Home Tags Free movement

Tag: free movement

Anonymised app data silos impede movement EU policy makers are considering introducing a new licensing regime for anonymised "machine-generated data". It is one of the options the European Commission said could be introduced to facilitate greater access to the ever-growing volumes of data generated by "computer processes, applications or services, or by sensors processing information received from equipment, software or machinery, whether virtual or real". The options were outlined in a new Commission communication on building the European data economy, which was accompanied by an online consultation.

The paper was also published alongside other plans relevant to the use of data, including a draft new e-Privacy Regulation and a communication on exchanging and protecting personal data in a globalised world. At the moment, much of the data that is generated is retained and analysed in "silos" by the generators of that information, the Commission said.

This makes it difficult for businesses and organisations to extract the maximum value from that data, it said.

The Commission said it intends to discuss how to address the issue with EU countries. A data licensing regime is one option that could be developed depending on the outcome of those discussions, the Commission said. "A framework potentially based on certain key principles, such as fair, reasonable and non-discriminatory (FRAND) terms, could be developed for data holders, such as manufacturers, service providers or other parties, to provide access to the data they hold against remuneration after anonymisation," the Commission said. "Relevant legitimate interests, as well as the need to protect trade secrets, would need to be taken into account." "The consideration of different access regimes for different sectors and/or business models could also be envisaged in order to take into account the specificities of each industry.

For instance, in some cases, open access to data (full or partial) could be the preferred choice both for firms and for society," it said. Other options that could be taken forward include potentially developing new guidelines to incentivise businesses to share the non-personal data they have and granting public bodies special rights of access to data where this is in the "general interest". New default contracts rules could also be set to facilitate access to data in accordance with benchmarks that account for the different bargaining positions that businesses in the market have, the Commission said.
It also said a new "data producer's right" could be introduced. "A right to use and authorise the use of non-personal data could be granted to the 'data producer', i.e. the owner or long-term user (i.e. the lessee) of the device," the Commission said. "This approach would aim at clarifying the legal situation and giving more choice to the data producer, by opening up the possibility for users to utilise their data and thereby contribute to unlocking machine-generated data." "However, the relevant exceptions would need to be clearly specified, in particular the provision of non-exclusive access to the data by the manufacturer or by public authorities, for example for traffic management or environmental reasons. Where personal data are concerned, the individual will retain his right to withdraw his consent at any time after authorising the use. Personal data would need to be rendered anonymous in such a manner that the individual is not or no longer identifiable, before its further use may be authorised by the other party.
Indeed, the GDPR continues to apply to any personal data (whether machine generated or otherwise) until that data has been anonymised," it said. In its paper, the Commission also said it wants to deliver "meaningful portability for non-personal data".

The GDPR will introduce data portability obligations in respect of some personal data.

The Commission said similar data portability rules to those in the GDPR could be established for non-personal data.

Alternatively, it could develop "standard contract terms requiring the service provider to implement the portability of a customer's data". The Commission said it is also looking to determine whether existing EU product liability rules "remain appropriate for emerging technologies such as IoT (the internet of things) and autonomous connected systems".
It has opened a separate consultation on the issue, which is open until 26 April. The Commission said that in future, it could decide to assign liability to businesses on the basis that they generate "a major risk for others", or because they are "best placed to minimise or avoid the realisation of such risk".
It said it could also introduce "voluntary or mandatory insurance schemes" that align with those new liability rules. "[The insurance schemes] would compensate the parties who suffered the damage (e.g. the consumer)," the Commission said. "This approach would need to provide legal protection to investments made by business while reassuring victims regarding fair compensation or appropriate insurance in case of damage." The UK government recently set out how it intends to address the issue of insurance pay-outs to innocent victims of collisions involving driverless cars, and the underlying liability for those incidents. The Commission's paper also referenced its concerns about unjustified restrictions on where data is stored and processed.
It said the removal of those restrictions could deliver an €8 billion boost to the EU economy, as well as provide for substantial environmental benefits. It said "data localisation" measures are a barrier to "the wider adoption of cloud storage and computing" and that "a more efficient use of IT resources could contribute to the reduction of energy consumption and carbon emissions by net 30% or more". "The global energy-efficient data centre market is expected to grow to almost €90 billion by the end of 2020," the Commission said. "A fragmented data services market would hinder the full development of these more energy-efficient services in the EU and also put at risk the willingness to invest." The Commission said a new "principle of free movement of data within the EU" should guide decision making by EU countries affecting data storage or processing. Observing that principle would serve as "as a corollary of their obligations under the free movement of services and the free establishment provisions of the Treaty [on the Functioning of the EU] and relevant secondary legislation", it said "Any current or new data location restrictions would need to be carefully justified under the Treaty and relevant secondary law to verify that they are necessary and proportionate to achieve an overriding objective of general interest, such as public security," the Commission said. "The principle of free movement of personal data enshrined in primary and secondary law should also apply in the cases where the GDPR allows member states to regulate specific matters. Member states should be encouraged not to make use of the opening clauses in the GDPR to further restrict the free flow of data," it said. The Commission said it could "launch infringement proceedings" against EU countries that do not respect the principle, and that it "may also take further initiatives on the free flow of data" if it deems it necessary to "address unjustified or disproportionate data location measures". Copyright © 2016, Out-Law.com Out-Law.com is part of international law firm Pinsent Masons. Sponsored: Want to know more about Privileged Access Management? Visit The Register's hub
HMIC also hits cops for shrugging off responsibility for 'streetwise' children A broken police information system hampered efforts to protect children at risk of sexual exploitation in the UK, according to Her Majesty's Inspectorate of Constabularies (HMIC). Published today, the watchdog's the 113-page report [PDF] details an HMIC inspection into national child protection. It reveals how London's Metropolitan Police Service (MPS) has had issues with its IT systems that are contributing to failures to protect vulnerable children. Police staff told HMIC that information on the Met's Crime Recording Information System (CRIS), which holds data regarding children's circumstances and vulnerability, was “not easy to locate” and “complicated” while the system's usage was “neither universally adhered to nor universally understood”. This is particularly a concern with regards to the force's risk assessments, according to HMIC, which said that in many incidents the cops failed to reflect the intelligence their systems held or simply made inaccurate assessments. HMIC reported that some cases were graded as being of only “medium risk of harm on the basis that the children in question were 'streetwise and able to take care of themselves'.” In one such incident, the report went on to explain, a 13-year-old girl who went missing overnight was assessed as only being at medium risk because she was “streetwise” despite the Met's communications centre receiving a report that the child was “alone and unsafe in a house with three men”. Connectivity issues with the Met's IT systems meant this information was “in an email inbox in the MPS for 14 hours before the force acted on it.” HMIC stated that such findings “in relation to the flagging and retrieval from the police computer systems of relevant information about child protection issues are a particular concern.” IT explained that the difficulty of locating information on the current force IT systems risks cases being dealt with in isolation is leading to potential intelligence gaps. The report concluded: "The lack of connection between the MPS IT systems, databases and spreadsheets used to record such analyses exacerbates this problem. As a result, much of the information on victims, offenders and risk is kept in isolated pockets across the force. This contrasts sharply with the free movement of people (both victims and offenders) around the capital." ® Sponsored: Customer Identity and Access Management
Enlarge / Japanese PM Shinzo Abe arrives in China for the G20 summit... just as his country's awkward Brexit memo lands.Etienne Oliveau/Getty Images reader comments 11 Share this story Prime minister Theresa May said at the weekend that she wanted to take her time to secure the best trade deals for a post-Brexit Britain, and reiterated—in her trademark vague terms—that the so-called Article 50 won't be triggered this year.

