Ten days ahead of the entry into application of the General Data Protection Regulation, the European Commission is today presenting a set of concrete actions that European leaders can take to protect citizens’ privacy and make the EU’s Digital Single Market a reality before the end of 2018.
The Communication presented today is the Commission’s contribution to the informal discussions that EU leaders will hold in Sofia tomorrow.
The Commission believes that it is in the shared interest of all Member States to manage the digital transformation by following the European approach, which links investment in digital innovation with strong data protection rules. This will allow the EU to effectively deal with the challenges of an increasingly data-based global economy.
Vice-President Andrus Ansip, responsible for the Digital Single Market, said: “Data is at the heart of our economy and society. It needs to flow freely, to be safe and secure. The European Commission has put forward all the proposals for a Digital Single Market; it is now EU leaders who have the keys to unlock digital opportunities. This new regulatory environment should go hand in hand with major investments in areas such as cybersecurity, 5G, artificial intelligence and high-performance computing.”
Věra Jourová, Commissioner for Justice, Consumers and Gender Equality, added: “The recent Facebook Cambridge Analytica revelations confirm once more that the EU made the right choice to put in place strong data protection rules. Data harvesting with the aim of manipulating public opinion is unacceptable. We are proud to be setting the new global standard for the protection of personal data. This is fundamental for consumer trust in an increasingly digital economy and society.”
Mariya Gabriel, Commissioner for Digital Economy and Society, said: “Having the right regulatory framework in place is crucial to create trust and develop businesses online. Together with the General Data Protection Regulation, the ePrivacy Regulation will secure our citizens’ electronic communications. In Sofia, EU leaders will have a unique occasion to give decisive incentives on the remaining key digital proposals still in negotiations.”
Three years after adopting the Digital Single Market Strategy, the Digital Single Market has progressed, with 12 legislative proposals agreed by the European Parliament and Council out of the 29 tabled by the Commission since May 2015. Major new laws on data protection, cybersecurity, and the end of mobile roaming charges are either already in place or will be in a matter of days or weeks. Member States must now ensure these agreed rules work in practice.
Strengthening the protection of personal data in the EU
General Data Protection Regulation: Two-thirds of Europeans say that they are worried about having no control over the information they provide online, while half are concerned about falling victim to fraud. The recent Facebook/Cambridge Analytica scandal has raised awareness that data could be misused if not properly protected.
Through the General Data Protection Regulation citizens will be able to benefit from stronger protection of personal data through:
- better control over how personal data is handled by companies and public administrations alike, including the need for users’ clear consent for processing their personal data;
- more clarity about the privacy policies of companies;
- swift notification of harmful data breaches without delay.
Next steps: The Commission is inviting EU leaders to ensure that national authorities urgently put in place all the remaining steps necessary to prepare for the application of the new rules in all Members States.
ePrivacy Regulation: Alongside the General Data Protection Regulation, the ePrivacy Regulation proposed in January 2017, currently under negotiation in the European Parliament and the Council, is essential so that the confidentiality of Europeans’ online communication is not breached. The new rules will apply both to traditional telecoms operators and online services, such as emails, instant messaging or online voice services. This means that without users’ consent, no service provider would be able access the devices they use.
Next steps: The Commission is urging the Council to swiftly agree on its negotiation position on the ePrivacy Regulation, so that negotiations with the European Parliament can start by June 2018, with a view to the adoption by the end of 2018.
Necessary steps to complete a functional Digital Single Market
Since the launch of the Digital Single Market strategy in May 2015, the Commission has delivered proposals for all 29 initiatives identified as essential for a functional Digital Single Market. The benefits are already being enjoyed by citizens, for instance through a four-fold increase in data use when travelling to other Member States thanks to the abolition of roaming charges. Altogether the Digital Single Market could contribute €415 billion per year to our economy and create hundreds of thousands of new jobs.
In particular, the Commission is inviting EU leaders to discuss and give their strategic orientation with a view to:
- Mobilising the necessary public and private investments to deploy artificial intelligence, 5G connectivity networks, high-performance computing.
- Ensuring that the Regulation on free flow of non-personal data, designed to further develop the European data economy, is agreed by co-legislators by June 2018.
- Similarly, the Electronic Communications Code, aiming at boosting investment in high-speed and high-quality networks across the EU, should also be finalised by June 2018.
- Helping Member States equip Europeans with the digital skills they will need in today’s and tomorrow’s digital economy and society.
More generally, all other pending Digital Single Market proposals should be agreed by the end of 2018, in line with the call of the European Council of October 2017. These include, for instance, the modernisation of EU copyright rules to protect creators online better and facilitate the access to European works across borders.
The EU has already put an end to mobile roaming charges in the EU and allowed Europeans to travel across the EU with their online subscriptions for films, TV series, video games, music, sport programmes or ebooks.
Since 9 May 2018, Member States have to apply the first EU-wide legislation on cybersecurity – the Directive on Security of Network and Information Systems (NIS Directive) – which will be completed by a wide-ranging set of measures for stronger cybersecurity in the EU. This includes a proposal for an EU Cybersecurity Agency to assist Member States in dealing with cyber-attacks, as well as a new European certification scheme that will ensure that products and services in the digital world are safe to use. As of December 2018, thanks to new rules against unjustified geoblocking, consumers will no longer face barriers when buying products or services online within the EU. For businesses, this means more legal certainty to operate cross-border.
In April 2018, the Commission delivered all the remaining Digital Single Market actions and notably presented a European approach for the future of artificial intelligence, measures to tackle disinformation online, including an EU-wide Code of Practice on disinformation, as well as conditions for fairness and transparency in the online platforms economy designed to lead to an innovation-friendly environment for EU businesses.
In parallel, the General Data Protection Regulation was adopted in December 2015 with a two-year transition period to allow Member States and their authorities to be fully ready when it enters into application on 25 May 2018. In January 2018, the Commission also published guidelines to facilitate the application of the new data protection rules across the EU.
For More Information
Factsheet: Digital Single Market for all Europeans
Factsheet: Timeline – Digital Single Market, European Commission actions since 2015
Factsheet: Stronger privacy rules for electronic communications
Communication on Completing a trusted Digital Single Market for all