The European Parliament, Council and Commission reached a political agreement late Tuesday on new rules that will allow data to be stored and processed everywhere in the EU without unjustified restrictions.
The new rules will also support the creation of a competitive data economy within the Digital Single Market.
The agreement will “drive technological innovations and new business models and create a European data space for all types of data,” said the EC’s Digital Single Market vice-president Andrus Ansip. While the Commissioner for the Digital Economy Mariya Gabriel said: “The European data economy can become a powerful driver for growth, create new jobs and open up new business models and innovation opportunities.”
The new rules will remove barriers hindering the free flow of data, and boost Europe’s economy by generating an estimated growth of up to 4% GDP by 2020, says the EU executive.
The new free flow of non-personal data rules will:
- Ensure the free flow of data across borders: the new rules set a framework for data storing and processing across the EU, prohibiting data localisation restrictions. Member States will have to communicate to the Commission any remaining or planned data localisation restrictions to the Commission in limited specific situations of public sector data processing. The Regulation on free flow of non-personal data has no impact on the application of the General Data Protection Regulation (GDPR), as it does not cover personal data. However, the two Regulations will function together to enable the free flow of any data – personal and non-personal – thus creating a single European space for data. In the case of a mixed dataset, the GDPR provision guaranteeing free flow of personal data will apply to the personal data part of the set, and the free flow of non-personal data principle will apply to the non-personal part.
- Ensure data availability for regulatory control: Public authorities will be able to access data for scrutiny and supervisory control wherever it is stored or processed in the EU. Member States may sanction users that do not provide access to data stored in another Member State.
- Encourage creation of codes of conduct for cloud services to facilitate switching between cloud service providers under clear deadlines. This will make the market for cloud services more flexible and the data services in the EU more affordable.
The Commission stresses that the agreed measures are in line with existing rules for the free movement and portability of personal data in the EU.