Monday 9 November 2020

The EU’s draft Data Governance Act: an own goal?


The EU’s draft Data Governance Act is designed to facilitate the greater sharing of non-Personal data within the EU. Such big data ought to provide new insights and benefit the lives of EU citizens, the EU thinking goes. 

 

The Act is also designed to prevent access and use by non-EU based data intermediaries such as those that may be established in the UK, or elsewhere in the world. 

 

Will this prohibition result in UK-based organisations operating at a competitive disadvantage? They won’t be entitled at act as data intermediaries. Conversely, the EU-established data intermediaries will face difficulties in tapping the deep talent pool of non-EU based information experts.  

 

Might this prohibition result in UK-focussed data services operating at a comparative disadvantage? The AI-based service models that will be developed for the benefit of UK citizens won’t be able to take advantage of the training data available to EU-focussed service providers.

 

Why is it in the best interests of the EU to adopt this protectionist model? Isn’t it better for the EU to develop a partnership model with, rather than discriminate against non EU-based entities?

 

Discrimination based on the geographic location of the data intermediary / service provider reinforces the concept of a ‘Fortress Europe’. EU member states will run the risk of operating within a walled garden that delivers fewer benefits to citizens than would be the case if there were no barriers. I remember the direction that populations migrated when the Iron Curtain fell in 1991. They travelled west, towards a society that offered greater choices and a higher quality of services. Very few travelled to the east, further into the Soviet Union.

 

The EU has managed, with the passing of the GDPR, to adopt data protection standards that are virtually impossible for many organisations to fully comply with. Accordingly, I wouldn't be at all surprised if the EU were to follow it up with legislation that made it equally hard for European citizens to be able to take full advantage of the insights that can flow from the processing of non-personal data.