Skip to main content
Shaping Europe’s digital future logo
POLICY | 10 March 2021

Free flow of non-personal data

The Commission wants to ensure a free flow of data in the EU allowing companies and public administrations to store and process non-personal data wherever they choose.

Our economy depends more and more on data: data can create significantly added value to existing services and facilitate entirely new business models. To fully unleash the benefits of the data economy the Commission needs to ensure the free-flow of non-personal data.

The Regulation on the free flow of non-personal data

The Regulation, applicable as of 28 May 2019, aims at removing obstacles to the free movement of non-personal data across Member States and IT systems in Europe.

The Regulation ensures:

  • Free movement of non-personal data across borders: every organisation should be able to store and process data anywhere in the European Union,
  • The availability of data for regulatory control: public authorities will retain access to data, also when it is located in another Member State or when it is stored or processed in the cloud,
  • Easier switching of cloud service providers for professional users. The Commission has started facilitating self-regulation in this area, encouraging providers to develop codes of conduct regarding the conditions under which users can port data between cloud service providers and back into their own IT environments,
  • Full consistency and synergies with the cybersecurity package, and clarification that any security requirements that already apply to businesses storing and processing data will continue to do so when they store or process data across borders in the EU or in the cloud.

The General Data Protection Regulation (GDPR) already provides for the free movement of personal data within the Union, next to its primary goal of protecting personal data. Together with the GDPR, this Regulation will therefore ensure a comprehensive and coherent approach to the free movement of all data in the EU. To provide more clarity to businesses on how to handle data across borders the Commission has published informative guidance.

Background

The Commission is continuing its engagement with stakeholders, for instance by organising structured dialogues with the Member States and workshops with different stakeholders. Also the Commission is closely monitoring the work done by the self-regulatory cloud stakeholder groups on, inter alia, codes of conduct for easier switching of cloud providers and a European cloud security certification scheme.

Related Content

Big Picture

A European Strategy for data

The success of Europe’s digital transformation will depend on establishing effective rules to ensure trustworthy technologies, and to give businesses the confidence and means to digitise.

See Also

European data governance

A new European way of data governance, which is fully in line with EU values and principles, will bring significant benefits to EU citizens and companies.

Big data

Data has become a key asset for the economy and our societies similar to the classic categories of human and financial resources. Whether it is geographical information, statistics, weather data, research data, transport data, energy consumption data or health data, the need to...

The European Data Flow Monitoring

The European Commission is currently working on setting up the European Data Flow Monitoring which will map data flows across the EU territory. Monitoring data flows across the European Union’s territory is of strategic importance to EU decision-making and investment choices in...