New step towards adopting a Data Governance Act

2021-10-11T16:43:00
Spain

The Council of the European Union issues statement on the new Data Governance Law

New step towards adopting a Data Governance Act
October 11, 2021

On October 1, the Council of the European Union (“EU”) issued a press release sharing its views on the new Data Governance Act (“DGA”). It is a remarkable proposal for being one of the essential parts of the recent European strategy for data.

The EU is well-known for its extensive regulation and protection of personal data, centered around the famous General Data Protection Regulation (“GDPR”). However, it has a completely different perspective regarding non-personal data, focusing more on the sharing and flow of data to promote an open use.

The European Commission’s new plan considers non-personal data essential to implement the EU digital transformation. Regarding data,  this strategy is based on (i) the free flow of non-personal data across Member States; (ii) the protection of individual rights and freedoms; and (iii) the widespread access to public sector data.

This is the context of the DGA, which supplements the already applicable Open Data Directive (“ODD”) adopted in 2019 by the European Parliament and the Council of the EU.

This new legislative initiative will entail the following data-related developments in Europe:

  • Further advancing the ODD: the DGA would encourage the promotion and reuse of public sector data, including, to the extent possible, data subject to third-party rights. For these data, the DGA provides a specific mechanism allowing them to be used without breaching the privacy and confidentiality requirements applicable to them.
  • Encouraging the altruistic and open sharing of data by private entities, to (a) create positive externalities arising from that flow of data; and (b) improve the digital economy as a whole.
  • Creating a regulatory framework for data intermediation services, which play a central role in the new European strategy for data.
  • Creating the European Data Innovation Board, seeking (a) that the DGA be correctly applied; and (b) to enhance the interoperability of data intermediation services.
  • Creating safeguards against illegal international non-personal data transfers, partly following the GDPR’s model.

We still need to see how this proposal develops during its processing, since it has to complete the remaining stages of the EU legislative process. The overall impact of this new DGA also remains unclear. Most importantly, we will see if it becomes just another provision on the EU’s digital policy or if it ends up being the new global standard for this type of data, as is the GDPR.

October 11, 2021