Cookies on Pinsent Masons website

This website uses cookies to allow us to see how the site is used. The cookies cannot identify you. If you continue to use this site we will assume that you are happy with this

If you want to use the sites without cookies or would like to know more, you can do that here.

EU could legislate to make it easier to move data between cloud providers

Cloud computing providers could be forced to make it easier for businesses and consumers to move all their data to rival providers under new EU laws being considered.12 May 2017

The European Commission said it could outline a "legislative proposal" that accounts for the "principle of porting non-personal data" this autumn. Businesses already face the prospect of new data portability obligations in respect of personal data under the EU's General Data Protection Regulation (GDPR), which will apply from 25 May 2018.

The Commission's latest policy was contained in a mid-term review it published on its 2015 digital single market strategy.

"The Commission will by autumn 2017, subject to impact assessment, prepare a legislative proposal on the EU free flow of data cooperation framework which takes into account the principle of free flow of data within the EU, the principle of porting non-personal data, including when switching business services like cloud services as well as the principle of availability of certain data for regulatory control purposes also when that data is stored in another member state," the Commission said in its review paper.

The issue of making data available for regulatory audit was identified as among the seven main barriers to banks' adoption of cloud-based services in a report by Pinsent Masons, the law firm behind Out-Law.com, and UK banking industry body the BBA, earlier this year.

In its review, the Commission also said it could "prepare an initiative on accessibility and re-use of public and publicly funded data" by spring 2018, and that it also intends to consider whether to "define principles to determine who is liable in cases of damage caused by data-intensive products" and whether there is a need to do more to promote greater access to data. In January, the Commission said an option it was considering was whether to introduce a new licensing regime for anonymised "machine-generated data".

The Commission also said it plans to tackle "unfair contractual clauses and trading practices identified in platform-to-business relationships, including by exploring dispute resolution, fair practices criteria and transparency", potentially through legislation.

Later this year the Commission will also set out new plans on digital health, it said. The measures will address "citizens´ secure access to electronic health records and the possibility to share it across borders and the use of e-prescriptions", among other things, it said.