Cybersecurity for personal data
“Europe’s digital economy is still strongly split along closed national lines. This is holding Europe back from its broader digital growth. Our proposal, together with EU personal data protection rules will enable the free movement of all types of data in the single market. The free flow of data will make it easier for SMEs and startups to
develop new innovative services and to enter new markets.” Said Andrus Ansip, Vice-President for the Digital Single Market.
To unlock the full potential of the EU data economy, the Commission is proposing anew set of rules to
govern the free flow of non-personal data in the EU. Together with the already existing rules for personal data, the new measures will enable the storage and processing of non-personal data across the Union to boost the competitiveness of European businesses and to modernise public services in an effective EU single market for data services. Removing data localisation restrictions is considered the most important factor for the data economy to double its value to 4% of GDP in 2020.
Mariya Gabriel, the Commissioner for the Digital Economy and Society, said: “To ensure Europe’s success in the new era of the digital economy, we need solid and predictable rules for the circulation of data. Citizens and businesses will benefit from better products and services as more and more data becomes available for data-driven innovation. Removing obstacles to cross-border data flows is essential for a competitive European data economy.”
Free flow of non-personal data
A clear, comprehensive and predictable framework will contribute to a more competitive and integrated EU market for data storage and data processing services. The framework proposes
The principle of free flow of non-personal data across borders: Member States can no longer oblige organisations to locate the storage or processing of data within their borders. Restrictions will only be justified for reasons of public security. Member States will have to notify the Commission of new or existing data localisation requirements. The free flow of non-personal data will make it easier and cheaper for businesses to operate across borders without having to duplicate IT systems or to save the same data in different places.
The principle of data availability for regulatory control: Competent authorities will be able to exercise their rights of access to data wherever it is stored or processed in the EU. The free flow of non-personal data will not affect the obligations for businesses and other organisations to provide certain data for regulatory control purposes.
The development of EU codes of conduct to remove obstacles to switching between service
providers of cloud storage and to porting data back to users’ own IT systems.
Benefits for businesses and people
The new rules will increase legal certainty and trust for businesses and organisations. They will alsoclear the way for a truly EU single market in data storage and processing, leading to a competitive, safe and reliable European cloud sector and to lower prices for users of data storage and processing services. As the aim of the new rules is to increase trust, companies are expected to use more cloud services and to feel re-assured when entering new markets. They will also be able to move their inhouse IT-resources to the most cost-effective locations. Ultimately, this means an estimated additional growth of EU GDP by €8 billion per year.
The new measures complement the personal data protection legislation as an additional step towards a truly functional common European data space.