BETA


Events

2018/11/28
   Final act published in Official Journal
Details

PURPOSE: to remove obstacles to the free movement of non-personal data in the EU.

LEGISLATIVE ACT: Regulation (EU) 2018/1807 of the European Parliament and of the Council on a framework for the free flow of non-personal data in the European Union.

CONTENT: this Regulation aims to ensure the free flow of data other than personal data within the Union by laying down rules relating to data localisation requirements, the availability of data to competent authorities and the porting of data for professional users.

The new Regulation is designed to boost the data economy and the development of emerging technologies such as artificial intelligence, products and services related to the Internet of Things and autonomous systems and 5G that raise new legal issues regarding access to data and their reuse, liability, ethics and solidarity.

Principle of free movement of data within the Union

The Regulation prohibits restrictions related to the location of data imposed by Member States on the geographical location of the storage or processing of non-personal data, unless justified on grounds of public security.

Member States shall immediately communicate to the Commission any draft act introducing a new data localisation requirement or amending an existing data localisation requirement. By 30 May 2021 at the latest, any existing data localisation requirements shall be repealed.

Data availability for competent authorities

Competent authorities shall retain the power to request access to data for the performance of their official duties, in accordance with Union or national law. Access to data by the competent authorities may not be refused on the grounds that the data are processed in another Member State.

Where, after requesting access to a user's data, a competent authority does not obtain access and if no specific cooperation mechanism exists under Union law or international agreements to exchange data between competent authorities of different Member States, that competent authority may request assistance from a competent authority in another Member State.

Member States may impose effective, proportionate and dissuasive sanctions in the event of failure to provide data.

Codes of conduct

The Regulation encourages the development of codes of conduct to facilitate the procedure for users to switch providers and port data back to its own IT systems.

Codes of conduct shall be comprehensive and shall cover at least those aspects that are essential during the data porting process, such as (i) the processes used and location of data backups, (ii) the available data formats and supports, (iii) the required IT configuration and minimum network bandwidth, (iv) the time required prior to initiating the porting process and the length of time during which the data will remain available for porting, and (vi) data access guarantees in the event of the service provider going bankrupt.

The Commission shall encourage service providers to complete the development of codes of conduct by 29 November 2019 and to effectively implement them by 29 May 2020. It shall have to ensure that codes of conduct are developed in close cooperation with all stakeholders, including SME and start-ups and cloud service providers.

Mixed data

In the case of a mixed data set, i.e. a data set composed of both personal and non-personal data, the Regulation shall apply to the non-personal data part of the data set.

Where personal and non-personal data in a data set are inextricably linked, this Regulation shall not prejudice the application of Regulation (EU) 2016/679.

Each Member State shall have to designate a single contact point to liaise with the single contact points of the other Member States and the Commission regarding the application of the Regulation.

ENTRY INTO FORCE: 18.12.2018.

APPLICATION: from 18.6.2019.

2018/11/21
   EC - Commission response to text adopted in plenary
Documents
2018/11/14
   CSL - Draft final act
Documents
2018/11/14
   CSL - Final act signed
2018/11/14
   EP - End of procedure in Parliament
2018/11/09
   EP/CSL - Act adopted by Council after Parliament's 1st reading
2018/11/09
   CSL - Council Meeting
2018/10/04
   EP - Results of vote in Parliament
2018/10/04
   EP - Decision by Parliament, 1st reading
Details

The European Parliament adopted by 520 votes to 81 with 6 abstentions a legislative resolution on the proposal for a regulation of the European Parliament and of the Council on a framework for the free flow of non-personal data in the European Union.

The European Parliament’s position adopted at first reading under the ordinary legislative procedure amended the Commission proposal as follows:

Purpose : the proposed Regulation aims to ensure the free flow of data other than personal data within the Union by laying down rules relating to data localisation requirements, the availability of data to competent authorities and the porting of data for professional users.

The expanding Internet of Things, artificial intelligence and machine learning, represent major sources of non-personal data. Specific examples of non-personal data include aggregate and anonymised datasets used for big data analytics, data on precision farming that can help to monitor and optimise the use of pesticides and water, or data on maintenance needs for industrial machines.

Principle of free movement of non-personal data : under the amended text, data localisation requirements shall be prohibited, unless they are justified on grounds of public security in compliance with the principle of proportionality.

The concept of ‘public security’, within the meaning of Article 52 TFEU and as interpreted by the Court of Justice, covers both the internal and external security of a Member State, as well as issues of public safety.

No later than 24 months from the date of application of this Regulation, if a Member State considers that an existing measure containing a data localisation requirement can remain in force, it shall communicate that measure to the Commission, together with a justification for maintaining it in force.

Member States shall make the details of any data localisation requirements via a national online single information point which they shall keep up-to-date, or provide up-to-date details of any such localisation requirements to a central information point established under another Union act. The Commission shall publish the link(s) to such point(s) on its website, along with a regularly updated consolidated list of all data localisation requirements.

Data availability for competent authorities : access to data by competent authorities may not be refused on the basis that the data are processed in another Member State.

Where, after requesting access to a user's data, a competent authority does not obtain access and if no specific cooperation mechanism exists under Union law or international agreements to exchange data between competent authorities of different Member States, that competent authority may request assistance from a competent authority in another Member State.

Member States may impose effective, proportionate and dissuasive penalties for failure to provide data, in accordance with Union and national law.

Codes of conduct : the Commission shall encourage and facilitate the development of self-regulatory codes of conduct at Union level in order to contribute to a competitive data economy, based on the principles of transparency and interoperability and taking due account of open standards, covering inter alia the following aspects:

best practices for facilitating the switching of service providers and the porting of data in a structured, commonly used and machine-readable format; minimum information requirements to ensure that professional users are provided, before a contract for data processing is concluded, with sufficiently detailed, clear and transparent information; approaches to certification schemes that facilitate the comparison of data processing products and services for professional users.

The Commission shall encourage suppliers to complete the development of codes of conduct no later than one year after the date of publication of the Regulation and to effectively implement them no later than 18 months after the date of publication of the Regulation . It should ensure that codes of conduct are developed in close cooperation with all stakeholders, including SME and start-ups associations, users and cloud service providers.

Mixed data : in the case of a mixed data set, i.e. a data set composed of both personal and non-personal data , the Regulation shall apply to the non-personal data part of the data set. Where personal and non-personal data in a data set are inextricably linked, this Regulation shall not prejudice the application of Regulation (EU) 2016/679 .

Review : no later than 4 years after the date of publication of the Regulation, the Commission shall submit a report evaluating the implementation of the Regulation, in particular as regards: (i) the application of the Regulation to data sets composed of both personal and non-personal data; (ii) the implementation by Member States of the public security exception; (iii) the development and effective implementation of codes of conduct.

Documents
2018/10/03
   EP - Debate in Parliament
2018/07/12
   EP - Approval in committee of the text agreed at 1st reading interinstitutional negotiations
Documents
2018/06/13
   EP - Committee decision to enter into interinstitutional negotiations confirmed by plenary (Rule 71)
2018/06/11
   EP - Committee decision to enter into interinstitutional negotiations announced in plenary (Rule 71)
2018/06/06
   EP - Committee report tabled for plenary, 1st reading
Details

The Committee on the Internal Market and Consumer Protection adopted the report by Anna Maria CORAZZA BILDT (EPP, SE) on the proposal for a regulation of the European Parliament and of the Council on a framework for the free flow of non-personal data in the European Union.

As a reminder, the proposed Regulation seeks to ensure the free movement of data other than personal data within the Union by laying down rules relating to data localisation requirements, the availability of data to competent authorities and data porting for professional users.

