Small, but highly digital, Estonia took over the rolling presidency of the EU on July 1, and in a clear signal to the rest of Europe about what it will prioritize, its first big event was on data flow in the Digital Single Market.
Almost 500 companies, representatives of the public sector from 31 countries, Competitiveness and Telecommunications Ministers from EU member states, members of the European Parliament, and representatives from the European Commission were all present. The line-up included academics, Uber, Meeco, Belron and BigDataScoring, but no one from digital rights or consumer groups.
“The Estonian presidency should have included NGOs,” said Estelle Masse, Senior Policy Analyst from AccessNow. “There were some of us in the room, but we shouldn’t have to shout from the sidelines to make the voice of the citizens heard. Protecting personal data requires having everyone at the table, not just the big companies or public authorities.”
“There was some good content about distinguishing between personal data, big data and publically available data, but without the trust of users, none of the potential benefits will be realised,” she added.
No Digital Single Market without data flow
The general consensus among attendees, was that the so-called Digital Single Market cannot be created without data flow between countries. Working out how to ensure that data was secure and trusted, proved trickier.
“We must not forget that the free movement of data has its perils as well,” said Alex Pentland professor at MIT and one of the most influential data scientists in the world. “Ensuring the privacy of personal data is very important in moving and sharing of large amounts of data. The value of data will grow exponentially even if we can compare it anonymously,” he continued.
The new European Commissioner for all things digital, Mariya Gabriel, was also present to give her first major speech since being appointed. She focussed on the economics: “The value of the EU data economy was €300 billion in 2016, representing 1.99 % of GDP. In 2016, there were 254.000 data companies, 661.000 data user companies and 6.16 million data professionals employed.”
“If the right policy and legislative framework conditions are put in place in time, the value of the data economy can increase to €739 billion by 2020 representing 4% of the overall EU GDP and the number of employed data professionals can increase to 10.43 million. The removal of data localization restrictions could generate by itself up to €8 billion per year,” she continued.
The Commission announced earlier this year that it would look into ways to improve data flow. Although the EU GDPR (General Data Protection regulation) fully regulates the processing of personal data – including machine generated data that identifies a natural person — it does not cover non-personal data when they are industrial or machine generated.
Need to address data localization
In February the Commission vowed to take “appropriate, enforcement actions and, if necessary, take further initiatives to address unjustified or disproportionate data location restrictions.” It is also in talks with national governments about ways to reduce data localization restrictions.
“To create the right conditions for the European Data Economy to flourish, we need to look into aspects such as data ownership, data transfer, data availability and liability issues and into improving portability of data. For example, who owns data, where responsibility should lie if an automated device makes the wrong choice, how can a company easily switch its data between cloud service providers without facing high costs?” said Gabriel.
According to Estonia, the free movement of data should be the fifth freedom next to the already established freedoms of European citizens.
Gabriel’s boss, Vice-President Andrus Ansip in charge of the Digital Single Market also railed against artificial restrictions and bottlenecks holding up the freedom of data flow.
“We urgently need to address data localization rules,” he said. “Data is not only the basis of our digital future and prosperity. It is a valuable resource in itself. Keeping that resource unnecessarily stuck in national data centres or in a certain geographic area means that it cannot be used to its full potential.”
“The core of the problem remains the same: national requirements on processing, storage and transfer of data. You could also call them data protectionism, or data nationalism,” he added.
Free movement of data as basic principle
Ansip said that the problem is a lack of legal clarity that leads organisations to conclude that data localization should be the default option. “We want to avoid this,” said Ansip. “One way forward would be to establish free movement of data as a basic principle in EU law. We are also working on other principles in this package such as the principle of availability of data, even when it is stored in other EU countries, when public authorities need it. Commission experts are now working on an impact assessment, which is a necessary step before making any legal proposal. On that basis, we would prepare such a proposal, with the aim of presenting it this autumn.”