Brits Look Away Now: Free Movement Of Non-Personal Data In the EU

The EU's "Digital Single Market" strategy has been boosted by an agreement to remove requirements for non-personal data to be stored in any one EU member state. The new law, approved in plenary by 520 votes to 81, with six abstentions, is due to be approved by the EU Council of Ministers on 6 November. It will apply six months after its publication in the EU Official Journal.

Restrictions on the free movement of personal data have long been relaxed under the EU data protection framework. The latest move is expected to double the value of the EU data economy to 4% of GDP by 2020.

The agreement builds on a report into "Building a European Data Economy",  statistics on the use of cloud computing by businesses, a study on the legal and administrative restrictions on the free flow of non-personal data (often mistaken) and study of the economic benefits of cloud computing uptake and free flow of data within the EU.

In summary, the agreement means that:

• public authorities cannot impose "unjustified" data localisation restrictions;

• the data remains accessible for regulatory and supervisory control even when stored or processed across borders within the EU;

• cloud service providers are encouraged to develop self-regulatory codes of conduct for easier switching of provider and porting data back to in-house servers, by mid-2020;

• Security requirements on data storage and processing remain applicable when businesses store or process data in another Member State or outsource data processing to cloud service providers;

• Single points of contact in each Member State will liaise with other Member States’ and the Commission to ensure the effective application of the new rules.