Activities of Jeppe KOFOD related to 2017/0228(COD)
Shadow opinions (1)
OPINION on the proposal for a regulation of the European Parliament and of the Council on a framework for the free flow of non-personal data in the European Union
Amendments (13)
Amendment 29 #
Proposal for a regulation
Recital 10
Recital 10
(10) Under Regulation (EU) 2016/679, Member States may neither restrict nor prohibit the free movement of personal data within the Union for reasons connected with the protection of natural persons with regard to the processing of personal data. This Regulation establishes the same principle of free movement within the Union for non-personal data except when a restriction or a prohibition would be justified for security reasons. In order to avoid undermining the legal framework for personal data in the Union, in the case of mixed data sets, Regulation (EU)2016/679 should apply to the personal data part.
Amendment 32 #
Proposal for a regulation
Recital 10 a (new)
Recital 10 a (new)
(10 a) Business and data users will be frequently confronted with mixed data sets and might have difficulties in unbundling personal data from the set. The Commission should provide clear guidance on the legal treatment of mixed data sets and should provide information in a simple manner to business in a website, with tools and guidance on possibilities to unbundled mixed data sets.
Amendment 35 #
Proposal for a regulation
Recital 19 a (new)
Recital 19 a (new)
(19 a) In order to properly enforce this Regulation and to incentivise its compliance, Members States should empower their competent authorities to request users to cease breaches of this regulation. The competent authorities should be able to impose effective, proportionate and dissuasive penalties on users not complying with the freedom of free flow and if data localisation requirements persist.
Amendment 37 #
Proposal for a regulation
Recital 21
Recital 21
(21) In order to take full advantage of the competitive environment, professional users should be able to make informed choices and easily compare the individual components of various data storage or other processing services offered in the internal market, including as to the contractual conditions of porting data upon the termination of a contract. In order to align with the innovation potential of the market and to take into account the experience and expertise of the providers and professional users of data storage or other processing services, the detailed information and operational requirements for data porting should be defined by market players through self-regulation, encouraged and facilitated by the Commission, in the form of Union codes of conduct which may entail model contract terms. Nonetheless, if such codes of conduct are not put in place and effectively implemented within a reasonable period of time, the Commission should review the situation and asses the need to present legislative proposals to effectively reduce the number of barriers to the porting of data.
Amendment 39 #
Proposal for a regulation
Recital 22
Recital 22
(22) In order to contribute to a smooth cooperation across Member States, each Member State should designate a single point of contact to liaise with the contact points of the other Member States and the Commission regarding the application of this Regulation. Where a competent authority in one Member State requests assistance of another Member State to have access to data pursuant to this Regulation, it should submit a duly motivated request to the latter's designated single point of contact, including a written explanation of its justification and legal bases for seeking access to data. The single point of contact designated by the Member State whose assistance is requested should facilitate the assistance between authorities by identifying and transmitting the request to the relevant competent authority in the requested Member State. In order to ensure effective cooperation, the authority to which a request is transmitted should without undue delay provide assistance in response to a given request or provide information on difficulties in meeting a request of assistance or on its grounds of refusing such request. Member States should allow single points of contacts to request assistance as soon as a data localisation requirement has been identified, without the need to first exhaust all available cooperation mechanisms under national or Union law.
Amendment 49 #
Proposal for a regulation
Article 2 – paragraph 1 – point b
Article 2 – paragraph 1 – point b
(b) carried out by a natural or legal person residing or having an establishment in the Union for its own needs, regardless of whether it is a private person, a public- private entity or a public authority governed by public law.
Amendment 51 #
Proposal for a regulation
Article 2 – paragraph 2 a (new)
Article 2 – paragraph 2 a (new)
2 a. This Regulation shall not apply to mixed data sets that include personal data which cannot be unbundled.In respect to the mixed data sets, Regulation (EU) No 2016/679 shall apply. The Commission shall publish on its website a detailed guidance for businesses, in particular for SMEs, regarding the relevant provisions applicable to mixed data sets as well as a guidance regarding the treatment of such data sets, and in particular as regards the possible unbundling of personal data from them in order to render the data subject to this Regulation.
Amendment 59 #
Proposal for a regulation
Article 4 – paragraph 1
Article 4 – paragraph 1
1. Location of data for storage or other processing within the Union shall not be restricted to the territory of a specific Member State, and storage or other processing in any other Member State shall not be prohibited or restricted, unless it is justified on grounds ofby a documented and serious threat to public security.
Amendment 62 #
Proposal for a regulation
Article 4 – paragraph 5 a (new)
Article 4 – paragraph 5 a (new)
5 a. The Commission shall publish on its website a guidance regarding the obligations imposed by this Regulation on providers and users of data processing. This guidance shall be presented in a manner that is easy to understand, using clear and plain language.
Amendment 63 #
Proposal for a regulation
Article 5 – paragraph 2
Article 5 – paragraph 2
2. Where aA competent authority has exhausted all applicable means to obtain access to the data, it may request the assistance of a competent authority in another Member State in accordance with the procedure laid down in Article 7, and twithout prejudice to the existence at Union or national level of means for obtaining access to the data that is capable of being used in parallel. The requested competent authority shall provide assistance in accordance with the procedure laid down in Article 7, unless it would be contrary to the public order of the requested Member State.
Amendment 64 #
Proposal for a regulation
Article 5 a (new)
Article 5 a (new)
Article 5 a Compliance and Penalties The competent authorities of the Members States shall have the power to monitor and supervise compliance with the requirement of free movement of data. Competent authorities shall have the power to require undertakings to provide all information necessary to verify the compliance with this Regulation. They shall require that infringements of free movement of data are ended, and shall have the power, where relevant, to impose effective, proportionate and dissuasive sanctions for failure to comply with an obligation to provide data or for unjustified restrictions to free movement of data.
Amendment 72 #
Proposal for a regulation
Article 6 – paragraph 3
Article 6 – paragraph 3
3. The Commission shall draw up a report reviewing the development and effective implementation of such codes of conduct and the effective provision of information by providers no later than two years after the start of application of this Regulation. Where the self-regulatory code of conduct has not reduced the number of existing barriers to the porting of data, the report shall, as appropriate, be accompanied by a legislative proposal .
Amendment 78 #
Proposal for a regulation
Article 7 – paragraph 6 a (new)
Article 7 – paragraph 6 a (new)
6 a. The single contact point shall also provide general information to professional users and the public concerning the obligations provided for in this Directive, as well as concerning any code of conduct developed in accordance with Article 6.