Simon Pompé for POLITICO: Clarity, finally
Over the course of the negotiations, Brussels shrouded itself in its usual mystery. Now, the regulation for protection of non-personal data has finally passed and one could see the relief of commissioners.
Essentially, the regulation is supposed to complement the GDPR. All data unrelated to private people that is gathered by tech businesses must now be securely stored and managed in a way that it can be safely traded between businesses. Thus, the Commission hopes to “unleash the free flow of data”.
The ways to ensure the security of this certainly are adventurous. First, yet another agency, this time called BEREC, is tasked with overseeing the processing of data. It uses an algorithm to sift through all non-personal data, determines what of this may be used to infer personal information, and if necessary, sorts it out to be protected under GDPR. Curiously, companies shall be distributed a “physical device” that helps them access the data. Who actually distributes these, pays for them, and produces them, remained ambiguous. Is it BEREC? Do they even have money for that? “A question for the administrative layers”, the Commission noted.
In total is the regulation a necessary to finally update the European market to the digital sphere. Having 28 different regulations just does not make sense in an age, where Google, Amazon, and carmakers fundamentally require access to online data in order to do business. The regulation itself, like the GDPR, is the brute hammer of regulation, but the past has shown, that foreign business are too keen on the European cake of consumers to say no to it.
Annemiek for The Economist
The second conference with the European Commission was on the agenda of the press team today.
When asking a question about the economic viability assessment of the BEREC, wouldn’t this assessment restrict business in their flexibility regarding trade? Could this not hinder the free flow of data instead of “unleashing” it? The Commission answered that this assessment was only used for categorisation and will therefore have no impact on the businesses in Europe, but this surely remains to be seen.
Multiple doubts also arise from the fifth article for the regulation of the Commission. Standard encryption used to protect non-personal data, which is business-standard and therefore used by many companies. It will not hinder trade, because most businesses know how to use it, the Commission argues. What they do not seem to realise is that these kinds of regulations achieve in practice very little in terms of privacy, but a lot in terms of unnecessary bureaucracy solely serving to appease anxious national politicians who fear electoral backlash.
Our last question considered the ominous “physical device” that is supposed to be distributed to companies that want to implement this regulation. We were wondering whether there were any costs connected to the transport of these devices and who would cover those. Apparently, the device is actually a small key to lower the risk of privacy violation. The companies that implement the regulation will unfortunately have to cover the costs of transportation. Classic Berlaymont.
Ella Goemans for the Daily Mail: European Commission Letting Others Do Their Jobs
Today saw the final press conference held by the European Commission of the 2019 EuroMUN. As negotiations always proceed behind closed doors, these press conferences are of vital important to let you know what the European Union (EU) is deciding for us. However, it is always difficult to get any clear-cut answers from these technocrats.
Today proved no exception where this is concerned. This very morning a regulation was passed by the Commission concerning data protection and the growth of businesses. The purpose, they say, is to help separate personal and non-personal data, protecting citizens from businesses using their private data. Pretty neat, right? Not really. While the Commissioners say there is an automatic program through which the data passes, it is ‘experts’ in a separate task force which will decide what to do with the separated information. This Body of European Regulators for Electronic Communications, or BEREC, takes control of the information the Commission said it would protect, but how certain is it that unelected ‘experts’ won’t be infringing on the privacy of millions of European citizens? Like this the Commission will hardly be accountable and let other people handle such a delicate issue.
The Commission does a similar thing when it comes to Schengen. After being completely unable to prevent the attacks in Paris and Brussels, their solution is to keep the borders as open as possible. How this is effective is unclear. While the Commission swears communication between police forces will improve, another way they shift their responsibility, there are still many language barriers, barriers in the form of local rules and regulation, and the fact that dangerous people will be able to move unseen through the EU countries. The Commission claims the European police will be able to share who leave and enters their respective countries, however, this remains highly doubtful when there are no border controls. Where the EU to follow the example of the United Kingdom concerning their borders, Paris and Brussels would have been spared many lives.
Simon Pompé for The Economist
Yet Another Yoke on European Businesses
The European Commission just came forward with its first press messages regarding the regulation on protection of non-personal data. In case you are wondering what that is, “it is everything that is not personal data”. The Commission assured that is crucial to complete a digitalized single market and to complement the GDPR.
