On 19 February 2020, the new European Commission published two Communications relating to its five-year digital strategy: one on shaping Europe’s digital future, and one on its European strategy for data (the Commission also published a white paper proposing its strategy on AI; see our previous blogs here and here).  In both Communications, the Commission sets out a vision of the EU powered by digital solutions that are strongly rooted in European values and EU fundamental rights.  Both Communications also emphasize the intent to strengthen “European technological sovereignty”, which in the Commission’s view will enable the EU to define its own rules and values in the digital age.  The Communications set out the Commission’s plans to achieve this vision.

Communication on shaping Europe’s digital future

The Commission’s strategy on shaping Europe’s digital future seeks to achieve three key objectives:

  1. Ensuring that technology works for people, making a difference to people’s daily lives and shaping technology in a way that respects European values;
  2. A fair and competitive economy, with a frictionless EU single market where companies of all sizes can compete on equal terms, and consumers can be confident their rights are respected; and
  3. An open, democratic, and sustainable society, in which citizens are empowered both online and offline, and where digital transformation enhances democratic values, respects human rights, and contributes to a sustainable economy.

The key action points that the Commission plans to take in respect of each of the three objectives include the following (amongst others):

  • In order to ensure that technology works for people, the Commission intends to:
    • Follow up on the steps set out in the White Paper on AI (see our previous blog here) on safety, liability, fundamental rights and data.
    • Publish an updated Action Plan on 5G and 6G.
    • Propose 5G Corridors for connected and automated mobility.
    • Undertake a review of the Security of Network and Information Systems (NIS) Directive.
    • Update the Digital Education Action Plan to boost digital literacy and competences at all levels of education, and reinforce the Skills Agenda and Youth Guarantee to strengthen digital skills.
    • Propose initiatives to improve labor conditions of platform workers.
  • To promote a fair and competitive economy, the Commission intends to:
    • Publish a European Data Strategy (see below), to be followed by the announcement of a legislative framework for data governance and a possible Data Act.
    • Complete its ongoing review of EU competition rules for the digital age, and launch a sector inquiry.
    • Continue it ongoing consideration of ex ante rules on markets where large platforms act as gate-keepers, including in the context of the Commission’s proposed Digital Services Act package.
    • Publish a new Consumer Agenda, to empower consumers to make informed choices and play active roles in digital transformation.
  • In furtherance of its goal to advance an open, democratic and sustainable society, the Commission intends to:
    • Adopt new rules on harmonizing the responsibilities of online platforms (including in relation to content) and information service providers, as part of the Digital Services Act package.
    • Revise the eIDAS Regulation to promote the use of trusted digital identities in the private sector.
    • Propose a circular electronics initiative to ensure that devices are designed for durability, maintenance, dismantling, reuse and recycling, and including a right to repair or upgrade to extend the lifecycle of electronic devices and to avoid premature obsolescence.

Communication on a European strategy for data

The Commission’s European data strategy Communication articulates the EU’s aspiration to be a role model of a society powered by data to make better decisions — in both the private and public sectors.  The Commission notes that it has already taken a number of steps to create a solid framework for digital trust — including the implementation of the GDPR, the Regulation on the free flow of non-personal data, the Cybersecurity Act, the Open Data Directive, the Digital Content Directive, and a number of sector-specific legislative instruments that include provisions on data access.

The Commission identifies several challenges that are holding back the EU from realizing its potential in the data economy, including: a lack of available data, imbalances of market power, the lack of common data formats and protocols for data interoperability, the EU’s technological dependencies on certain “strategic infrastructures,” barriers to individuals being able to exercise their data reuse rights under the GDPR, a lack of digital skills, and cybersecurity risks.

To address these challenges, the Communication proposes a four-pillar strategy that includes:

  • A cross-sectoral governance framework for data access and use that will cover, among other measures, new EU mechanisms and guidance on data sharing.  Key actions the Commission proposes to take include:
    • Proposing a legislative framework for the governance of common European data spaces;
    • Adopting an implementing act on high-value datasets under the Open Data Directive to open up key public sector reference data sets for innovation;
    • Proposing a Data Act to support (and in certain cases potentially to mandate) business-to-government or business-to-business data sharing;
    • Evaluating the IPR framework with a view to further enhancing data access and use.
  • Investments in data and strengthening of the EU’s capabilities and infrastructures for hosting, processing, and using data.  Key actions the Commission proposes to take include:
    • Investing in a High Impact project on European data spaces;
    • Funding the establishment of EU-wide common interoperable data spaces;
    • Facilitating the development of common European standards and requirements for the public procurement of data processing services;
    • Launching a European cloud services marketplace;
    • Creating an EU (self-) regulatory cloud rulebook.
  • Greater investment in digital skills and in SMEs.  Key actions the Commission proposes to take include:
    • Updating the Digital Education Action Plan;
    • Issuing a European SME Strategy;
    • Exploring enhancing the portability right for individuals under GDPR Article 20.
  • The development of common European data spaces in strategic sectors and domains of public interest.  These sectors include manufacturing, mobility, health, financial services, energy, and agriculture.