The committee recommended that the European Parliament’s position adopted at first reading under the ordinary legislative procedure should amend the Commission proposal as follows:

Principle of free movement of non-personal data : Members specified that data location requirements shall be prohibited unless, on an exceptional basis, and in compliance with the principle of proportionality, they are justified on imperative grounds of public security .

The concept of ‘imperative grounds of public security’ presupposes a threat to public security that is of a particularly high degree of seriousness. The amendment builds on the Treaty and the relevant case law of the Court of Justice to clarify the concept of public security and increase legal certainty.

Members wanted to introduce a clear deadline (no later than one year after the entry into force of the regulation) by which Member States must communicate the location requirements of the data they wish to maintain. The Commission shall examine the draft act within three months and decide whether or not the Member State concerned should amend or repeal the data location requirements. Any remaining data localisation requirements should be published on the Commission’s website to ensure easy accessibility of this information.

Scope : Members specified that public sector authorities and entities shall also benefit from the free movement of data. The Regulation shall apply to all levels of governance, including public procurement.

Mixed data sets : in the case of a mixed data set, namely a data set composed of both personal and non-personal data, the Regulation shall apply to the non-personal data of the data set. Where non-personal and personal data are inextricably linked, this Regulation should apply without prejudice to Regulation (EU) 2016/679 .

Access to data for public authorities : the Commission's proposal provides that where a competent authority has exhausted all possible means of accessing data, it could request the assistance of an authority in another Member State if no specific cooperation mechanism exists. Members believe that such assistance could be requested where a competent authority does not obtain access to the data after contacting the user of the data processing service and where there is no specific cooperation mechanism under EU law or international agreements for the exchange of data between competent authorities of different Member States.

Members also pointed out that access to the premises where data is stored must be given in accordance with the national law of the Member State where the premises or equipment is located.

Codes of conduct : self-regulatory codes of conduct at EU level shall contribute to a competitive data economy, which are based on the principle of transparency and which establish guidelines on, inter alia , the following issues:

best practices for facilitating the switching of providers and porting data in a structured, commonly used, interoperable and machine-readable format; minimum information requirements to ensure that professional users are provided with sufficiently detailed, clear and transparent information before a contract for data storage and processing is concluded.

The Commission shall encourage providers to effectively implement the codes of conduct by 24 months after the date of publication of this Regulation. It shall ensure that the codes of conduct are developed in close cooperation with all relevant stakeholders , including associations of small and medium-sized enterprises and start-ups, users and providers of cloud services.

Single point of contact : Members considered that the know-how of the single points of contact can be used not only as a link between the Member States and the Commission, but also to connect the institutions with users.

Review : no later than 3 years and 6 months after the date of publication of the Regulation, the Commission shall submit a report evaluating the implementation of the Regulation, in particular as regards: (i) the application of the Regulation to mixed data sets; (ii) the implementation by Member States of the public security exception; (iii) the development and effective implementation of codes of conduct.

Documents
2018/06/04
   EP - Vote in committee, 1st reading
2018/06/04
   EP - Committee decision to open interinstitutional negotiations with report adopted in committee
2018/05/02
   DE_BUNDESRAT - Contribution
Documents
2018/04/26
   EP - Committee opinion
Documents
2018/04/09
   EP - Amendments tabled in committee
Documents
2018/03/01
   EP - Committee draft report
Documents
2018/02/15
   ESC - Economic and Social Committee: opinion, report
Documents
2017/12/14
   CZ_SENATE - Contribution
Documents
2017/12/12
   FR_SENATE - Reasoned opinion
Documents
2017/12/07
   PT_PARLIAMENT - Contribution
Documents
2017/12/04
   CSL - Debate in Council
Documents
2017/12/04
   CSL - Council Meeting
2017/11/21
   ES_PARLIAMENT - Contribution
Documents
2017/11/09
   EP - KRASNODĘBSKI Zdzisław (ECR) appointed as rapporteur in ITRE
2017/10/25
   EP - CORAZZA BILDT Anna Maria (PPE) appointed as rapporteur in IMCO
2017/10/23
   EP - Committee referral announced in Parliament, 1st reading
2017/09/13
   EC - Document attached to the procedure
2017/09/13
   EC - Document attached to the procedure
2017/09/13
   EC - Legislative proposal published
Details

PURPOSE: to create a framework for the free flow of non-personal data in the European Union and the foundation for developing the data economy and enhancing the competitiveness of European industry.

PROPOSED ACT: Regulation of the European Parliament and of the Council.

ROLE OF THE EUROPEAN PARLIAMENT: the European Parliament decides in accordance with the ordinary legislative procedure and on an equal footing with the Council.

BACKGROUND: currently, data localisation restrictions by Member States' public authorities and obstacles to the movement of data across IT systems prevent business and organisations in the EU from capturing economic, social and business opportunities. Legal uncertainty and lack of trust cause additional barriers to the free flow of non-personal data.

In practice, this means a business may not be or feel free to make full use of cloud services, choose the most cost-effective locations for IT resources, switch between service providers or port its data back to their own IT systems.

With the principle of free flow of non-personal data, businesses can avoid duplication of data at several locations, may feel more confident to enter new markets, and scale up their activities more easily.

The Mid-Term Review on the implementation of the Digital Single Market Strategy (DSM Strategy) announced a legislative proposal on an EU free flow of data cooperation framework.

IMPACT ASSESSMENT: the preferred option chosen allows for the assessment of a combination of legislation establishing the free flow of data framework and the single points of contact and an expert group as well as self-regulatory measures addressing data porting. This option would ensure the effective removal of existing unjustified localisation restrictions and would effectively prevent the future ones, as a result of a clear legal principle combined with the review, notification and transparency, while at the same time enhancing legal certainty and trust in the market. The burden on Member States' public authorities would be modest, leading to approximately EUR 33 000 annually in terms of human resources cost to sustain the single points of contact as well as a yearly cost of between EUR 385 and EUR 1925 for the preparation of notifications

CONTENT: the proposed Regulation seeks to ensure the free movement of data other than personal data within the Union by laying down rules relating to data localisation requirements, the availability of data to competent authorities and data porting for professional users.

It shall apply to the storage or other processing of electronic data other than personal data in the Union, which is (a) provided as a service to users residing or having an establishment in the Union, regardless of whether the provider is established or not in the Union or (b) carried out by a natural or legal person residing or having an establishment in the Union for its own needs.

The proposal:

establishes the principle of free movement of non-personal data in the Union. This principle prohibits any data localisation requirement , unless it is justified on grounds of public security. Furthermore, it provides for the review of existing requirements, notification of remaining or new requirements to the Commission and transparency measures; ensures data availability for regulatory control by competent authorities. To this effect, users may not refuse to provide access to data to competent authorities on the basis that data is stored or otherwise processed in another Member State. Where a competent authority has exhausted all applicable means to obtain access to the data, that competent authority may request the assistance of an authority in another Member State, if no specific cooperation mechanism exists; states that the Commission shall encourage service providers and professional users to develop and implement codes of conduct detailing the information on data porting conditions (including technical and operational requirements) that providers should make available to their professional users in a sufficiently detailed, clear and transparent manner before a contract is concluded. The Commission will review the development and effective implementation of such codes within two years after the start of application of this Regulation; stipulates that each Member State shall designate a single point of contact who shall liaise with the points of contact of other Member States and the Commission regarding the application of this Regulation; provides for procedural conditions applicable to the assistance between competent authorities; states that the Commission shall be assisted by the Free Flow of Data Committee within the meaning of Regulation (EU) No 182/2011; calls for a review within five years after the start of application of the Regulation and that the Regulation will start to apply six months after the day of its publication.

