Content Assessment: The Data Governance Act: A New Way of European Data Governance
Information - 95%
Insight - 95%
Relevance - 90%
Objectivity - 90%
Authority - 100%
A short percentage-based assessment of the qualitative benefit of the overview and embedded content related to the proposed EU Data Protection Act as shared in this recent post by ComplexDiscovery.
Editor’s Note: Data governance refers to a set of rules and means to use data, for example through sharing mechanisms, agreements, and technical standards. It implies structures and processes to share data in a secure manner, including through trusted third parties. Recently the European Commission published a proposed Regulation of the European Parliament and of the Council on Data Governance (Data Governance Act). The proposal aims to foster the availability of data for use by increasing trust in data intermediaries and by strengthening data-sharing mechanisms across the European Union. Shared with permission,* the media release, core proposal, and corresponding questions and answers document are provided for your consideration and use as legal, business, and information security professionals in the eDiscovery ecosystem.
The Data Governance Act (Data Policy and Innovation Team – Unit G.1)
Media Release – November 25, 2020
Commission Proposes Measures to Boost Data Sharing and Support European Data Spaces
To better exploit the potential of ever-growing data in a trustworthy European framework, the Commission today proposes new rules on data governance. The Regulation will facilitate data sharing across the EU and between sectors to create wealth for society, increase control and trust of both citizens and companies regarding their data, and offer an alternative European model to data handling practice of major tech platforms.
The amount of data generated by public bodies, businesses, and citizens is constantly growing. It is expected to multiply by five between 2018 and 2025. These new rules will allow this data to be harnessed and will pave the way for sectoral European data spaces to benefit society, citizens, and companies. In the Commission’s data strategy of February this year, nine such data spaces have been proposed, ranging from industry to energy, and from health to the European Green Deal. They will, for example, contribute to the green transition by improving the management of energy consumption, make delivery of personalized medicine a reality, and facilitate access to public services.
Executive Vice-President for A Europe Fit for the Digital Age, Margrethe Vestager, said: “You don’t have to share all data. But if you do and data is sensitive you should be able to do in a manner where data can be trusted and protected. We want to give business and citizens the tools to stay in control of data. And to build trust that data is handled in line with European values and fundamental rights.”
Commissioner for Internal Market, Thierry Breton, said: “We are defining today a truly European approach to data sharing. Our new regulation will enable trust and facilitate the flow of data across sectors and Member States while putting all those who generate data in the driving seat. With the ever-growing role of industrial data in our economy, Europe needs an open yet sovereign Single Market for data. Flanked by the right investments and key infrastructures, our regulation will help Europe become the world’s number one data continent.”
Delivering on the announcement in the data strategy, the Regulation will create the basis for a new European way of data governance that is in line with EU values and principles, such as personal data protection (GDPR), consumer protection, and competition rules. It offers an alternative model to the data-handling practices of the big tech platforms, which can acquire a high degree of market power because of their business models that imply control of large amounts of data. This new approach proposes a model based on the neutrality and transparency of data intermediaries, which are organizers of data sharing or pooling, to increase trust. To ensure this neutrality, the data-sharing intermediary cannot deal in the data on its own account (e.g. by selling it to another company or using it to develop their own product based on this data) and will have to comply with strict requirements.
The Regulation includes:
- A number of measures to increase trust in data sharing, as the lack of trust is currently a major obstacle and results in high costs.
- Create new EU rules on neutrality to allow novel data intermediaries to function as trustworthy organizers of data sharing.
- Measures to facilitate the reuse of certain data held by the public sector. For example, the reuse of health data could advance research to find cures for rare or chronic diseases.
- Means to give Europeans control on the use of the data they generate, by making it easier and safer for companies and individuals to voluntarily make their data available for the wider common good under clear conditions.
Today’s proposal is the first deliverable under the European strategy for data, which aims to unlock the economic and societal potential of data and technologies like Artificial Intelligence, while respecting EU rules and values (for example in the area of data protection, and respect of intellectual property and trade secrets). The strategy will build on the size of the single market as a space where data can flow within the EU and across sectors in line with clear, practical and fair rules for access and reuse. Today’s proposal also supports wider international sharing of data, under conditions that ensure compliance with the European public interest and the legitimate interests of data providers.
More dedicated proposals on data spaces are expected to follow in 2021, complemented by a Data Act to foster data sharing among businesses, and between business and governments.
Data Governance Act
Regulation on Data Governance – Questions and Answers
* Redistributed with Permission Under the Creative Commons Attribution 4.0 International (CC BY 4.0) Licence
- From Metadata to Mass Surveillance? European Data Retention Revisited
- The Age of Consent? European Data Protection Board Guidelines on Consent Under the GDPR