More Related Content
Similar to Recent eu data_initiatives_in_context_infographic
Similar to Recent eu data_initiatives_in_context_infographic (20)
Recent eu data_initiatives_in_context_infographic
- 1. EU General Data Protection
Regulation (2016)
DG Justice & Consumers, Directorate C
ϻ Applies to the processing of European
Economic Area personal data.
ϻ Significant extraterritorial effect.
ϻ Omnibus data protection regulation, applicable
to the commercial and public sectors,
excluding national security activities.
ϻ Creation of European Data Protection Board.
ePrivacy Directive (2002, rev. 2008)
DG Connect, Directorate H: Digital Society, Trust &
Cybersecurity
— Unit H2: Cybersecurity and Digital
Privacy Policy
ϻ Under revision; will become the ePrivacy
Regulation.
ϻ For most companies, currently mainly of
interest for cookie provision and rules on
unsolicited communication or spam.
iapp.org
European Commission presents
its strategy for data and artificial
intelligence (February 2020)
European Commission and High
Representative of the Union
for Foreign Affairs and Security
Policy present EU Cyber Strategy
(December 2020)
Proposal for a Regulation laying down
harmonized rules on Artificial Intelligence
DG Connect
ϻ Now under discussion in the European
Parliament and Council with representatives
of the 27 member states.
Data Act (forthcoming)
ϻ Will be proposed by the commission in the
first half of 2022.
ϻ Is meant to complement the DGA.
ϻ Aims to maximize the value of data for the
economy and society by fostering data
sharing among businesses, and between
businesses and governments.
Proposal for Data Governance Act
DG Connect, Directorate G: Data — Unit G1: Data
Policy and Innovation
ϻ Reuse of public sector data that is subject
to certain protections.
ϻ Rules for data intermediaries.
ϻ Introduction of concept of data altruism.
ϻ Creation of a European Data
Innovation Board.
ϻ As part of the trilogue discussions, in
November 2021, a political agreement was
reached between the European Parliament
and council; the text now needs to be
formally approved by these two bodies;
is expected to happen in the first half of
2022. See also.
Proposal for Digital Services Act
DG Connect, Directorate F: Digital Single Market —
Unit F2 : E-Commerce & Platforms
ϻ Would amend the outdated 2000
e-Commerce Directive.
ϻ Applies to providers of “intermediary
services,” which includes mere conduit,
caching or hosting services; has
extraterritorial effect.
ϻ Determines liability regime and additional
obligations related to the spreading of
illegal content.
ϻ Additional systemic risk management
requirements for large online platforms
with more than 45 million users.
ϻ Additional transparency requirements
for online advertising toward individual
recipients; includes details on the
advertising buyer and parameters used
to determine the recipient to whom the
ad is displayed.
ϻ May introduce restrictions on certain
targeted advertising practices.
ϻ Requires very large platforms to appoint
qualified compliance officers.
ϻ Foresees the appointment of digital
services coordinators in each member state
and the creation of a European Board for
Digital Services.
ϻ Currently in trilogue discussions after the
council adopted its negotiating position
in November 2021 (see here and here)
followed by the European Parliament in
January 2022.
Proposal for Digital Markets Act
DG Competition and DG Connect, Directorate F:
Digital Single Market — Unit F2: E-Commerce
& Platforms
ϻ Competition law component of the
European Commission’s data strategy.
ϻ Built around the notion of “gatekeepers,”
i.e., companies that provide “core platform
services” in at least three member states,
meet certain thresholds of EEA turnover
or market capitalization and fair market
value, as well as have a minimum number
of active end or business users in the
EEA in the last three financial years; has
extraterritorial effect.
ϻ Core platform services include online
intermediation services, search engines,
social networking services, video-sharing
platforms and cloud computing services.
ϻ Gatekeepers are subject to a long list of
dos and don’ts with potential hefty fines
and other remedies available to regulators.
ϻ Foresees the creation of a Digital Markets
Advisory Committee.
ϻ Currently in trilogue discussions after the
council and Parliament each reviewed the
commission proposal and adopted their
respective negotiating positions (see here).
Proposal for renewed NIS2 Directive
DG Connect, Directorate H: Digital Society,
Trust & Cybersecurity — Unit H: Cybersecurity
& Digital Privacy Policy
ϻ Expansion in scope compared to
current NIS Directive.
ϻ The European Parliament and Council
have completed their review in
first reading; trilogue discussions
should start soon. For more details,
see here.
Proposal for a directive on the resilience
of critical entities
ϻ Expansion in scope compared to the
current directive.
ϻ Currently under review in the
European Parliament and Council.
In December 2021, the Council
adopted its negotiating position.
For developments in the Parliament,
see here.
COMMISSION STRATEGY ON DATA AND AI
CYBERSECURITY STRATEGY
EU Data Initiatives in Context
By IAPP Senior Westin Research Fellow and Covington & Burling Senior Counsel Jetty Tielemans
IAPP disclaims all warranties, expressed or implied, with respect to the contents of this presentation, including any warranties of accuracy, merchantability, or fitness for a particular purpose. Nothing herein should be construed as legal advice.
© 2022 International Association of Privacy Professionals. All rights reserved.