The Estonian Presidency is suggesting a change to the application of the regulation on the free flow of data, as well as certain competencies of the Commission. This stems from the new draft compromise presented on 8 December during the Council workgroup.
It should be recalled that the text aims to put an end to unfair restrictions on the free flow of data. In practice, it will ban member states from introducing data localisation requirements, except for public security reasons.
The new text is based on the discussions at the workgroup and, more recently, at the Telecommunication Ministers Council (see EUROPE 11918). It is proposing to exclude from the scope the storage and processing of non-personal data gathered by a public authority for the attention of another public authority without payment (article 2(2)(b)). The Presidency is also proposing in a new clause 12a to clarify the scope of the concept of “public security” and highlights the fact that this term covers both internal and external security of a member state – as well as public security questions, particularly those that facilitate investigations, the detection and pursuit of criminal offences. A new clause 10a will provide examples of so-called “non-personal” data, such as, for example the comprehensive certified and anonymous data used for big data analysis.
The Presidency then considerably streamlined the provisions on data availability by simplifying article 7 (single points of contact) and removing article 8 (free flow data committee), whilst clarifying the capacity of the member states to demand that a specific user localises their data on its territory in the event of fraud or irregularity.
Finally, the text explains that the reporting obligation for an existing measure or draft act and which go against the regulation must involve measures and projects of a general nature “and not decisions addressed to a specific natural or legal person”. (Original version in French by Sophie Petitjean)