There is currently an intense debate on data flows within the EU – how freely should data be allowed to flow between countries, and what risks does that flow entail for personal privacy? Voices have been heard for an additional freedom, for data, to be added to the traditional four freedoms that constitute the foundation of the EU Internal Market. In a new report, the National Board of Trade analyses the legal conditions for, and consequences of, such a fifth freedom.
In the report Data Flows – A Fifth Freedom for the Internal Market? the board concludes that there is a gap between how important data flows are for the functioning for the internal market and the way they are promoted in the internal market legislation. However, introducing a (fifth) freedom for data in the Treaty would, according to the Board, merely hold a symbolic value.
Instead, the Board calls for a judicial framework where measures that affect data flows are to be preceded by a process that resembles the well-established proportionality principle. Such a procedure would ensure that EU legislation that concern the processing and transfer of data, for example to protect personal privacy, do not hinder trade beyond what is strictly necessary to achieve its objective.
The Board has in earlier publications analysed and described how trade and production is enabled by data and data transfers. In addition to goods and services increasingly being ordered and delivered online, many firms, or entire production chains comprising many firms, are organised in a way that relies on data being able to be transferred between the various actors.
At the same time, the threat to personal privacy posed by the increased connectivity, digitisation, processing power and the ability to draw conclusions from large and small sets of data is very real. Many individuals feel that they lack control over who knows what about them. The EU legislator has therefore been, is, and will continue to be, occupied with addressing that issue in various situations. The most prominent example is the General Data Protection Regulation (2016/679), adopted in the spring of 2016, which sets the rules on how personal data shall be handled in the EU.
Read the full report here:
For more information:
Tel: +46-8-690 48 25
Tel: +46-8-690 48 75