In times of crisis, companies stand ready to do their part and help public bodies by sharing data to tackle public emergencies, as evidenced during the Covid-19 pandemic. However, to function, mandatory data sharing between private companies and governments needs clear and transparent conditions for all parties involved.
Chapter V of the Data Act proposal was developed on this basis, setting an obligation for companies to make any data available to public bodies, but does so by loosely referring to various cases of ‘exceptional need.’ The proposed framework includes collecting data to prevent, respond to, and recover from a public emergency but also fulfilling one of the public sector body’s tasks where the lack of data would prevent it from doing so. The latter can be interpreted as any activity carried out by a public institution.
The proposed rules would mean that any public body, at EU, national, regional or local level, could request any type of data, including personal data, from any data holder, for any reason. We believe these rules do not respect the requirements set out in the EU’s Charter of Fundamental Rights. With such a broad scope, there is a risk that personal or sensitive data will be leaked or misused.
Public emergencies are by nature time sensitive. They require a clear and structured legal framework to prepare for secure transfers that fully respect data protection. However, contrary to other parts of the Data Act, Chapter V covers any type of data, without any differentiation, limitation or exception. The data’s intended use and its duration are also left to be defined by the public bodies themselves. The proposal also fails to recognise existing frameworks for data sharing and reporting obligations.
We strongly encourage Council and Parliament to implement the necessary safeguards and limits to protect the rule of law in Europe. We welcome the Parliament’s attempts to set certain limits, such as restricting Chapter V to non-personal data, limiting public authorities’ power to freely ask for data when it is simply convenient and regardless of proportionality, and by setting rules for certain information to be specified in the requests. But this will not be enough.
We recommend – at least – the following:
• Only public emergencies can give rise to data access. Article 15(c) must be deleted.
• Personal data cannot be in scope of Chapter V. No exceptions.
• Categories of public bodies that can request data must be expressly designated.
• Access requests conditions must be strengthened, with transparency regarding data use and protective measures.
We trust that EU policymakers will take the time to build a clear and proportionate framework that does not allow unrestricted access to any data on shaky grounds, but will on the contrary protect fundamental rights and the rule of law.
Your Contact:
Janine Barten
Advisor Digital Finance and Innovation
e.:janine.barten@wsbi-esbg.org
t.:+32 2 211 11 27
related
May 4, 2023
ESBG responds to the Commission’s consultation on its Taxonomy Environmental Delegated Act
On 3 May, ESBG responded to the Commission’s consultation on its new set of EU taxonomy criteria for economic activities that
April 12, 2023
ESBG revises its position paper on the CSDDD in accordance with the recent negotiations
Given the developments of the recent political negotiations, ESBG has decided to update its position paper on the Corporate Sustainability Due Diligence Directive (CSDDD)
February 21, 2023
ESBG responded to the ESMA consultation about the use of ESG terms in funds’ names
On 17 February, ESBG submitted its response to the ESMA consultation about the use of ESG terms in funds’ names
February 3, 2023
Advocating on the EU deforestation regulation
What lessons can be learnt from a French diplomat from the XIX century?
January 11, 2023
ESBG responds to the ESAs call for evidence on greenwashing
Therefore, in the interest of customers, banks, saving banks and issuers of financial products, ESBG
October 5, 2022
Joint letter to Commissioner McGuinness on the EFRAG consultation regarding its first set of draft ESRSs
On 27 September, the ESBG, together with the European Banking Federation (EBF), the European Association of Co-operative Banks (EACB), Insurance Europe, Accountancy Europe, Business Europe and…
September 9, 2022
ESBG response to the EFRAG consultation on its first set of draft ESRSs calls to ensure levelled global playing field
In its response to the European Financial Reporting Advisory Group (EFRAG) public consultation on the first set of Draft EU Sustainability Reporting Standards (ESRSs), the European Savings and Retail…
September 7, 2022
EU Taxonomy minimum safeguards: Criteria for the application of external checks should be further defined
The European Savings and Retail Banking Group submitted its final response to the Platform for Sustainable Finance (PSF) consultation on its draft report on minimum safeguards (MS). In its response,…
August 3, 2022
International Sustainability Standards Board consultation on Sustainability Disclosures
The International Sustainability Standards Board (ISSB) has been established at COP26 with the purpose of developing a comprehensive global baseline of sustainability disclosures for the capital…
July 8, 2022
World savings and retail banks call for harmonised taxonomies on sustainable finance
The World Savings and Retail Banking Institute (WSBI) called today on policymakers for the harmonisation of taxonomies on sustainable finance. At the end of the 26th WSBI World Congress, the…