BUDGETARY IMPLICATIONS: a moderate administrative burden for Member States' public authorities will emerge, caused by the allocation of human resources for the cooperation between Member States through the 'single points of contact', and for complying with the notification, review and transparency provisions.

Documents

Activities

Votes

A8-0201/2018 - Anna Maria Corazza Bildt - Am 47 04/10/2018 12:08:45.000 #

2018/10/04 Outcome: +: 520, -: 81, 0: 6
DE IT PL ES FR RO GB SE AT BE HU BG CZ FI LT DK SK NL HR SI PT MT LU EE LV IE EL ?? CY
Total
80
61
43
40
61
24
54
19
17
15
15
14
15
11
10
11
9
22
8
8
15
6
5
5
3
7
19
2
6
icon: PPE PPE
167

United Kingdom PPE

2

Belgium PPE

2

Finland PPE

2

Lithuania PPE

2

Croatia PPE

2

Luxembourg PPE

3

Estonia PPE

For (1)

1

Latvia PPE

2

Ireland PPE

3

Cyprus PPE

1
icon: S&D S&D
158

Belgium S&D

2

Bulgaria S&D

2

Czechia S&D

3

Slovakia S&D

2

Netherlands S&D

For (1)

1

Croatia S&D

2

Slovenia S&D

For (1)

1

Malta S&D

3

Estonia S&D

For (1)

1

Cyprus S&D

2
icon: ALDE ALDE
60

Germany ALDE

2

Romania ALDE

2

Austria ALDE

For (1)

1

Denmark ALDE

2

Croatia ALDE

2

Slovenia ALDE

For (1)

1

Portugal ALDE

1

Luxembourg ALDE

For (1)

1

Estonia ALDE

2

Latvia ALDE

1

Ireland ALDE

For (1)

1
icon: ECR ECR
56

Italy ECR

2

Romania ECR

For (1)

1

Sweden ECR

2

Belgium ECR

2

Bulgaria ECR

2

Czechia ECR

2
2

Lithuania ECR

1

Slovakia ECR

2

Netherlands ECR

2

Croatia ECR

For (1)

1

Greece ECR

Against (1)

1

Cyprus ECR

Against (1)

1
icon: Verts/ALE Verts/ALE
48

Italy Verts/ALE

For (1)

1

Austria Verts/ALE

3

Belgium Verts/ALE

2

Hungary Verts/ALE

2

Lithuania Verts/ALE

For (1)

1

Denmark Verts/ALE

For (1)

1

Netherlands Verts/ALE

2

Croatia Verts/ALE

For (1)

1

Slovenia Verts/ALE

For (1)

1

Luxembourg Verts/ALE

For (1)

1

Estonia Verts/ALE

For (1)

1
icon: EFDD EFDD
33

Germany EFDD

Abstain (1)

1

Poland EFDD

1

France EFDD

Against (1)

3

Czechia EFDD

Against (1)

1

Lithuania EFDD

For (1)

1
icon: NI NI
19

Germany NI

Against (1)

Abstain (1)

2

France NI

Against (1)

1

United Kingdom NI

4

Hungary NI

For (1)

1

Denmark NI

1

NI

For (1)

Against (1)

2
icon: ENF ENF
29

Germany ENF

Against (1)

1

Poland ENF

Against (1)

1

Belgium ENF

For (1)

1

Netherlands ENF

4
icon: GUE/NGL GUE/NGL
35

Germany GUE/NGL

3

Italy GUE/NGL

2

United Kingdom GUE/NGL

Against (1)

1

Sweden GUE/NGL

Abstain (1)

1

Finland GUE/NGL

For (1)

1

Denmark GUE/NGL

Against (1)

1

Netherlands GUE/NGL

3

Ireland GUE/NGL

3

Cyprus GUE/NGL

2
AmendmentsDossier
245 2017/0228(COD)
2018/02/27 ITRE 55 amendments...
source: 618.302
2018/04/09 IMCO 190 amendments...
source: 619.414

History

(these mark the time of scraping, not the official date of the change)

