest, is grounded in the trust established between their startups and customers. For example, Freeedrive, one of Barefoot&Co’s many successful graduates, uses fleet management software via a mobile app for safer and cheaper company vehicle fleets. The app monitors driving and flags unsafe behaviors, like improper phone use. This encourages drivers to adopt a more responsible driving style and improves overall safety. Companies that use Freeedrive’s innovative software can prevent about 23 percent of car accidents due to phone use while driving, saving up to €25k per year on a fleet of 100 vehicles.

Oftentimes, Barefoot&Co’s cohort companies handle data that is stored off-premises in data servers located outside of Belgium. This means that when law enforcement agencies in Europe need to access this data for the purposes of a criminal investigation, Barefoot&Co is required to comply with multiple sets of regulations that can span across several countries. This can place Barefoot&Co, and its subsidiaries, in a difficult position that fundamentally undermines the relationship and trust built up over a long period of time.

The threat of compromised trust is not the only issue when it comes to law enforcement’s access to data; the cost of complying is another factor. Although most companies willingly comply with law enforcement’s requests for data, the financial implications can be significant. For example, if a small company receives multiple requests, or even a single request in an emergency, they could face high financial penalties if they are not able to comply with the varying regulation structures, timelines, and laws that conflict from country to country.

Thankfully, the proposed Regulation on European Production and Preservation Orders aims to streamline this process. It gives law enforcement a standard set of rules to access data while giving legal certainty to companies like Barefoot&Co and their subsidiaries.

Greater Transparency, Greater Trust

The proposed regulation will give companies a single framework to follow when law enforcement requests data, regardless of what EU member country the company is in, or where the data is stored. This clarity means companies will have a standard process for when and how to comply with any requests for data they receive, clearing up the uncertainty and much of the financial burden associated with these sorts of requests. Specifically, the regulation proposes a timeline for companies to respond to the law enforcement request and implements safeguards like the right to request a review or judicial input to protect the rights of all citizens. The proposed regulation is not perfect, however. The App Association along with more than forty small businesses, which include some of our members, have recommended a number of changes before it is finalized, including giving small businesses like Barefoot&Co more time to respond to non-emergency requests among other changes to make compliance more manageable.

The App Association is proud to be working with app developers across the EU to ensure that the proposed framework reflects a balance between appropriate due process and transparency safeguards to protect against unreasonable or unlawful intrusion, while also recognizing law enforcement’s commitment to keeping citizens safe.