But political pressure from governments as far away as Japan continues to mount. On Sunday, in a bold move, the Japanese government published a 15-page memo (PDF) setting out a number of demands it wants the UK to adhere to, once it leaves the European Union. It underscored that Britain faces a torrid time of negotiations—not just with member states in the EU, but further afield, too. Japan, which has close economic ties with the UK, listed its demands based on requests from businesses in the country.
It said: Since Europe including the UK is a major trading partner and investment destination for other countries in Asia as well as of Japan, it is in the common interest of all Asian countries as a whole that they continue to have access to the free market of Europe, including the UK. It is of great importance that the UK and the EU maintain market integrity and remain attractive destinations for businesses where free trade, unfettered investment, and smooth financial transactions are ensured. In light of the fact that a number of Japanese businesses, invited by the government in some cases, have invested actively to the UK, which was seen to be a gateway to Europe, and have established value-chains across Europe, we strongly request that the UK will consider this fact seriously and respond in a responsible manner to minimise any harmful effects on these businesses. It's brutal stuff from Japan, and could well lead to other countries making similarly robust demands. On tech specifically, the Japanese government called on the UK and EU, post-Brexit, to maintain cloud agreements between businesses at an international level, by safeguarding the "free transfer of data." Here's the list in full: [Requests directed at the UK and the EU] maintenance of the current tariff rates and customs clearance procedures; ・introduction of provisions for cumulative rules of origin; ・maintenance of the access to workers who are nationals of the UK or the EU; ・maintenance of the freedom of establishment and the provision of financial services, including the “single passport” system; ・maintenance of the freedom of cross-border investment and the provision of services as well as the free movement of capital, including that between associated companies; ・maintenance of the current level of information protection and the free transfer of data; ・unified protection of intellectual property rights; ・maintenance of harmonisation of the regulations and standards between the UK and the EU (including the maintenance of established frameworks of mutual recognition and equivalence); ・securing the UK’s function as a clearing centre for the Euro and the location within the UK of EU agencies such as the European Medicines Agency (EMA); and ・maintenance of the UK’s access to the EU budget for research and development and participation in the Japan-EU joint research project. [Additional requests directed at the UK] ・liberalisation of trade in goods without the burdens of customs duties and procedures; ・maintenance of access to workers with the necessary skills; ・maintenance of basic policies regarding the entry of foreign capital; ・implementation of measures to promote investment; ・maintenance of the current levels of information protection and the free transfer of data in case the UK establishes its own legislation distinct from the EU’s; ・ensuring the consistency of regulations and standards between the UK and the EU; and ・ensuring that the EU’s research and development budget applies to research institutions in the UK. [Additional request directed at the EU] ・provision of transitional arrangements for the single passporting system. PM May is currently in China with other world leaders at the G20 summit, where she will be attempting to negotiate on global trade and investment plans with her peers as Brexit looms large. But over the weekend, US president Obama repeated his earlier disappointment about the UK voting to leave the EU. When quizzed, he said that Britain was at the back of the queue, saying "it would not make sense" for the US to put the UK ahead of Asia and the EU on trade deals. "We’re going to do everything we can to make sure that the consequences of the decision don’t end up unraveling what is already a very strong and robust economic relationship," Obama said, before adding that "the first task is going to be figuring out what Brexit means with respect to Europe." On Monday afternoon MPs in the UK will debate a call, based on a public petition, for a second EU referendum—something that May has already said won't happen on her watch. This post originated on Ars Technica UK