docs/0/docs/0
url
https://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=SWD:2017:0304:FIN:EN:PDF
title
EUR-Lex
docs/3/docs/0/url
Old
https://dm.eesc.europa.eu/EESCDocumentSearch/Pages/redresults.aspx?k=(documenttype:AC)(documentnumber:4820)(documentyear:2017)(documentlanguage:EN)
New
https://dmsearch.eesc.europa.eu/search/public?k=(documenttype:AC)(documentnumber:4820)(documentyear:2017)(documentlanguage:EN)
docs/4/docs/0/url
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE619.038
New
https://www.europarl.europa.eu/doceo/document/IMCO-PR-619038_EN.html
docs/5/docs/0/url
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE619.414
New
https://www.europarl.europa.eu/doceo/document/IMCO-AM-619414_EN.html
docs/6/docs/0/url
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE613.537&secondRef=02
New
https://www.europarl.europa.eu/doceo/document/ITRE-AD-613537_EN.html
docs/8/docs/0/url
/oeil/spdoc.do?i=31247&j=0&l=en
events/1/type
Old
Committee referral announced in Parliament, 1st reading/single reading
New
Committee referral announced in Parliament, 1st reading
events/3/type
Old
Vote in committee, 1st reading/single reading
New
Vote in committee, 1st reading
events/5
date
2018-06-06T00:00:00
type
Committee report tabled for plenary, 1st reading
body
EP
docs
url: https://www.europarl.europa.eu/doceo/document/A-8-2018-0201_EN.html title: A8-0201/2018
summary
events/5
date
2018-06-06T00:00:00
type
Committee report tabled for plenary, 1st reading/single reading
body
EP
docs
url: http://www.europarl.europa.eu/doceo/document/A-8-2018-0201_EN.html title: A8-0201/2018
summary
events/6
date
2018-06-11T00:00:00
type
Committee decision to enter into interinstitutional negotiations announced in plenary (Rule 71)
body
EP
events/7
date
2018-10-03T00:00:00
type
Debate in Parliament
body
EP
docs
url: http://www.europarl.europa.eu/sides/getDoc.do?secondRef=TOC&language=EN&reference=20181003&type=CRE title: Debate in Parliament
events/7
date
2018-06-13T00:00:00
type
Committee decision to enter into interinstitutional negotiations confirmed by plenary (Rule 71)
body
EP
events/9
date
2018-10-03T00:00:00
type
Debate in Parliament
body
EP
docs
url: http://www.europarl.europa.eu/sides/getDoc.do?secondRef=TOC&language=EN&reference=20181003&type=CRE title: Debate in Parliament
events/9
date
2018-10-04T00:00:00
type
Decision by Parliament, 1st reading/single reading
body
EP
docs
url: http://www.europarl.europa.eu/doceo/document/TA-8-2018-0381_EN.html title: T8-0381/2018
summary
events/9/docs/0/url
Old
http://www.europarl.europa.eu/sides/getDoc.do?secondRef=TOC&language=EN&reference=20181003&type=CRE
New
https://www.europarl.europa.eu/doceo/document/CRE-8-2017-10-03-TOC_EN.html
events/11
date
2018-10-04T00:00:00
type
Decision by Parliament, 1st reading
body
EP
docs
url: https://www.europarl.europa.eu/doceo/document/TA-8-2018-0381_EN.html title: T8-0381/2018
summary
procedure/Modified legal basis
Rules of Procedure EP 159
procedure/Notes
  • 13/06/2018 Decision to enter into interinstitutional negotiations confirmed by plenary (Rule 69c)
procedure/Other legal basis
Rules of Procedure EP 159
docs/8/body
EC
events/5/docs/0/url
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=REPORT&mode=XML&reference=A8-2018-0201&language=EN
New
http://www.europarl.europa.eu/doceo/document/A-8-2018-0201_EN.html
events/9/docs/0/url
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=TA&language=EN&reference=P8-TA-2018-0381
New
http://www.europarl.europa.eu/doceo/document/TA-8-2018-0381_EN.html
committees/0
type
Responsible Committee
body
EP
associated
False
committee_full
Internal Market and Consumer Protection
committee
IMCO
rapporteur
name: CORAZZA BILDT Anna Maria date: 2017-10-25T00:00:00 group: European People's Party (Christian Democrats) abbr: PPE
shadows
committees/0
type
Responsible Committee
body
EP
associated
False
committee_full
Internal Market and Consumer Protection
committee
IMCO
date
2017-10-25T00:00:00
rapporteur
name: CORAZZA BILDT Anna Maria group: European People's Party (Christian Democrats) abbr: PPE
shadows
committees/1
type
Committee Opinion
body
EP
associated
False
committee_full
Industry, Research and Energy
committee
ITRE
rapporteur
name: KRASNODĘBSKI Zdzisław date: 2017-11-09T00:00:00 group: European Conservatives and Reformists abbr: ECR
committees/1
type
Committee Opinion
body
EP
associated
False
committee_full
Industry, Research and Energy
committee
ITRE
date
2017-11-09T00:00:00
rapporteur
name: KRASNODĘBSKI Zdzisław group: European Conservatives and Reformists abbr: ECR
events/6/docs
  • url: http://www.europarl.europa.eu/RegData/commissions/imco/inag/2019/07-24/IMCO_AG(2019)639846_EN.pdf title: PE639.846
activities
  • date: 2017-09-13T00:00:00 docs: url: http://www.europarl.europa.eu/RegData/docs_autres_institutions/commission_europeenne/com/2017/0495/COM_COM(2017)0495_EN.pdf title: COM(2017)0495 type: Legislative proposal published celexid: CELEX:52017PC0495:EN body: EC commission: DG: url: http://ec.europa.eu/digital-single-market/dg-connect title: Communications Networks, Content and Technology Commissioner: GABRIEL Mariya type: Legislative proposal published
  • date: 2017-10-23T00:00:00 body: EP type: Committee referral announced in Parliament, 1st reading/single reading committees: body: EP shadows: group: S&D name: SCHALDEMOSE Christel group: ECR name: DALTON Daniel group: ALDE name: CHARANZOVÁ Dita group: Verts/ALE name: REDA Julia group: EFD name: ZULLO Marco responsible: True committee: IMCO date: 2017-10-25T00:00:00 committee_full: Internal Market and Consumer Protection rapporteur: group: EPP name: CORAZZA BILDT Anna Maria body: EP responsible: False committee: ITRE date: 2017-11-09T00:00:00 committee_full: Industry, Research and Energy rapporteur: group: ECR name: KRASNODĘBSKI Zdzisław body: EP responsible: False committee_full: Legal Affairs committee: JURI body: EP responsible: False committee_full: Civil Liberties, Justice and Home Affairs committee: LIBE
  • body: CSL meeting_id: 3581 docs: url: http://register.consilium.europa.eu/content/out?lang=EN&typ=SET&i=SMPL&ROWSPP=25&RESULTSET=1&NRROWS=500&DOC_LANCD=EN&ORDERBY=DOC_DATE+DESC&CONTENTS=3581*&MEET_DATE=04/12/2017 type: Debate in Council title: 3581 council: Transport, Telecommunications and Energy date: 2017-12-04T00:00:00 type: Council Meeting
  • date: 2018-06-04T00:00:00 body: unknown type: Committee decision to open interinstitutional negotiations with report adopted in committee
  • date: 2018-06-04T00:00:00 body: EP type: Vote in committee, 1st reading/single reading committees: body: EP shadows: group: S&D name: SCHALDEMOSE Christel group: ECR name: DALTON Daniel group: ALDE name: CHARANZOVÁ Dita group: Verts/ALE name: REDA Julia group: EFD name: ZULLO Marco responsible: True committee: IMCO date: 2017-10-25T00:00:00 committee_full: Internal Market and Consumer Protection rapporteur: group: EPP name: CORAZZA BILDT Anna Maria body: EP responsible: False committee: ITRE date: 2017-11-09T00:00:00 committee_full: Industry, Research and Energy rapporteur: group: ECR name: KRASNODĘBSKI Zdzisław body: EP responsible: False committee_full: Legal Affairs committee: JURI body: EP responsible: False committee_full: Civil Liberties, Justice and Home Affairs committee: LIBE
  • body: EP docs: url: http://www.europarl.europa.eu/sides/getDoc.do?type=REPORT&mode=XML&reference=A8-2018-0201&language=EN type: Committee report tabled for plenary, 1st reading/single reading title: A8-0201/2018 type: Committee report tabled for plenary, 1st reading/single reading committees: body: EP shadows: group: S&D name: SCHALDEMOSE Christel group: ECR name: DALTON Daniel group: ALDE name: CHARANZOVÁ Dita group: Verts/ALE name: REDA Julia group: EFD name: ZULLO Marco responsible: True committee: IMCO date: 2017-10-25T00:00:00 committee_full: Internal Market and Consumer Protection rapporteur: group: EPP name: CORAZZA BILDT Anna Maria body: EP responsible: False committee: ITRE date: 2017-11-09T00:00:00 committee_full: Industry, Research and Energy rapporteur: group: ECR name: KRASNODĘBSKI Zdzisław body: EP responsible: False committee_full: Legal Affairs committee: JURI body: EP responsible: False committee_full: Civil Liberties, Justice and Home Affairs committee: LIBE date: 2018-06-06T00:00:00
  • date: 2018-10-01T00:00:00 body: EP type: Indicative plenary sitting date, 1st reading/single reading
commission
  • body: EC dg: Communications Networks, Content and Technology commissioner: GABRIEL Mariya
committees/0
type
Responsible Committee
body
EP
associated
False
committee_full
Internal Market and Consumer Protection
committee
IMCO
date
2017-10-25T00:00:00
rapporteur
name: CORAZZA BILDT Anna Maria group: European People's Party (Christian Democrats) abbr: PPE
shadows
committees/0
body
EP
shadows
responsible
True
committee
IMCO
date
2017-10-25T00:00:00
committee_full
Internal Market and Consumer Protection
rapporteur
group: EPP name: CORAZZA BILDT Anna Maria
committees/1
type
Committee Opinion
body
EP
associated
False
committee_full
Industry, Research and Energy
committee
ITRE
date
2017-11-09T00:00:00
rapporteur
name: KRASNODĘBSKI Zdzisław group: European Conservatives and Reformists abbr: ECR
committees/1
body
EP
responsible
False
committee
ITRE
date
2017-11-09T00:00:00
committee_full
Industry, Research and Energy
rapporteur
group: ECR name: KRASNODĘBSKI Zdzisław
committees/2
type
Committee Opinion
body
EP
associated
False
committee_full
Legal Affairs
committee
JURI
opinion
False
committees/2
body
EP
responsible
False
committee_full
Legal Affairs
committee
JURI
committees/3
type
Committee Opinion
body
EP
associated
False
committee_full
Civil Liberties, Justice and Home Affairs
committee
LIBE
opinion
False
committees/3
body
EP
responsible
False
committee_full
Civil Liberties, Justice and Home Affairs
committee
LIBE
council
