Comments on the European Commission’s communication ”BUILDING A EUROPEAN DATA ECONOMY”
Sweden is in the midst of a transformation to a fully digitised society in which the potential for innovation is great and an adequate safeguards for integrity is important.
This leads to crucial questions about how Sweden and Europe can develop a political environment which fosters data-driven growth and benefits the interests of the individual, businesses and society at large in a sustainable and balanced way.
Digitisation (and particularly data-driven growth) is underlined as the future growth engine for Europe in the EU Commission’s strategy for the Digital Single Market (COM/2015/0192 final). A strong emphasis is put on the importance of removing obstacles for the European data economy in order to stimulate innovation and investments in the single market, and to create business opportunities for European companies. But the development of new technology also enables better protection of personal data. The public debate often presents these two ambitions- innovation and data protection as contradictory, which is not the case. To improve the public understanding of our future and to enhance people’s comfort level with digitization, raising awareness about technology is more important than ever.
Currently much of the development of European data policy is driven by the data protection authorities, DG Justice and national ministries of justice, which tend to have a strong focus on privacy and integrity. In order to foster efficiency and innovative digitalization of society, an export- and technology-dependent country like Sweden would benefit from a more business-oriented policy perspective in the shaping of rules related to the data economy.
A far reaching privacy framework inhibits the development of important public services, particularly in the healthcare sector. We need to question the current structure and find our way back to a functioning balance between safeguarded integrity and the exchange of information. To achieve this we ask for better regulation, simpler rules which do not overlap and do not promote fragmentation. An example is the proposed regulation of ePrivacy
(COM(2017) 10 final), which stipulates a need for prior consent for cookies and any kind of online tracking techniques. Similar rules are already specified in the new General Data Protection Regulation. Adding another layer of rules on data protection means adding to the already heavy burden that companies have to comply with.
Data flows and forced localisation
Data flows are an integral part of our global value chains, and a data-driven economy based on innovation is one of the keys to creating competitive European businesses. Allowing data to more freely across borders, without rules on forced localisation is therefore absolutely crucial. Companies simply cannot do cross-border business if they cannot move their data across the borders; this applies to companies of all sizes and from all sectors. With this in mind, we would welcome a legislative initiative to prevent national rules on forced localisation. Any restrictions on where data should be stored should only be possible within the realm of different levels of national security and concerning the access of national authorities. Such exemptions from a ban on forced localisation must be well justified and proportional.
Portability and standards
The requirements on data portability in the General Data Protection Regulation are difficult to deal with for companies. Technically it requires that different companies apply the same data format in order for it to be portable. Rebuilding IT-solutions entails high costs and currently there are no guidelines for how companies are to handle this technically. Imposing similar demands on machine-generated data would mean enforcing a regimentation of technical solutions and IT-systems that would hardly benefit innovation and competitiveness in Europe. However, the development of IoT requires a certain level of interoperability. The best way to achieve it is through sector agreements and industry driven standards developed by businesses with extensive knowledge of how technology, contractual arrangements and business models work.
It is important to distinguish between personal data and machine data. The industry at large agree that it is too early in the development of data analytics to legislate the use of machine-data and the technological progress is moving fast.
From an investment perspective it is crucial that businesses can use and protect their own (machine-generated) data as they see fit, to develop new products, find innovative solutions and get a return on investments made. Personal information is to be protected in accordance with the General Data Protection Regulation, which specifies rules applicable to the processing of personal data and thereby the companies’ ability to create services and identify the demand for new products. It is vital that the legislation contributes to protect investments, intellectual property rights and trade secrets.
An important principle is that the European Commission should not propose rules for a market which is still being developed, unless there is a proven market failure. The Staff Working document (SWD(2017) 2 final) accompanying the Commission’s communication on a European Data Economy explicitly explains the difficulty of trying to map the available contractual solutions for the use and reuse of data.
It is further worrying that the Commission’s own European Political Strategy Center, proposes that “public intervention is (also) needed to govern non-personal data”, see ‘Enter the Data Economy’, 2017-01-11.
Generally, both contractual freedom and the freedom of trade should be better respected in the European Union in order to foster a good business climate where the data economy and the technological development create competitiveness that produces a prosperous society for all its citizens.
Finally, do not burden the digital development in the EU with a complicated framework that is too complex for companies to understand, let alone comply with. The digitisation of society and business will bring us great opportunities if the policies governing the data economy can develop strategically with an eye to the future.