Out-Law News 1 min. read
20 Jun 2018, 11:54 am
The European Parliament, Council of Ministers and European Commission reached political consensus on a new regulation on the free flow of non-personal data.
"The new rules set a framework for data storing and processing across the EU, prohibiting data localisation restrictions," the Commission said in a statement. "Member states will have to communicate to the Commission any remaining or planned data localisation restrictions to the Commission in limited specific situations of public sector data processing."
"The Regulation on free flow of non-personal data has no impact on the application of the General Data Protection Regulation (GDPR), as it does not cover personal data. However, the two Regulations will function together to enable the free flow of any data – personal and non-personal – thus creating a single European space for data. In the case of a mixed dataset, the GDPR provision guaranteeing free flow of personal data will apply to the personal data part of the set, and the free flow of non-personal data principle will apply to the non-personal part," it said.
The Commission previously said that the removal of unjustified restrictions on where data is stored and processed could deliver an €8 billion boost to the EU economy, as well as provide for substantial environmental benefits.
It said "data localisation" measures are a barrier to "the wider adoption of cloud storage and computing" and that "a more efficient use of IT resources could contribute to the reduction of energy consumption and carbon emissions by net 30% or more".
"The global energy-efficient data centre market is expected to grow to almost €90 billion by the end of 2020," the Commission said when it tabled the initial proposals in January 2017. "A fragmented data services market would hinder the full development of these more energy-efficient services in the EU and also put at risk the willingness to invest."
The Commission said a new "principle of free movement of data within the EU" should guide decision making by EU countries affecting data storage or processing. Observing that principle would serve as "as a corollary of their obligations under the free movement of services and the free establishment provisions of the Treaty [on the Functioning of the EU] and relevant secondary legislation", it said
In its latest statement, the Commission said the proposed new regulation would provide EU regulators with the ability to scrutinise data regardless of where it is stored, and encourage the creation of new codes of conduct "to facilitate switching between cloud service providers under clear deadlines".
The European Parliament and Council of Ministers both still have to formally adopt the draft regulation for it to become EU law.