  • body: CSL type: Council Meeting council: Foreign Affairs meeting_id: 3647 url: http://register.consilium.europa.eu/content/out?lang=EN&typ=SET&i=SMPL&ROWSPP=25&RESULTSET=1&NRROWS=500&DOC_LANCD=EN&ORDERBY=DOC_DATE+DESC&CONTENTS=3647*&MEET_DATE=09/11/2018 date: 2018-11-09T00:00:00
  • body: CSL type: Council Meeting council: Transport, Telecommunications and Energy meeting_id: 3581 url: http://register.consilium.europa.eu/content/out?lang=EN&typ=SET&i=SMPL&ROWSPP=25&RESULTSET=1&NRROWS=500&DOC_LANCD=EN&ORDERBY=DOC_DATE+DESC&CONTENTS=3581*&MEET_DATE=04/12/2017 date: 2017-12-04T00:00:00
docs
  • date: 2017-09-13T00:00:00 docs: title: SWD(2017)0304 type: Document attached to the procedure body: EC
  • date: 2017-09-13T00:00:00 docs: url: https://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=SWD:2017:0305:FIN:EN:PDF title: EUR-Lex title: SWD(2017)0305 type: Document attached to the procedure body: EC
  • date: 2017-12-12T00:00:00 docs: title: PE615.357 type: Reasoned opinion body: FR_SENATE
  • date: 2018-02-15T00:00:00 docs: url: https://dm.eesc.europa.eu/EESCDocumentSearch/Pages/redresults.aspx?k=(documenttype:AC)(documentnumber:4820)(documentyear:2017)(documentlanguage:EN) title: CES4820/2017 type: Economic and Social Committee: opinion, report body: ESC
  • date: 2018-03-01T00:00:00 docs: url: http://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE619.038 title: PE619.038 type: Committee draft report body: EP
  • date: 2018-04-09T00:00:00 docs: url: http://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE619.414 title: PE619.414 type: Amendments tabled in committee body: EP
  • date: 2018-04-26T00:00:00 docs: url: http://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XML&language=EN&reference=PE613.537&secondRef=02 title: PE613.537 committee: ITRE type: Committee opinion body: EP
  • date: 2018-11-14T00:00:00 docs: url: http://register.consilium.europa.eu/content/out?lang=EN&typ=SET&i=ADV&RESULTSET=1&DOC_ID=[%n4]%2F18&DOC_LANCD=EN&ROWSPP=25&NRROWS=500&ORDERBY=DOC_DATE+DESC title: 00053/2018/LEX type: Draft final act body: CSL
  • date: 2018-11-21T00:00:00 docs: url: /oeil/spdoc.do?i=31247&j=0&l=en title: SP(2018)755 type: Commission response to text adopted in plenary
  • date: 2018-05-02T00:00:00 docs: url: http://www.connefof.europarl.europa.eu/connefof/app/exp/COM(2017)0495 title: COM(2017)0495 type: Contribution body: DE_BUNDESRAT
  • date: 2017-12-14T00:00:00 docs: url: http://www.connefof.europarl.europa.eu/connefof/app/exp/COM(2017)0495 title: COM(2017)0495 type: Contribution body: CZ_SENATE
  • date: 2017-11-21T00:00:00 docs: url: http://www.connefof.europarl.europa.eu/connefof/app/exp/COM(2017)0495 title: COM(2017)0495 type: Contribution body: ES_PARLIAMENT
  • date: 2017-12-07T00:00:00 docs: url: http://www.connefof.europarl.europa.eu/connefof/app/exp/COM(2017)0495 title: COM(2017)0495 type: Contribution body: PT_PARLIAMENT
events
  • date: 2017-09-13T00:00:00 type: Legislative proposal published body: EC docs: url: http://www.europarl.europa.eu/RegData/docs_autres_institutions/commission_europeenne/com/2017/0495/COM_COM(2017)0495_EN.pdf title: COM(2017)0495 url: https://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!DocNumber&lg=EN&type_doc=COMfinal&an_doc=2017&nu_doc=0495 title: EUR-Lex summary: PURPOSE: to create a framework for the free flow of non-personal data in the European Union and the foundation for developing the data economy and enhancing the competitiveness of European industry. PROPOSED ACT: Regulation of the European Parliament and of the Council. ROLE OF THE EUROPEAN PARLIAMENT: the European Parliament decides in accordance with the ordinary legislative procedure and on an equal footing with the Council. BACKGROUND: currently, data localisation restrictions by Member States' public authorities and obstacles to the movement of data across IT systems prevent business and organisations in the EU from capturing economic, social and business opportunities. Legal uncertainty and lack of trust cause additional barriers to the free flow of non-personal data. In practice, this means a business may not be or feel free to make full use of cloud services, choose the most cost-effective locations for IT resources, switch between service providers or port its data back to their own IT systems. With the principle of free flow of non-personal data, businesses can avoid duplication of data at several locations, may feel more confident to enter new markets, and scale up their activities more easily. The Mid-Term Review on the implementation of the Digital Single Market Strategy (DSM Strategy) announced a legislative proposal on an EU free flow of data cooperation framework. IMPACT ASSESSMENT: the preferred option chosen allows for the assessment of a combination of legislation establishing the free flow of data framework and the single points of contact and an expert group as well as self-regulatory measures addressing data porting. This option would ensure the effective removal of existing unjustified localisation restrictions and would effectively prevent the future ones, as a result of a clear legal principle combined with the review, notification and transparency, while at the same time enhancing legal certainty and trust in the market. The burden on Member States' public authorities would be modest, leading to approximately EUR 33 000 annually in terms of human resources cost to sustain the single points of contact as well as a yearly cost of between EUR 385 and EUR 1925 for the preparation of notifications CONTENT: the proposed Regulation seeks to ensure the free movement of data other than personal data within the Union by laying down rules relating to data localisation requirements, the availability of data to competent authorities and data porting for professional users. It shall apply to the storage or other processing of electronic data other than personal data in the Union, which is (a) provided as a service to users residing or having an establishment in the Union, regardless of whether the provider is established or not in the Union or (b) carried out by a natural or legal person residing or having an establishment in the Union for its own needs. The proposal: establishes the principle of free movement of non-personal data in the Union. This principle prohibits any data localisation requirement , unless it is justified on grounds of public security. Furthermore, it provides for the review of existing requirements, notification of remaining or new requirements to the Commission and transparency measures; ensures data availability for regulatory control by competent authorities. To this effect, users may not refuse to provide access to data to competent authorities on the basis that data is stored or otherwise processed in another Member State. Where a competent authority has exhausted all applicable means to obtain access to the data, that competent authority may request the assistance of an authority in another Member State, if no specific cooperation mechanism exists; states that the Commission shall encourage service providers and professional users to develop and implement codes of conduct detailing the information on data porting conditions (including technical and operational requirements) that providers should make available to their professional users in a sufficiently detailed, clear and transparent manner before a contract is concluded. The Commission will review the development and effective implementation of such codes within two years after the start of application of this Regulation; stipulates that each Member State shall designate a single point of contact who shall liaise with the points of contact of other Member States and the Commission regarding the application of this Regulation; provides for procedural conditions applicable to the assistance between competent authorities; states that the Commission shall be assisted by the Free Flow of Data Committee within the meaning of Regulation (EU) No 182/2011; calls for a review within five years after the start of application of the Regulation and that the Regulation will start to apply six months after the day of its publication. BUDGETARY IMPLICATIONS: a moderate administrative burden for Member States' public authorities will emerge, caused by the allocation of human resources for the cooperation between Member States through the 'single points of contact', and for complying with the notification, review and transparency provisions.
  • date: 2017-10-23T00:00:00 type: Committee referral announced in Parliament, 1st reading/single reading body: EP
  • date: 2017-12-04T00:00:00 type: Debate in Council body: CSL docs: url: http://register.consilium.europa.eu/content/out?lang=EN&typ=SET&i=SMPL&ROWSPP=25&RESULTSET=1&NRROWS=500&DOC_LANCD=EN&ORDERBY=DOC_DATE+DESC&CONTENTS=3581*&MEET_DATE=04/12/2017 title: 3581
  • date: 2018-06-04T00:00:00 type: Vote in committee, 1st reading/single reading body: EP
  • date: 2018-06-04T00:00:00 type: Committee decision to open interinstitutional negotiations with report adopted in committee body: EP
