Activities of Lidia Joanna GERINGER DE OEDENBERG related to 2017/0228(COD)
Legal basis opinions (0)
Amendments (12)
Amendment 53 #
Proposal for a regulation
Recital 4
Recital 4
(4) Such obstacles to the free movement of data storage or other processing services and to the right of establishment of data storage or other processing providers originate from requirements in the national or federal laws of Member States to locate data in a specific geographical area or territory for the purpose of storage or other processing. Other rules or administrative practices have an equivalent effect by imposing specific requirements which make it more difficult to store or otherwise process data outside a specific geographical area or territory within the Union, such as requirements to use technological facilities that are certified or approved within a specific Member State. Legal uncertainty as to the extent of legitimate and illegitimate data localisation requirements further limits the choices available to market players and to the public sector regarding the location of data storage or other processing.
Amendment 59 #
Proposal for a regulation
Recital 7
Recital 7
(7) In order to create a framework for the free movement of non-personal data in the Union and the foundation for developing the data economy and enhancing the competitiveness of European industry in compliance with European data protection rules, it is necessary to lay down a clear, comprehensive and predictable legal framework for storage or other processing of data other than personal data in the internal market. A principle-based approach providing for cooperation among Member States as well as self-regulation should ensure that the framework is flexible so that it can take into account the evolving needs of users, providers and national authorities in the Union. In order to avoid the risk of overlaps with existing mechanisms and hence to avoid higher burdens both for Member States and businesses, detailed technical rules should not be established.
Amendment 65 #
Proposal for a regulation
Recital 9
Recital 9
(9) The legal framework on the protection of natural persons with regard to the processing of personal data, in particular Regulation (EU) 2016/67930, and Directive (EU) 2016/68031 and Directive 2002/58/EC32s well as the legal framework on the respect for private life and the protection of personal data in electronic communications, in particular Directive 2002/58/EC32 to be repealed by new regulation 2017/003 (COD)32a should not be affected by this Regulation. _________________ 30 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1). 31 Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA (OJ L 119, 4.5.2016, p. 89). 32 Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) (OJ L 201, 31.7.2002, p. 37). 32aRegulation of the European Parliament and the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC.
Amendment 68 #
Proposal for a regulation
Recital 9 a (new)
Recital 9 a (new)
(9a) This Regulation should not apply to the storage or other processing of electronic data in the case of any intermixture of non-personal data and personal data, or in the case of any combination of non-personal data that could lead to personal data or to identify a person.
Amendment 85 #
(11) This Regulation should apply to electronic data storage or other processing in the broadest sense, encompassing the usage of all types of IT systems, whether located on the premises of the user or outsourced to a data storage or other processing service provider. It should cover data processing of different levels of intensity, from data storage (Infrastructure-as-a-Service (IaaS)) to the processing of data on platforms (Platform- as-a-Service (PaaS)) or in applications (Software-as-a-Service (SaaS)). These different services should be within the scope of this Regulation, unless data storage or other processing is merely ancillary to a service of a different type, such as providing an online marketplace intermediating between service providers and consumers or business users.
Amendment 88 #
Proposal for a regulation
Recital 12
Recital 12
(12) Data localisation requirements represent a clear barrier to the free provision of data storage or other processing services across the Union and to the internal market. As such, they should be banned unless they are justified based on the grounds of public security, as defined by Union law, in particular Article 52 of the Treaty on the Functioning of the European Union, and satisfy the principle of proportionality enshrined in Article 5 of the Treaty on European Union. Regardless of this data storage or other processing of authorities and political bodies of national or federal governments and parliaments should be always considered to be justified for grounds of public security. In order to give effect to the principle of free flow of non-personal data across borders, to ensure the swift removal of existing data localisation requirements and to enable for operational reasons storage or other processing of data in multiple locations across the EU, and since this Regulation provides for measures to ensure data availability for regulatory control purposes, Member States should not be able to invoke justifications other than public security.
Amendment 105 #
Proposal for a regulation
Recital 16
Recital 16
(16) Data localisation requirements are frequently underpinned by a lack of trust in cross-border data storage or other processing, deriving from the presumed unavailability of data for the purposes of the competent authorities of the Member States, such as for inspection and audit for regulatory or supervisory control. Therefore, this Regulation should clearly establish that it does not affect the powers of competent authorities to request and receive access to data in accordance with Union or national law, and that access to data by competent authorities may not be refused on the basis that the data is stored or otherwise processed in another Member State, neither by the provider according to Art. 3 No. 4, nor by the professional user according to Art. 3 No. 8, nor by any authority of the other Member State with the exception of Art. 7 of this regulation.
Amendment 116 #
Proposal for a regulation
Recital 21
Recital 21
(21) In order to take full advantage of the competitive environment, professional users should be able to make informed choices and easily compare the individual components of various data storage or other processing services offered in the internal market, including as to the contractual conditions of porting data upon the termination of a contract. In order to align with the innovation potential of the market and to take into account the experience and expertise of the providers and professional users of data storage or other processing services, the detailed information and operational requirements for data porting should be defined by market players through self-regulation, encouraged and facilitated by the Commission, in the form of Union codes of conductimplementing acts which may entail model contract terms. Nonetheless, if such codes of conduct are not put in place and effectively implemented within a reasonable period of time, the Commission should review the situation.
Amendment 131 #
Proposal for a regulation
Recital 28 a (new)
Recital 28 a (new)
(28 a) The legal framework of public procurement, especially with regard to environmental, social and labour aspects of public procurement, in particular Directive (EU) 2014/241a should not be affected by this Regulation. _________________ 1aDirective 2014/24/EU of the European Parliament and of the Council of 26 February 2014 on public procurement and repealing Directive 2004/18/EC.
Amendment 141 #
Proposal for a regulation
Article 2 – paragraph 1 a (new)
Article 2 – paragraph 1 a (new)
1a. This Regulation shall not apply to the storage or other processing of electronic data in the case of any intermixture of non-personal data and personal data, or in the case of any combination of non-personal data that can lead to personal data or to identify a person.
Amendment 192 #
Proposal for a regulation
Article 6 – paragraph 1 – introductory part
Article 6 – paragraph 1 – introductory part
1. The Commission shall encourage and facilitate the development of self- regulatory codes of conduct at Union level, in order to define guidelines on best practices inmay adopt implementing acts in order to specify requirements to facilitatinge the switching of providers and to ensure that they provide professional users with sufficiently detailed, clear and transparent information before a contract for data storage and processing is concluded, as regards the following issues:
Amendment 216 #
Proposal for a regulation
Article 7 – paragraph 4 – subparagraph 1 (new)
Article 7 – paragraph 4 – subparagraph 1 (new)