Europe to take control of its own data

November 27, 2020 |

Europe is taking decisive steps to increase its data protection with proposed legislation to create an EU wide data market which will enable the sharing of industrial and government information under the European standards. This is reported in the Wall Street Journal’s article Europe Doubles Down on Data Protection to Ward Off Silicon Valley, Chinese Influence.  This will probably be critisised as data localisation, a practice that warrants scrutiny given it is much loved by authoritarian governments for less than savoury reasons.   The scheme will involve data not exclusively involving personal information.

This development highlights a belated appreciation of the importance of data and, more importantly, the consequences of losing data, with the consequent trend by governments worldwide to provide greater regulatory control over how data is collected, accessed and used.

The article provides:

The European Union wants to take control of its own data, part of a broader effort to wrest digital influence from large companies in the U.S. and China.

The EU’s executive arm on Wednesday proposed new legislation aimed at creating an EU-wide data marketplace to facilitate sharing of industrial and government information—provided the data is protected according to European standards, under the eyes of the bloc’s regulators.

While Europe has long enforced strict rules around the use and export of European personal information, this would be the first time the bloc has attempted to do something similar for industrial and government data, too. It is part of what officials call a play for data sovereignty.

The data to be covered include public-administration information like healthcare records or census results. Industrial data is a booming field as more factories get wired to the internet, particularly through new 5G networks, and companies mine “big data” for insights and competitive advantage. Proprietary information like blueprints, patented processes and market research is increasingly the target of hacks and theft—and EU officials say companies and public administrations would share more data if they could be assured it would be protected.

One provision of the new law would force companies processing certain government information to shield it from certain types of foreign-government demands to turn it over. While data subject to the law could be exported overseas, companies would need to ensure they are processed with the same protections as required within Europe—and officials don’t rule out future regulations to limit some exports in certain sensitive sectors.

The EU’s General Data Protection Regulation, or GDPR, offers similar protection for personal data.

“The battlefield for industrial data is starting now,” Thierry Breton, European commissioner for the internal market, said of the proposal during an event this week. “While being an open continent, we are not naive,” he added.

The EU proposal is one among many new regulatory salvos aimed at the world’s biggest tech firms. In coming weeks the bloc’s executive arm aims to unveil proposed laws to boost social media companies’ responsibility for and transparency about content they host, to require big platforms to treat smaller companies fairly and to allow competition-enforcers to order changes to business practices more quickly than before.

Wednesday’s focus on data comes as countries world-wide are ramping up measures to take control of their residents’ and companies’ information, at times requiring that the data stay local. China has localization rules for some data. Recently, the U.S. has attempted to force the Chinese parent of video-sharing app TikTok to divest the company to prevent data on American users from being shared with China’s government—something TikTok says it would never allow.

Big U.S. tech companies and internet activists have often decried the trend toward data localization, arguing that could accelerate a slow fragmenting of the internet, which could mean different parts of the world have access to different services and information.

“Unfortunately, the internet is becoming very Balkanized,” said Christian Borggreen, vice president and head of the Brussels office at the Computer & Communications Industry Association, which represents a number of large technology companies. “If you believe in the idea of a singular internet, that is very unfortunate,” he said.

Even as more businesses put their data in the cloud, they have often kept much the information on local servers, particularly European businesses, lawyers and consultants say. That hasn’t stopped American tech firms from leading the cloud market in Europe, however. In the first half of 2020, Inc.’s Amazon Web Services had a 40% market share in Western Europe for the infrastructure and platform cloud markets, followed by Microsoft at 15% and Google at 7.2%, according to IDC.

Europe’s efforts to regulate data—and where it can go—have so far been limited mostly to enforcing privacy rights over personal information. Since the late 1990s, it has been generally illegal for companies to send personal information about EU residents to another part of the world that doesn’t offer essentially equivalent privacy protections to the EU.

But exceptions to those rules, such as special data-protection agreements and specialized contracts, have allowed personal data to flow from the EU. Now, following a July decision from the EU’s top court striking down one of those arrangements and casting doubt on another, such transfers are in jeopardy.

Ireland’s privacy regulator, which oversees Facebook Inc. because its EU headquarters are in Dublin, has told Facebook that it has started an investigation that could lead to its ordering the company to stop sending EU residents’ data to U.S. soil.

The EU proposal Wednesday would also create a system to accredit  a new breed of data brokers to serve as intermediaries between data providers, including companies, government agencies and even individuals, and those who might crunch it. Those brokers wouldn’t be allowed to have side businesses that monetized the data they help share, and would be subject to EU regulators.

The law “will put those that generate the data in the driver’s seat, moving away from the practices of the big tech platforms,” the Commission’s Mr. Breton said Tuesday.  “We are defining a European approach to data sharing.”

Leave a Reply

Verified by MonsterInsights