  • date: 2018-06-06T00:00:00 type: Committee report tabled for plenary, 1st reading/single reading body: EP docs: url: http://www.europarl.europa.eu/sides/getDoc.do?type=REPORT&mode=XML&reference=A8-2018-0201&language=EN title: A8-0201/2018 summary: The Committee on the Internal Market and Consumer Protection adopted the report by Anna Maria CORAZZA BILDT (EPP, SE) on the proposal for a regulation of the European Parliament and of the Council on a framework for the free flow of non-personal data in the European Union. As a reminder, the proposed Regulation seeks to ensure the free movement of data other than personal data within the Union by laying down rules relating to data localisation requirements, the availability of data to competent authorities and data porting for professional users. The committee recommended that the European Parliament’s position adopted at first reading under the ordinary legislative procedure should amend the Commission proposal as follows: Principle of free movement of non-personal data : Members specified that data location requirements shall be prohibited unless, on an exceptional basis, and in compliance with the principle of proportionality, they are justified on imperative grounds of public security . The concept of ‘imperative grounds of public security’ presupposes a threat to public security that is of a particularly high degree of seriousness. The amendment builds on the Treaty and the relevant case law of the Court of Justice to clarify the concept of public security and increase legal certainty. Members wanted to introduce a clear deadline (no later than one year after the entry into force of the regulation) by which Member States must communicate the location requirements of the data they wish to maintain. The Commission shall examine the draft act within three months and decide whether or not the Member State concerned should amend or repeal the data location requirements. Any remaining data localisation requirements should be published on the Commission’s website to ensure easy accessibility of this information. Scope : Members specified that public sector authorities and entities shall also benefit from the free movement of data. The Regulation shall apply to all levels of governance, including public procurement. Mixed data sets : in the case of a mixed data set, namely a data set composed of both personal and non-personal data, the Regulation shall apply to the non-personal data of the data set. Where non-personal and personal data are inextricably linked, this Regulation should apply without prejudice to Regulation (EU) 2016/679 . Access to data for public authorities : the Commission's proposal provides that where a competent authority has exhausted all possible means of accessing data, it could request the assistance of an authority in another Member State if no specific cooperation mechanism exists. Members believe that such assistance could be requested where a competent authority does not obtain access to the data after contacting the user of the data processing service and where there is no specific cooperation mechanism under EU law or international agreements for the exchange of data between competent authorities of different Member States. Members also pointed out that access to the premises where data is stored must be given in accordance with the national law of the Member State where the premises or equipment is located. Codes of conduct : self-regulatory codes of conduct at EU level shall contribute to a competitive data economy, which are based on the principle of transparency and which establish guidelines on, inter alia , the following issues: best practices for facilitating the switching of providers and porting data in a structured, commonly used, interoperable and machine-readable format; minimum information requirements to ensure that professional users are provided with sufficiently detailed, clear and transparent information before a contract for data storage and processing is concluded. The Commission shall encourage providers to effectively implement the codes of conduct by 24 months after the date of publication of this Regulation. It shall ensure that the codes of conduct are developed in close cooperation with all relevant stakeholders , including associations of small and medium-sized enterprises and start-ups, users and providers of cloud services. Single point of contact : Members considered that the know-how of the single points of contact can be used not only as a link between the Member States and the Commission, but also to connect the institutions with users. Review : no later than 3 years and 6 months after the date of publication of the Regulation, the Commission shall submit a report evaluating the implementation of the Regulation, in particular as regards: (i) the application of the Regulation to mixed data sets; (ii) the implementation by Member States of the public security exception; (iii) the development and effective implementation of codes of conduct.
  • date: 2018-07-12T00:00:00 type: Approval in committee of the text agreed at 1st reading interinstitutional negotiations body: EP
  • date: 2018-10-03T00:00:00 type: Debate in Parliament body: EP docs: url: http://www.europarl.europa.eu/sides/getDoc.do?secondRef=TOC&language=EN&reference=20181003&type=CRE title: Debate in Parliament
  • date: 2018-10-04T00:00:00 type: Results of vote in Parliament body: EP docs: url: https://oeil.secure.europarl.europa.eu/oeil/popups/sda.do?id=31247&l=en title: Results of vote in Parliament
  • date: 2018-10-04T00:00:00 type: Decision by Parliament, 1st reading/single reading body: EP docs: url: http://www.europarl.europa.eu/sides/getDoc.do?type=TA&language=EN&reference=P8-TA-2018-0381 title: T8-0381/2018 summary: The European Parliament adopted by 520 votes to 81 with 6 abstentions a legislative resolution on the proposal for a regulation of the European Parliament and of the Council on a framework for the free flow of non-personal data in the European Union. The European Parliament’s position adopted at first reading under the ordinary legislative procedure amended the Commission proposal as follows: Purpose : the proposed Regulation aims to ensure the free flow of data other than personal data within the Union by laying down rules relating to data localisation requirements, the availability of data to competent authorities and the porting of data for professional users. The expanding Internet of Things, artificial intelligence and machine learning, represent major sources of non-personal data. Specific examples of non-personal data include aggregate and anonymised datasets used for big data analytics, data on precision farming that can help to monitor and optimise the use of pesticides and water, or data on maintenance needs for industrial machines. Principle of free movement of non-personal data : under the amended text, data localisation requirements shall be prohibited, unless they are justified on grounds of public security in compliance with the principle of proportionality. The concept of ‘public security’, within the meaning of Article 52 TFEU and as interpreted by the Court of Justice, covers both the internal and external security of a Member State, as well as issues of public safety. No later than 24 months from the date of application of this Regulation, if a Member State considers that an existing measure containing a data localisation requirement can remain in force, it shall communicate that measure to the Commission, together with a justification for maintaining it in force. Member States shall make the details of any data localisation requirements via a national online single information point which they shall keep up-to-date, or provide up-to-date details of any such localisation requirements to a central information point established under another Union act. The Commission shall publish the link(s) to such point(s) on its website, along with a regularly updated consolidated list of all data localisation requirements. Data availability for competent authorities : access to data by competent authorities may not be refused on the basis that the data are processed in another Member State. Where, after requesting access to a user's data, a competent authority does not obtain access and if no specific cooperation mechanism exists under Union law or international agreements to exchange data between competent authorities of different Member States, that competent authority may request assistance from a competent authority in another Member State. Member States may impose effective, proportionate and dissuasive penalties for failure to provide data, in accordance with Union and national law. Codes of conduct : the Commission shall encourage and facilitate the development of self-regulatory codes of conduct at Union level in order to contribute to a competitive data economy, based on the principles of transparency and interoperability and taking due account of open standards, covering inter alia the following aspects: best practices for facilitating the switching of service providers and the porting of data in a structured, commonly used and machine-readable format; minimum information requirements to ensure that professional users are provided, before a contract for data processing is concluded, with sufficiently detailed, clear and transparent information; approaches to certification schemes that facilitate the comparison of data processing products and services for professional users. The Commission shall encourage suppliers to complete the development of codes of conduct no later than one year after the date of publication of the Regulation and to effectively implement them no later than 18 months after the date of publication of the Regulation . It should ensure that codes of conduct are developed in close cooperation with all stakeholders, including SME and start-ups associations, users and cloud service providers. Mixed data : in the case of a mixed data set, i.e. a data set composed of both personal and non-personal data , the Regulation shall apply to the non-personal data part of the data set. Where personal and non-personal data in a data set are inextricably linked, this Regulation shall not prejudice the application of Regulation (EU) 2016/679 . Review : no later than 4 years after the date of publication of the Regulation, the Commission shall submit a report evaluating the implementation of the Regulation, in particular as regards: (i) the application of the Regulation to data sets composed of both personal and non-personal data; (ii) the implementation by Member States of the public security exception; (iii) the development and effective implementation of codes of conduct.
  • date: 2018-11-09T00:00:00 type: Act adopted by Council after Parliament's 1st reading body: EP/CSL