This is yet another example of overregulation. European tech companies are already struggling under the demanding standards set by Brussels – think of the GDPR and the Copyright Directive. Investment into innovation and growth stagnate accordingly, and once Europe ceases to provide a fertile business environment, corporations will look for profits elsewhere. If you look for the reasons, Europe has no Silicone Valley on its own, look no further than the negotiations under way in the Berlaymont right now.
Commissioners were eager to assert that their project will enable small businesses and start-ups to flourish.
Annemiek Dols for Euractiv
A No-Brainer for Brussels
In a press conference with the European Commission, a reporter of Euractiv asked if the proposal about the data protection of non-personal data will stand a chance passing in the European Council and Parliament concerning its ambiguity regarding consumer protection and business interests.
Frans Timmermans answered that they will try their best to do so, since it is work in progress, and is convinced that the Commission and Parliament will agree, as it the proposal takes into account what is best for the European citizens. With regards to differentiating business from citizens data, the General Data Protection Regulation is an example of showing that is the data of citizens, whereas the regulation in the works right now is supposed to complement this. Therefore, all the data that is not mentioned in the GDPR, is automatically non-personal data.
Andrea González for The Daily Mail
Transparent, Democratic and Concrete: Three Things that the European Commission is Not
The Commission has met in order to come up with a proposal for a regulation of non-personal data in the internal market. After two days of closed-door debates in the Commission, we are as uncertain about what their discussions have been about as before they had even started.
According to one of the Commission spokespersons, with this regulation they aim to regulate the digital market and fill the gaps left by other previous legislation in order to, in the words of the spokesperson, protect the citizens from misusage of their data from private or public bodies. This is yet another example of Brussels trying to take over competences from the States, which have the means to regulate this issue in their own manner and with measures that would fit their situation better than with a one-size-fits-all regulation.
How is this proposed regulation beneficial for the people? It is not clear. When asked about it, the spokesperson was unable to come up with a concrete answer which gives us another example of the lack of transparency of this institution. Furthermore, in an attempt to get a general idea of the scope of the regulation, two examples of non-personal data were requested to be given by the spokespersons. After ten seconds of silence and hesitation, only one example was provided.
This can only leave the citizens wondering two things: Do they not know what they are actually regulating? Or do they know – but they do not want to mention it?
Either way, their image is not coming out very good and they are showing one more time that the Commission thrives in the Brussels bubble, focusing on issues that have already been dealt with and not really listening what the People is really asking for.
Wiebke Stimming for POLITICO
A Work in Progress
This evening, the European Commission held a press conference on the progress on the regulation protecting non-personal data. This regulation is a follow-up to the GDPR (General Data Protection Regulation) and aims to effectively give more consumer protection of so-called non-personal data while also ensuring fair competition. The recent adoption of the GDPR as well as the Copyright directive has sparked a lot of controversy all around the continent. Business interest groups fear that further regulation would not only compromise inter-Union competition, but also make international trade with non-EU partners more difficult. At the same time, civil society interest groups are worried that this new piece of legislation does not go far enough to protect consumers. During the press conference, the Commissioners referred to the “Fundamental right to privacy “as well as “strengthening competitiveness”. When questioned about the specific details, in particular when asked to give examples of non-personal data however, the spokespeople were struggling to provide concrete examples. The ‘clearest’ definition which was provided was that non-personal data was the opposite of personal data. Of course, with the secretive nature of the Commission the question is: are they not willing to be concrete or do they simply not know?
When POLITICO questioned Margrethe Vestager, who is the Commissioner for competitiveness on how this piece of legislation would off-set the any possible disadvantage for small (tech) companies or start-ups, she referred to certain ‘Incentives’ which should enable the smaller companies to compete with the tech giants. Hinting at internal disagreements, seemingly the Commission was unable until now to agree to a concrete proposal, however Vestager suggested that smaller players will benefit more than big players”. This statement is particularly interesting coming from the Commissioner of competition, since it almost seems as if these ‘incentives could go further than just providing equality, rather they could give equity in favour of the smaller, disadvantaged businesses.
Another press conference is scheduled for tomorrow, both to present the final results of the data protection discussion, as well as give an update on the state of affairs of the Schengen information system which will dominate the Commission’s programme for the upcoming debates. So, what is left for us to do is to wait and see how concrete the Commission will get over the course of tomorrow.