This post is also available in: Español
The European Commission (EC) published its European strategy for data for the coming years. This strategy seeks to map the digital economy model that the European Union (EU) intends to implement. The cornerstones of this strategy are (i) the free flow of non-personal data across Member States, (ii) the protection of individual rights and freedoms and (iii) the widespread access to public sector data.
The EU had already taken some steps in this direction before publishing the strategy, including the General Data Protection Regulation, which updated and strengthened European citizens’ data-related rights. The Regulation on a framework for the free flow of non-personal data, the Cybersecurity Act and the Open Data Directive were also milestones for the EC objectives regarding the EU’s digital economy.
The EU has also adopted sector-specific provisions (i) to enhance the flow of data and (ii) to allow for digital economy growth in the Union. The affected sectors include motor vehicles, payment service providers, the information from smart meters for electricity and gas, or intelligent transport systems.
These provisions intend to solve the main European digital economy issues, including difficult access to personal and non-personal data. The strategy thus emphasizes data sharing by public bodies, not only with other public bodies, but also with companies that can use these data generated by the public sector to improve their innovative capacity or their business models.
The EC is also concerned about possible imbalances in the access to and use of data. For example, the strategy refers to large platforms accumulating significant amounts of data, which give them market insights and thus competitive advantages. Specifically, the strategy intends to mitigate these imbalances by using machine-generated data.
The EC is also concerned about the lack of interoperability and low data quality, particularly regarding AI deployment. The strategy aims to encourage the use of technical standards allowing for (i) greater interoperability between data infrastructures and (ii) higher quality when collecting data.
Due to the increasing complexity of data collection and analysis systems, data processors must provide appropriate rules on data use according to established purposes that also benefit society and the economy. Therefore, the strategy prioritizes the implementation of data governance policies.
The EC is also concerned about the infrastructures and technologies for data collection and storage. As the amount and quality of data increases, there will be a greater need for safe data infrastructures and technologies allowing to process data in accordance with the applicable rules.
Cybersecurity also concerns the EC. Therefore, the strategy addresses cybersecurity issues. This line of work is founded on Directive 2016/1148 on security of network and information systems (NIS) and Regulation 2019/881 on cybersecurity.
Aside from technological aspects, the EC notes that data literacy and the data sharing culture need improvement. The EC emphasizes the need to give the population sufficient skills and knowledge to provide any necessary services in order to achieve a leading digital economy based on data processing.
Finally, the EC considers necessary to raise citizens’ awareness about (i) the importance of their data-related rights and freedoms and (ii) the ways of exercising these rights.
The strategy lays down several actions with the aim of addressing the abovementioned concerns:
- Proposing a legislative framework for the governance of common European data spaces (Q4 2020), whether G2B, B2B, or B2G.
- Adopting an implementing regulation on high-value data sets (Q1 2021).
- Proposing a Data Act (2021).
- Analyzing the importance of data in the digital economy and reviewing the existing policy framework in connection with the Digital Services Act package (Q4 2020).
The EC action plan indicates that in coming years there will be (i) major digital economy improvements and (ii) an easier flow of data in the EU. This is an excellent time for companies to rethink their personal and non-personal data strategies based on the new legislative framework.
Authors: Pedro Méndez de Vigo and Jorge Monclús
This post is also available in: Español