Commission makes "data governance" proposal

Dr. S-W – 12/2020

On the 25th November 2020, the EU Commission presented a proposal for a regulation on "European data governance", COM(2020) 767 final. The handling of social data is not in the foreground nor is it directly mentioned. Nevertheless, the law will also have a direct impact on the social security institutions. This is because one of the most important objectives from the point of view of social security is to make data held by public institutions accessible to a wide circle of potentially interested parties. This is supported by structures to encourage voluntary "data donation", especially the personal data from private individuals. Their (re)use should serve "non-profit" purposes. Finally, the regulation introduces the somewhat unwieldy idea of a (also commercially acting) "data intermediary", a pseudo data broker, who would have to strictly separate this transaction from other transactions.

The draft deals with protected, mainly non-anonymised, personal data. In this respect, it supplements the 2019 "Open data" directive that is already in force but not yet implemented in all of the member states. This only deals with non-protected, i.e. "open" data. At the same time, it is only the first of a whole series of EU legislative initiatives already announced in the European Data Strategy 2020. This includes the establishment of several vertical European "data governances", starting with the health sector. Others will follow and they will include the public administration sector. However, other horizontal acts will also follow, such as the "Digital services act - Digital markets act package" in mid-December and the "Data act" in the third quarter of 2021. Whereas the first package targets market distorting practices, the data act aims at clarifying the rights of data users (said Thierry Breton at the conference of telecommunications ministers).

One of the pillars of the proposed regulation is that disclosure and further use of public data should, in principle, not be exclusive, i.e. specific to select recipients. Instead, all interested parties must be considered: developers of big data and machine learning-based artificial intelligence, product and service developers in the broadest sense, companies and research institutions, and most importantly: it is intended to be reused for both non-commercial and commercial purposes.

This pillar is closely related to another: the facilitation of "data donation" or "data altruism" - i.e. the voluntary provision of data for the common good. These are big words – in essence, it is probably more about easing the procedures for data subjects to consent to the transfer of their data. A yet-to-be-drafted European consent form for data altruism is expected to help boost donations. This is where the spark of data altruism will also spread into the public administration sector: It is foreseeable that public authorities will (have to) automatically present such a boilerplate declaration to citizens so that they can give their consent, e.g. by clicking on it. A significantly large potential of data altruism is seen in the healthcare sectors and better provision of public services, etc.

Video conference of telecommunications ministers

All of the delegations expressed agreement during the initial debate at the “Telecom” council that was held on the 7th December 2020. Cautious criticism was voiced more in passing. The Commission has been repeatedly reminded of the EU's international obligations. These are indeed likely to oppose any excessive European "data protectionism", which repeatedly shines through in the draft and its explanatory memorandum. The very idea of European data governances, somehow shielded from the outside world, which are supposed to give the EU a "competitive advantage", is unlikely to be compatible with international trade law, said Peter Altmaier. It was also argued that personal data could be transformed into "open data" by anonymisation and then shared with third parties under the rules of the "Open data" directive. One could motivate the data owners (e.g. social security institutions as well - author's note) in this direction. The primary motive is probably to "spare" the data subject of having to giving her/his consent under this procedure. Finally, what precisely is behind the "general interest" that opens the door to "data altruism" or "data donation" was also critically questioned. Finally, it was suggested that financial incentives could also contribute to data sharing.