Tag Archive: european commission

EUROPE: Let the data flow!

By Patrick Van Eecke and Charlotte Suffys

The European Commission is further developing its Digital Single Market strategy. The strategy envisions to (i) provide better access to digital goods, (ii) create a good environment for digital networks and innovative services, (iii) maximise growth of a European Digital Economy. Earlier this month, the Commission published its Inception Impact Assessment titled ‘European free flow of data initiative within the Digital Single Market, which reiterates the detriment to the Digital Economy when data is required to stay local. The European Free Flow of Data Initiative is a key component of the Digital Single Market strategy which complements other actions of the Commission exampled by the launch of a European Cloud Initiative. The European Free Flow of Data Initiative will impact sectors like the health sector, the financial sector but as well the legal sector.

The Inception Impact Assessment follows a web-based public consultation on the regulatory environment for data and cloud computing which was concluded at the beginning of January 2016. The public consultation highlighted the need to address data location restrictions, legal and technical restrictions to the free flow of data. It also highlighted the need to create new frameworks for ‘data liability’ and to provide guidance on merging issues around data access and associated mechanisms, data ownership, data usage, and data transfers. After the public consultation, a consultation workshop specified to the free flow of data was held to further focus on these issues.

Aside from the legal uncertainty of emerging concepts which are currently often constructed by contractual means, the Inception Impact Assessment details four problem drivers for the free movement of data:

  • Problem 1: Diverging data location restrictions and approach in the Member States,.
  • Problem 2: Unjustified or disproportionate data location restrictions in specific sectors or situations.
  • Problem 3: The lack of European defined standards and practices on network, information security, prevention and investigation is causing data location restrictions.
  • Problem 4: Commercial users apply self-imposed data location restrictions in light of legal uncertainty and the lack of transparent requirements.

The Commission report indicates that the focus of the regulatory intervention is directed at tackling data location restrictions and that emerging issues will only be dealt with in a Communication at this point.

Although it is still an open question if intervention would be preferred under a legislative instrument or if soft-law approaches are recommended to reduce data location restrictions, it is clear that – when mapping the options for the European Commission to take action – data location restrictions, fragmentation and weakness in sectoral policies would remain in existence without EU action.

The Inception Impact Assessment only announces the very start of the Commission’s decision-making process which will be followed by a legislative proposal and an accompanying Impact Assessment. In the meantime the Inception Impact Assessment remains open for feedback.

Please feel free to contact Patrick Van Eecke to learn more about the data policy objective of the European Commission.

Permanent link to this article: http://blogs.dlapiper.com/privacymatters/europe-let-the-data-flow/

EUROPE – Recent survey finds that data protection remains a major concern for EU citizens

By Patrick van Eecke and Mathieu Le Boudec

A recent survey commissioned by the European Commission reveals that data protection remains an important concern for EU citizens.

Key findings of the survey are that:

Control over personal data

  • More than eight out of ten respondents feel that they do not have complete control over their personal data they provide online.
  • Two-thirds of these respondents are concerned about not having complete control over their personal data.
  • Respondents are most concerned about the recording of their activities via payment cards and via mobile phones.

Disclosure of personal data

  • Seven out of ten respondents say that providing personal information is an increasing part of modern life and accept that there is no other alternative than to provide it if they want to obtain products or services.
  • Over half of respondents disagree that providing personal information is not a big issue for them.
  • A majority of people are uncomfortable about Internet companies using information about their online activity to tailor advertisements.
  • Two-thirds of respondents think it is important to be able to transfer personal information from an old service provider to a new one.

Management of personal data by other parties and perceived risks

  • Nearly seven out of ten respondents say that their explicit approval should be required in all cases before their data is collected and processed.
  • Roughly seven out of ten people are concerned about their information being used for a different purpose from the one it was collected for.
  • Almost all respondents say they would want to be informed should their data be lost or stolen.
  • Two-thirds of people think the public authority or private company handling the data should be the ones to inform them if it has been lost or stolen.

Privacy policies

  • Only a fifth of respondents fully read privacy statements.
  • Most respondents do not read these statements because they find them too long to read, unclear or too difficult to understand.

According to the European Commission these results confirm the need to finalise the on-going data protection reform.

The complete report can be consulted here, a 25-pages summary here and a short fact sheet here.


For further information, please contact Patrick.VanEecke@dlapiper.com or Mathieu.LeBoudec@dlapiper.com.

Permanent link to this article: http://blogs.dlapiper.com/privacymatters/europe-recent-survey-finds-that-data-protection-remains-a-major-concern-for-eu-citizens/

EUROPE: Data Protection Regulation Vote

In a vote today, the European Parliament has given its formal approval to its version of the new European Data Protection Regulation. With an approval given by 621 for, 10 against, 22 abstentions, the path is now set for the next phase of negotiation and agreement concerning the proposals.


Although many groups will be pleased with the outcome, there remains concern in the business community on the practical implications of implementing the text in its current draft form. The process of determining the final framework of the reform is now dependent upon agreement being reached at Council level, with Member States still seemingly far away from a consolidated approach. Outstanding issues include the approach to third country data transfers, the use of automated profiling, the obligations of the controller and processor and the concept of the ‘one-stop-shop’, amongst others.


The objective which has now been set in the European Union is to seek agreement at Council level before the Ministerial meeting scheduled in June 2014, with a view to establishing a common position at this point. By keeping to this timetable, the process of the trilogue negotiation between the three EU institutions can commence to find an agreed approach to the new legal framework after the summer recess period this year.

Permanent link to this article: http://blogs.dlapiper.com/privacymatters/europe-data-protection-regulation-vote/