  • date: 2018-11-14T00:00:00 type: Final act signed body: CSL
  • date: 2018-11-14T00:00:00 type: End of procedure in Parliament body: EP
  • date: 2018-11-28T00:00:00 type: Final act published in Official Journal summary: PURPOSE: to remove obstacles to the free movement of non-personal data in the EU. LEGISLATIVE ACT: Regulation (EU) 2018/1807 of the European Parliament and of the Council on a framework for the free flow of non-personal data in the European Union. CONTENT: this Regulation aims to ensure the free flow of data other than personal data within the Union by laying down rules relating to data localisation requirements, the availability of data to competent authorities and the porting of data for professional users. The new Regulation is designed to boost the data economy and the development of emerging technologies such as artificial intelligence, products and services related to the Internet of Things and autonomous systems and 5G that raise new legal issues regarding access to data and their reuse, liability, ethics and solidarity. Principle of free movement of data within the Union The Regulation prohibits restrictions related to the location of data imposed by Member States on the geographical location of the storage or processing of non-personal data, unless justified on grounds of public security. Member States shall immediately communicate to the Commission any draft act introducing a new data localisation requirement or amending an existing data localisation requirement. By 30 May 2021 at the latest, any existing data localisation requirements shall be repealed. Data availability for competent authorities Competent authorities shall retain the power to request access to data for the performance of their official duties, in accordance with Union or national law. Access to data by the competent authorities may not be refused on the grounds that the data are processed in another Member State. Where, after requesting access to a user's data, a competent authority does not obtain access and if no specific cooperation mechanism exists under Union law or international agreements to exchange data between competent authorities of different Member States, that competent authority may request assistance from a competent authority in another Member State. Member States may impose effective, proportionate and dissuasive sanctions in the event of failure to provide data. Codes of conduct The Regulation encourages the development of codes of conduct to facilitate the procedure for users to switch providers and port data back to its own IT systems. Codes of conduct shall be comprehensive and shall cover at least those aspects that are essential during the data porting process, such as (i) the processes used and location of data backups, (ii) the available data formats and supports, (iii) the required IT configuration and minimum network bandwidth, (iv) the time required prior to initiating the porting process and the length of time during which the data will remain available for porting, and (vi) data access guarantees in the event of the service provider going bankrupt. The Commission shall encourage service providers to complete the development of codes of conduct by 29 November 2019 and to effectively implement them by 29 May 2020. It shall have to ensure that codes of conduct are developed in close cooperation with all stakeholders, including SME and start-ups and cloud service providers. Mixed data In the case of a mixed data set, i.e. a data set composed of both personal and non-personal data, the Regulation shall apply to the non-personal data part of the data set. Where personal and non-personal data in a data set are inextricably linked, this Regulation shall not prejudice the application of Regulation (EU) 2016/679. Each Member State shall have to designate a single contact point to liaise with the single contact points of the other Member States and the Commission regarding the application of the Regulation. ENTRY INTO FORCE: 18.12.2018. APPLICATION: from 18.6.2019. docs: title: Regulation 2018/1807 url: https://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!CELEXnumdoc&lg=EN&numdoc=32018R1807 title: OJ L 303 28.11.2018, p. 0059 url: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ:L:2018:303:TOC
other
  • body: EC dg: url: http://ec.europa.eu/digital-single-market/dg-connect title: Communications Networks, Content and Technology commissioner: GABRIEL Mariya
otherinst
  • name: European Economic and Social Committee
  • name: European Committee of the Regions
procedure/Mandatory consultation of other institutions
European Economic and Social Committee European Committee of the Regions
procedure/Modified legal basis
Old
Rules of Procedure EP 150
New
Rules of Procedure EP 159
procedure/Notes
  • 13/06/2018 Decision to enter into interinstitutional negotiations confirmed by plenary (Rule 69c)
procedure/dossier_of_the_committee
Old
IMCO/8/11036
New
  • IMCO/8/11036
procedure/final
title
Regulation 2018/1807
url
https://eur-lex.europa.eu/smartapi/cgi/sga_doc?smartapi!celexplus!prod!CELEXnumdoc&lg=EN&numdoc=32018R1807
procedure/other_consulted_institutions
European Economic and Social Committee European Committee of the Regions
procedure/stage_reached
Old
Awaiting Parliament 1st reading / single reading / budget 1st stage
New
Procedure completed
procedure/subject
Old
  • 1.20.09 Protection of privacy and data protection
  • 2.40 Free movement of services, freedom to provide
  • 2.80 Cooperation between administrations
  • 3.30.06 Information and communication technologies, digital technologies
  • 3.30.25 International information networks and society, internet
New
1.20.09
Protection of privacy and data protection
2.40
Free movement of services, freedom to provide
2.80
Cooperation between administrations
3.30.06
Information and communication technologies, digital technologies
3.30.25
International information networks and society, internet
activities/0/commission/0/Commissioner
Old
KING Julian
New
GABRIEL Mariya
activities/1
date
2017-10-23T00:00:00
body
EP
type
Committee referral announced in Parliament, 1st reading/single reading
committees
activities/2
body
CSL
meeting_id
3581
docs
url: http://register.consilium.europa.eu/content/out?lang=EN&typ=SET&i=SMPL&ROWSPP=25&RESULTSET=1&NRROWS=500&DOC_LANCD=EN&ORDERBY=DOC_DATE+DESC&CONTENTS=3581*&MEET_DATE=04/12/2017 type: Debate in Council title: 3581
council
Transport, Telecommunications and Energy
date
2017-12-04T00:00:00
type
Council Meeting
activities/3
date
2018-06-04T00:00:00
body
unknown
type
Committee decision to open interinstitutional negotiations with report adopted in committee
activities/4
date
2018-06-04T00:00:00
body
EP
type
Vote in committee, 1st reading/single reading
committees
activities/5
body
EP
docs
url: http://www.europarl.europa.eu/sides/getDoc.do?type=REPORT&mode=XML&reference=A8-2018-0201&language=EN type: Committee report tabled for plenary, 1st reading/single reading title: A8-0201/2018
type
Committee report tabled for plenary, 1st reading/single reading
committees
date
2018-06-06T00:00:00
activities/6/committees
  • body: EP shadows: group: S&D name: SCHALDEMOSE Christel group: Verts/ALE name: REDA Julia responsible: True committee: IMCO date: 2017-10-25T00:00:00 committee_full: Internal Market and Consumer Protection rapporteur: group: EPP name: CORAZZA BILDT Anna Maria
  • body: EP responsible: False committee: ITRE date: 2017-11-09T00:00:00 committee_full: Industry, Research and Energy rapporteur: group: ECR name: KRASNODĘBSKI Zdzisław
  • body: EP responsible: False committee_full: Legal Affairs committee: JURI
  • body: EP responsible: False committee_full: Civil Liberties, Justice and Home Affairs committee: LIBE
activities/6/date
Old
2017-10-23T00:00:00
New
2018-10-01T00:00:00
activities/6/type
Old
Committee referral announced in Parliament, 1st reading/single reading
New
Indicative plenary sitting date, 1st reading/single reading
committees/0/shadows/1
group
ECR
name
DALTON Daniel
committees/0/shadows/2
group
ALDE
name
CHARANZOVÁ Dita
committees/0/shadows/4
group
EFD
name
ZULLO Marco
links/Research document
url
http://www.europarl.europa.eu/thinktank/en/document.html?reference=EPRS_BRI(2017)614628
title
Briefing
other/0/commissioner
Old
KING Julian
New
GABRIEL Mariya
procedure/Modified legal basis
Rules of Procedure EP 150
procedure/stage_reached
Old
Awaiting committee decision
New
Awaiting Parliament 1st reading / single reading / budget 1st stage
procedure/subject/3
Old
3.30.06 Information and communication technologies
New
3.30.06 Information and communication technologies, digital technologies
activities/1/committees/0/shadows/0
group
S&D
name
SCHALDEMOSE Christel
committees/0/shadows/0
group
S&D
name
SCHALDEMOSE Christel
activities/1/committees/1/date
2017-11-09T00:00:00
activities/1/committees/1/rapporteur
  • group: ECR name: KRASNODĘBSKI Zdzisław
committees/1/date
2017-11-09T00:00:00
committees/1/rapporteur
  • group: ECR name: KRASNODĘBSKI Zdzisław
activities/1/committees/0/date
2017-10-25T00:00:00
activities/1/committees/0/rapporteur
  • group: EPP name: CORAZZA BILDT Anna Maria
committees/0/date
2017-10-25T00:00:00
committees/0/rapporteur
  • group: EPP name: CORAZZA BILDT Anna Maria
activities/1
date
2017-10-23T00:00:00
body
EP
type
Committee referral announced in Parliament, 1st reading/single reading
committees
procedure/Mandatory consultation of other institutions
European Economic and Social Committee European Committee of the Regions
procedure/dossier_of_the_committee
IMCO/8/11036
procedure/stage_reached
Old
Preparatory phase in Parliament
New
Awaiting committee decision
committees/0/shadows
  • group: Verts/ALE name: REDA Julia
activities/0/docs/0/text
  • PURPOSE: to create a framework for the free flow of non-personal data in the European Union and the foundation for developing the data economy and enhancing the competitiveness of European industry.

