European Commission will launch initiative against data localisation
Thu 29 Sep 2016
Andrus Ansip, Vice President for the Digital Single Market in the European Commission, has announced in a speech in Slovakia that the European Commission will launch an initiative later this year to combat the security-driven impetus for countries to store information within their own borders.
Ansip was speaking at Digital Assembly 2016 in Bratislava, and painted a vision of a data-driven future threatened by timidity over issues of data governance, and committed the European Union to mitigating this, commenting that ‘if data does not flow freely across the EU, then the growth potential of the digital economy in Europe will be limited’.
The VP criticised those who advocate cross-border data restrictions on the grounds of data protection and security, in effect criticising the very notion of data governance which recently found Microsoft establishing UK data centres for its Azure and Office 365 offerings in order to comply with governmental edicts regarding the location of information storage.
“The vast majority of these constraints have nothing to do with protecting privacy or fighting security threats. Let me give you few examples. Why should company data, tax data, book-keeping data, financial and all health data be stored forcibly inside particular borders in a single market? What the public authorities need, in terms of data, is access rather than storage.
“Denmark is a good example. Denmark recently changed its laws on book-keeping data. Danish companies can now store their data anywhere, as long as tax authorities have full access. Forcible data localisation rules will not lead to better protection, but to fragmentation. This will be to the detriment of benefits for citizens, consumers, SMEs and society.”
Ansip cited the establishment of Europe’s General Data Protection Regulation (GDPR) framework as a statement of intent for the spirit in which the union wants to go forward with new regulations and practices around data governance, and insisted that security and effective data protection can be made possible without any ‘artificial rules on data localisation’.
“So, later this year,” he said, “we will present an initiative to tackle unnecessary restrictions on where data is located. We will also look at legal issues surrounding data ownership and management, use and reuse of data, access to data – to prevent any of them from stifling innovation.”
The GDPR was established in April this year, coming into force in May 2018 after 24 months of transition. The framework has many implications, not least of which being that it will provide a central authority for consumers and businesses to interact with.