EU Introduces Landmark Data Governance Framework

The European Union has unveiled a groundbreaking legislative proposal to standardize and secure data reuse across its Single Market. The Data Governance Act (DGA) establishes a trusted framework for sharing industrial and personal data while maintaining strict privacy protections.

Key Components of the Plan

  • Trusted Data Intermediaries: Creation of neutral third-party platforms to facilitate secure data exchange
  • National Oversight Authorities: Member States will monitor compliance with the new rules
  • European Data Innovation Board: A pan-EU body to coordinate best practices across nations

This initiative builds on the European Commission’s February 2020 data strategy, which aimed to fuel AI innovation and public services through enhanced data access.

Why This Matters Now

While GDPR regulates personal data, commercial considerations often limit industrial data sharing. The DGA addresses this gap by:

  • Providing legal certainty for data reuse
  • Protecting intellectual property and trade secrets
  • Encouraging “data altruism” for public good initiatives

“Businesses will benefit from new opportunities, reduced costs, and faster time-to-market,” states the Commission in its official release.

How the Data Governance Act Works

For Public Sector Data

  • Mandates technical safeguards like encryption
  • Requires processing in secure, supervised environments
  • Implements binding confidentiality agreements

For Private Sector Sharing

  • Establishes regulated data marketplaces
  • Ensures intermediaries remain neutral (cannot profit from data)
  • Maintains GDPR compliance throughout transfers

Data Altruism Initiative

The DGA introduces novel concepts like:

  • Personal data spaces for granular control
  • Public registry for certified non-profit data organizations
  • Frameworks for citizens to voluntarily share data (e.g., medical research)

International Data Transfers: The EU’s Stance

Commissioner Thierry Breton clarified the approach:

  • No blanket data localization requirements
  • Sensitive data may require EU processing
  • Companies must have EU legal representation for enforcement

“We ensure any access to EU data complies with our values,” the Commission stated, emphasizing WTO compliance.

Enforcement and Next Steps

With GDPR enforcement challenges in mind, the DGA incorporates:

  1. Harmonized rules across member states
  2. Dedicated national monitoring authorities
  3. The European Data Innovation Board for coordination

Vestager emphasized: “No rule is any good if not enforced. This framework builds supervision into its design.”

The proposal now moves to the European Council and Parliament for approval. Additional digital legislation, including the Digital Services Act package, is expected in 2021 as part of Europe’s broader digital transformation strategy.

Remaining 0% to read
All articles, information, and images displayed on this site are uploaded by registered users (some news/media content is reprinted from network cooperation media) and are for reference only. The intellectual property rights of any content uploaded or published by users through this site belong to the users or the original copyright owners. If we have infringed your copyright, please contact us and we will rectify it within three working days.