    PROPOSED ACT: Regulation of the European Parliament and of the Council.

    ROLE OF THE EUROPEAN PARLIAMENT: the European Parliament decides in accordance with the ordinary legislative procedure and on an equal footing with the Council.

    BACKGROUND: currently, data localisation restrictions by Member States' public authorities and obstacles to the movement of data across IT systems prevent business and organisations in the EU from capturing economic, social and business opportunities. Legal uncertainty and lack of trust cause additional barriers to the free flow of non-personal data.

    In practice, this means a business may not be or feel free to make full use of cloud services, choose the most cost-effective locations for IT resources, switch between service providers or port its data back to their own IT systems.

    With the principle of free flow of non-personal data, businesses can avoid duplication of data at several locations, may feel more confident to enter new markets, and scale up their activities more easily.

    The Mid-Term Review on the implementation of the Digital Single Market Strategy (DSM Strategy) announced a legislative proposal on an EU free flow of data cooperation framework.

    IMPACT ASSESSMENT: the preferred option chosen allows for the assessment of a combination of legislation establishing the free flow of data framework and the single points of contact and an expert group as well as self-regulatory measures addressing data porting. This option would ensure the effective removal of existing unjustified localisation restrictions and would effectively prevent the future ones, as a result of a clear legal principle combined with the review, notification and transparency, while at the same time enhancing legal certainty and trust in the market. The burden on Member States' public authorities would be modest, leading to approximately EUR 33 000 annually in terms of human resources cost to sustain the single points of contact as well as a yearly cost of between EUR 385 and EUR 1925 for the preparation of notifications

    CONTENT: the proposed Regulation seeks to ensure the free movement of data other than personal data within the Union by laying down rules relating to data localisation requirements, the availability of data to competent authorities and data porting for professional users.

    It shall apply to the storage or other processing of electronic data other than personal data in the Union, which is (a) provided as a service to users residing or having an establishment in the Union, regardless of whether the provider is established or not in the Union or (b) carried out by a natural or legal person residing or having an establishment in the Union for its own needs.

    The proposal:

    • establishes the principle of free movement of non-personal data in the Union. This principle prohibits any data localisation requirement, unless it is justified on grounds of public security. Furthermore, it provides for the review of existing requirements, notification of remaining or new requirements to the Commission and transparency measures;
    • ensures data availability for regulatory control by competent authorities. To this effect, users may not refuse to provide access to data to competent authorities on the basis that data is stored or otherwise processed in another Member State. Where a competent authority has exhausted all applicable means to obtain access to the data, that competent authority may request the assistance of an authority in another Member State, if no specific cooperation mechanism exists;
    • states that the Commission shall encourage service providers and professional users to develop and implement codes of conduct detailing the information on data porting conditions (including technical and operational requirements) that providers should make available to their professional users in a sufficiently detailed, clear and transparent manner before a contract is concluded. The Commission will review the development and effective implementation of such codes within two years after the start of application of this Regulation;
    • stipulates that each Member State shall designate a single point of contact who shall liaise with the points of contact of other Member States and the Commission regarding the application of this Regulation;
    • provides for procedural conditions applicable to the assistance between competent authorities;
    • states that the Commission shall be assisted by the Free Flow of Data Committee within the meaning of Regulation (EU) No 182/2011;
    • calls for a review within five years after the start of application of the Regulation and that the Regulation will start to apply six months after the day of its publication.

    BUDGETARY IMPLICATIONS: a moderate administrative burden for Member States' public authorities will emerge, caused by the allocation of human resources for the cooperation between Member States through the 'single points of contact', and for complying with the notification, review and transparency provisions.

committees/0/responsible
Old
 
New
True
committees/1/responsible
Old
True
New
 
activities/0/commission/0
DG
Commissioner
KING Julian
other/0
body
EC
dg
commissioner
KING Julian
activities
  • date: 2017-09-13T00:00:00 docs: url: http://www.europarl.europa.eu/RegData/docs_autres_institutions/commission_europeenne/com/2017/0495/COM_COM(2017)0495_EN.pdf celexid: CELEX:52017PC0495:EN type: Legislative proposal published title: COM(2017)0495 body: EC commission: type: Legislative proposal published
committees
  • body: EP responsible: False committee_full: Internal Market and Consumer Protection committee: IMCO
  • body: EP responsible: True committee_full: Industry, Research and Energy committee: ITRE
  • body: EP responsible: False committee_full: Legal Affairs committee: JURI
  • body: EP responsible: False committee_full: Civil Liberties, Justice and Home Affairs committee: LIBE
links
other
    procedure
    reference
    2017/0228(COD)
    subtype
    Legislation
    legal_basis
    Treaty on the Functioning of the EU TFEU 114
    stage_reached
    Preparatory phase in Parliament
    instrument
    Regulation
    title
    Free flow of non-personal data in the European Union
    type
    COD - Ordinary legislative procedure (ex-codecision procedure)
    subject