The European Telecommunications Ministers gave a relatively positive reception to the brand new legislative proposal on data governance during their informal videoconference on Monday 7 December (see EUROPE 12615/13). Several of them nevertheless expressed doubts about the international aspect of the proposal.
This was the first time that the EU27 had formally expressed their views on the Data Governance Regulation. This initiative, presented less than 15 days ago, seeks to improve the re-use of so-called sensitive public sector data, introduce common principles for data intermediaries and encourage altruism with regard to data (see EUROPE 12599/9).
Eight States had addressed the Commission
However, the aspect relating to international governance is of concern to several Member States, as shown by a letter seen by EUROPE which was co-signed by eight countries. The Czech Republic, Estonia, Denmark, Ireland, Lithuania, Poland, Romania and Sweden are indeed concerned about new unjustified data location requirements.
“Such an approach would harm the international competitiveness of our manufacturers and service providers and hinder the development of new digital businesses in Europe. It could also be used to justify protectionist policies of certain non-Member States, despite the very negative impact these policies already have on European companies”, the document, dated 2 December, says.
A shield against abusive extraterritorial claims
The European Commissioner for Internal Market, Thierry Breton, tried to reassure these eight countries. “Of course, Europe will remain open. Data has value when it circulates, including internationally. But let's not be naive. We know the geostrategic and economic importance of data and the risk of regulatory misalignment that could create data havens”, he said.
The proposed regulation, he explained, only puts in place a shield against abusive extraterritorial requests by requiring actors to “take the necessary measures to avoid having to comply with abusive or even illegal requests for access to data held in Europe from authorities in non-Member States”.
For its part, France has very clearly expressed its wish to “go further”. In particular, it suggested “references to ensure data sovereignty, including the hosting of sensitive data in infrastructures impervious to extraterritorial legislation ”, in line with the ‘Schrems II’ ruling of the Court of Justice of the European Union (see EUROPE 12529/2). France also advocates the ability to locate sensitive data in Europe for legitimate public policy reasons, the identification of categories of data eligible for a sovereignty framework and the obligation for data intermediaries to be outside the scope of extraterritorial legislation. (Original version in French by Sophie Petitjean)