The Commission adds that it intends to take “an open, but assertive approach to international data flows, based on European values.”  This will include efforts to address unjustified barriers and restrictions to cross-border data flows in third countries, and to ensure that any access to EU citizens’ personal data, and European commercially sensitive data, is in compliance with EU values and the EU legislative framework, including the GDPR.

 

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Lisa Peets Lisa Peets

Lisa Peets leads the Technology Regulatory and Policy practice in the London office and is a member of the firm’s Management Committee. Lisa divides her time between London and Brussels, and her practice embraces regulatory counsel and legislative advocacy. In this context, she…

Lisa Peets leads the Technology Regulatory and Policy practice in the London office and is a member of the firm’s Management Committee. Lisa divides her time between London and Brussels, and her practice embraces regulatory counsel and legislative advocacy. In this context, she has worked closely with leading multinationals in a number of sectors, including many of the world’s best-known technology companies.

Lisa counsels clients on a range of EU law issues, including data protection and related regimes, copyright, e-commerce and consumer protection, and the rapidly expanding universe of EU rules applicable to existing and emerging technologies. Lisa also routinely advises clients in and outside of the technology sector on trade related matters, including EU trade controls rules.

According to the latest edition of Chambers UK (2022), “Lisa is able to make an incredibly quick legal assessment whereby she perfectly distils the essential matters from the less relevant elements.” “Lisa has subject matter expertise but is also able to think like a generalist and prioritise. She brings a strategic lens to matters.”

Photo of Marty Hansen Marty Hansen

Martin Hansen has represented some of the world’s leading information technology, telecommunications, and pharmaceutical companies on a broad range of cutting edge international trade, intellectual property, and competition issues. Martin has extensive experience in advising clients on matters arising under the World Trade…

Martin Hansen has represented some of the world’s leading information technology, telecommunications, and pharmaceutical companies on a broad range of cutting edge international trade, intellectual property, and competition issues. Martin has extensive experience in advising clients on matters arising under the World Trade Organization agreements, treaties administered by the World Intellectual Property Organization, bilateral and regional free trade agreements, and other trade agreements.

Drawing on ten years of experience in Covington’s London and DC offices his practice focuses on helping innovative companies solve challenges on intellectual property and trade matters before U.S. courts, the U.S. government, and foreign governments and tribunals. Martin also represents software companies and a leading IT trade association on electronic commerce, Internet security, and online liability issues.

Photo of Sam Jungyun Choi Sam Jungyun Choi

Sam Jungyun Choi is an associate in the technology regulatory group in the London office. Her practice focuses on European data protection law and new policies and legislation relating to innovative technologies such as artificial intelligence, online platforms, digital health products and autonomous…

Sam Jungyun Choi is an associate in the technology regulatory group in the London office. Her practice focuses on European data protection law and new policies and legislation relating to innovative technologies such as artificial intelligence, online platforms, digital health products and autonomous vehicles. She also advises clients on matters relating to children’s privacy and policy initiatives relating to online safety.

Sam advises leading technology, software and life sciences companies on a wide range of matters relating to data protection and cybersecurity issues. Her work in this area has involved advising global companies on compliance with European data protection legislation, such as the General Data Protection Regulation (GDPR), the UK Data Protection Act, the ePrivacy Directive, and related EU and global legislation. She also advises on a variety of policy developments in Europe, including providing strategic advice on EU and national initiatives relating to artificial intelligence, data sharing, digital health, and online platforms.

Photo of Nicholas Shepherd Nicholas Shepherd

Nicholas Shepherd is an associate in Covington’s Washington, DC office, where he is a member of the Data Privacy and Cybersecurity Practice Group, advising clients on compliance with all aspects of the European General Data Protection Regulation (GDPR), ePrivacy Directive, European direct marketing…

Nicholas Shepherd is an associate in Covington’s Washington, DC office, where he is a member of the Data Privacy and Cybersecurity Practice Group, advising clients on compliance with all aspects of the European General Data Protection Regulation (GDPR), ePrivacy Directive, European direct marketing laws, and other privacy and cybersecurity laws worldwide. Nick counsels on topics that include adtech, anonymization, children’s privacy, cross-border transfer restrictions, and much more, providing advice tailored to product- and service-specific contexts to help clients apply a risk-based approach in addressing requirements in relation to transparency, consent, lawful processing, data sharing, and others.

A U.S.-trained and qualified lawyer with 7 years of working experience in Europe, Nick leverages his multi-faceted legal background and international experience to provide clear and pragmatic advice to help organizations address their privacy compliance obligations across jurisdictions.

Nicholas is a member of the Bar of Texas and Brussels Bar (Dutch Section, B-List). District of Columbia bar application pending; supervised by principals of the firm.