Meeting the challenges of big data
Meeting the challenges of big data, A call for transparency, user control, data protection by design and accountability
In recent years, the EU has witnessed a proliferation of regulatory requirements stemming from the EU’s new ‘Digital Rulebook’ that came to complement the General Data Protection Regulation. It includes in particular the Digital Services Act, the Digital Markets Act, the Data Act, and the Artificial Intelligence Act. But while EU data protection law is often referred to as the ‘cornerstone’ upon which the EU Digital Rulebook is built, these interplay between these Regulations and the GDPR is complex and many of them display multiple overlaps that need to be addressed via consistent guidance and application by the various authorities competent to monitor their compliance.
Simultaneous actions by various regulators highlight the potential for conflicts and inconsistencies when data-related practices are scrutinized from different legal perspectives, and emphasize the critical need for enhanced dialogue, cooperation, and coordination among regulatory bodies to ensure a predictable and effective legal environment that places fundamental rights at the core.
More recently, several examples of multilateral cooperation initiatives between regulators from different legal fields applicable to the EU digital economy have emerged at national level. However, a forum where authorities competent to enforce the different parts of the EU Digital Rulebook and other laws applicable in the Digital Single Market can come together to discuss matters of coherent application does not yet exist at EU level.
This is why the EDPS has recently proposed to establish a Digital Clearinghouse 2.0 that would provide authorities and bodies competent to enforce EU laws in the digital economy with a forum to exchange and coordinate on issues of common interest, to align at the level of policies and legal interpretations.
In the long term, the Digital Clearinghouse 2.0 could become a forum where participating authorities can share information about ongoing enforcement actions so as to facilitate further (bilateral or multilateral) engagement with other authorities on those concrete cases where relevant. However, this is likely to require legislative intervention which is not yet on the cards.
Recent national experiences of fostering cross-regulatory dialogue indicate that there is added value in having a well-resourced central body providing a secretariat for the Digital Clearinghouse 2.0, in particular to ensure the timely delivery by participating authorities of concrete outcomes promoting cross-regulatory coherence.
The EDPS is committed to making this forum a reality and is open to discussing with relevant EU and national policymakers and competent authorities on how to get there.
Since 2014, the EDPS has been working on the interplay and synergies between EU rules on data protection with other fields of EU law. The Preliminary Opinion on Privacy and Competitiveness in the Age of Big Data of the EDPS observed a tendency for EU rules on data protection, consumer protection and competition law to be applied in silos, while they could (and should) be applied in a more coherent manner.
In 2016, the EDPS proposed the establishment of a Digital Clearinghouse to bring together competent authorities from the areas of competition, consumer and data protection willing to share information and discuss how best to enforce rules in the interests of individuals.
The Digital Clearinghouse met for the first time in Brussels on 29 May 2017. From 2019, the Digital Clearinghouse was jointly hosted by the Research Centre in Information, Law and Society (CRIDS) at the University of Namur, the Tilburg Institute for Law, Technology, and Society (TILT) at Tilburg University, and the European Policy Centre (EPC) in Brussels. The Digital Clearinghouse “1.0” met for the last time on 10 June 2020. The statements of all seven meetings of the Digital Clearinghouse can be found here.
The meetings of the Digital Clearinghouse between 2017 and 2020 dovetailed with a broader debate on the implications data-intensive business models for consistent application of EU law and the need for reflection by legislators and regulators.
Meeting the challenges of big data, A call for transparency, user control, data protection by design and accountability
Keynote address of Giovanni Buttarelli given at the Banking and Payments Federation, Ireland
This report sets out the Strategy adopted by the EDPS for the period 2015-2019. As data protection affects almost every EU policy area and is a key factor in legitimising and increasing trust in EU policies, the new EDPS Strategy aims to provide a framework through which to promote a culture of data protection in the European institutions. It also promotes the idea of toolkits for policymakers to help them develop innovative solutions to data protection challenges.
2014 was a year of transition for the EDPS, marked by the delayed selection and appointment of a new Supervisor and Assistant Supervisor. Despite the resulting uncertainty, the EDPS under the calm authority and tireless efforts of Peter Hustinx, whose 10-year tenure as EDPS drew to a close in 2014, continued to make significant progress in mainstreaming data protection in EU policymaking.
Building on this legacy, the EDPS' priorities for 2015, as part of the five year strategy of the dynamic team of new Supervisors, is to help the EU to speak with one voice on data protection to uphold the rights and interests of the individual in our digitalised society. To this end, the adoption of the data protection reform will be a significant milestone for Europe and an important message to the rest of the world.