The new Regulation (EU) 2018/1807 on a framework for the free flow of non-personal data in the EU (Free Flow of Non-Personal Data Regulation), which we discussed in a previous blog, became applicable from 28 May 2019. Together with the General Data Protection Regulation (EU) 2016/679 (GDPR), the two regulations now provide a “comprehensive framework for a common European data space and free movement of all data within the European Union”. The European Commission has published practical guidance to help users understand the interaction between these two regulations.
Continue Reading European Commission issues guidance on the free flow of non-personal data in the EU

In September 2017, we published a blog that outlined the Commission’s proposal for a framework on this subject (you can view our blog here). In June 2018, we further reported that the European Parliament, Council of the European Union and the European Commission had reached a political agreement on the rules for the free

You may well remember our blog from last year which outlined the Commission’s proposal for a framework in relation to the free flow of non-personal data in September 2017 (you can view our blog here).

On 19 June 2018, the European Parliament, Council and the European Commission reached a political agreement on the rules that will allow data to be stored and processed everywhere in the EU, without unjustified restrictions.

In addition to supporting the creation of a competitive data economy within the Digital Single Market, these new rules will remove barriers which hinder the free flow of data. Predictions suggest that this could boost Europe’s economy by an estimated growth of up to 4 per cent GDP by 2020. You can find more information on the European Commission’s website.

Key objectives

The new rules on the free flow of non-personal data will:

  • Ensure the free flow of data across borders: this will prohibit data localisation restrictions permitting organisations to be able to store data anywhere in the EU. Also, requiring Member States to communicate to the Commission any remaining or planned data localisation restrictions in “limited specific situations of public sector data processing”.
  • Ensure data availability for regulatory control: allowing public authorities to access data – for scrutiny and supervisory control – despite where it is stored and/or processed in the EU. Also, Member States may sanction users that do not provide access to data stored in another Member State.
  • Encourage creation of codes of conduct for cloud services: to facilitate switching between cloud service providers under clear deadlines. The Commission states that this “will make the market for cloud services more flexible and the data services in the EU more affordable”.

Continue Reading EU reaches agreement on rules allowing free flow of non-personal data

The European Commission has issued a proposal for a new Regulation on the free flow of non-personal data (“the Proposal”).

Background

The Commission adopted a Communication in January 2017 on “Building a European Data Economy”, in which its work on free flow of data was announced in the context of actions to enhance the data economy. The Commission then launched a public consultation and dialogue with stakeholders to gather further evidence on the issues restricting the free flow of data.

The Commission has identified the main obstacles that preclude free flow of data in the Digital Single Market as follows:

  • Unjustified data localisation restrictions by Member States’ public authorities
  • Legal uncertainty about legislation applicable to cross-border data storage and processing
  • A lack of trust in cross-border data storage and processing linked to concerns among Member States’ authorities about the availability of data for regulatory scrutiny purposes
  • Difficulties in switching service providers (such as cloud) because of vendor lock-in practices. The Proposal is intended to address these obstacles and remove barriers to data mobility. This is important for the data economy because removing data localisation restrictions is expected to generate additional growth of up to 4% GDP by 2020 (as estimated by Deloitte in one of the support studies). It will also drive down the cost of data services, providing customers greater flexibility in organising their data management and data analytics, while expanding their use and choice of providers.

In practice, these obstacles mean that a business may not be or feel free to make full use of cloud services, choose the most cost-effective locations for IT resources, switch between service providers, or port its data back to their own IT systems. The Commission considers that with the principle of free flow of non-personal data, businesses can avoid duplication of data at several locations, may feel more confident to enter new markets, and scale-up their activities more easily.

The Proposal is intended to address these obstacles and remove barriers to data mobility. This is important for the data economy because removing data localisation restrictions is expected to generate additional growth of up to 4% GDP by 2020 (as estimated by Deloitte in one of the support studies). It will also drive down the cost of data services, providing customers greater flexibility in organising their data management and data analytics, while expanding their use and choice of providers.
Continue Reading Proposal for a Regulation on the free flow of non-personal data in the EU