Free flow of non-personal data

08 ottobre 2018

New rules aimed at removing obstacles to the free movement of non-personal data within the EU for companies and public authorities were adopted by MEPs. Parliament approves EU’s fifth freedom 

 

This EU law, already provisionally agreed with the Council, will prohibit national rules requiring that data be stored or processed in a specific member state. Non-personal data includes, for instance, machine-generated data or commercial data. Specific examples are aggregated datasets used for big data analytics, data on precision farming that can help to monitor and optimise the use of pesticides and water, or data on maintenance needs for industrial machines. Restrictions on the location of data will only be allowed on grounds of public security, as defined in the Treaties and as interpreted by the EU Court of Justice. Any remaining data localisation requirements will have to be communicated to the European Commission and published online, in order to ensure compliance and transparency. Access to and porting of data The rules ensure that competent authorities will have access to data processed in another member state for regulatory control purposes, such as for inspection and audit. They also foresee the creation of codes of conduct by market players, to make it easier for professional users to switch cloud-service providers and transfer data back to their own IT systems. The Commission will monitor the development and the effective implementation of these codes of conduct within specific deadlines. Data sets composed of both personal and non-personal data In the case of data sets composed of both personal and non-personal data, the free flow regulation will apply to the non-personal data part of the set. Where personal and non-personal data are inextricably linked, this regulation shall not prejudice the application of the new EU data protection rules (GDPR), applicable since 25 May 2018. Thus, the two regulations do not overlap, but will complement each other.

This EU law, already provisionally agreed with the Council, will prohibit national rules requiring that data be stored or processed in a specific member state. Non-personal data includes, for instance, machine-generated data or commercial data. Specific examples are aggregated datasets used for big data analytics, data on precision farming that can help to monitor and optimise the use of pesticides and water, or data on maintenance needs for industrial machines. Restrictions on the location of data will only be allowed on grounds of public security, as defined in the Treaties and as interpreted by the EU Court of Justice. Any remaining data localisation requirements will have to be communicated to the European Commission and published online, in order to ensure compliance and transparency. Access to and porting of data The rules ensure that competent authorities will have access to data processed in another member state for regulatory control purposes, such as for inspection and audit. They also foresee the creation of codes of conduct by market players, to make it easier for professional users to switch cloud-service providers and transfer data back to their own IT systems. The Commission will monitor the development and the effective implementation of these codes of conduct within specific deadlines. Data sets composed of both personal and non-personal data In the case of data sets composed of both personal and non-personal data, the free flow regulation will apply to the non-personal data part of the set. Where personal and non-personal data are inextricably linked, this regulation shall not prejudice the application of the new EU data protection rules (GDPR), applicable since 25 May 2018. Thus, the two regulations do not overlap, but will complement each other.

Archivio news

 

News dello studio

mar20

20/03/2019

European Commission fines Google €1.49 billion for abusive practices in online advertising

Today, the European Commission has fined Google €1.49 billion for breaching EU antitrust rules. Google has abused its market dominance by imposing a number of restrictive clauses in contracts with

mar18

18/03/2019

BEREC delivers on the first tasks under the European Electronic Communications Code

On march 18, 2019, Berec issued guidelines on intra-EU communications. In the light of the new European Electronic Communications Code, the Board of Regulators of the Body of European Regulators

mar18

18/03/2019

Dismissioni e trasferimento utenze

In data 11 marzo 2019, in merito agli obblighi di cui alla delibera 487/18/cons, di cui alle comunicazioni già intercorse sul punto nei mesi di dicembre e gennaio, l’Agcom ha reso pubblicato