Last Tuesday, May 31, the session on Data Governance. as Fide, in which they participated Jose Manuel Lucea Anaya, Head of Sector [for Data and Platforms] in the Deputy Directorate for Digital Society. Ministry of Economic Affairs and Digital Transformation; Amalia PELEGRÍN MARTÍNEZ-CANALES, Director of Public Policy, Sustainability and Talent of AMETIC; Jeremy Rollison, Senior Director, EU Government Affairs, Microsoft (Brussels) and Ricard MARTINEZ MARTINEZ, Assistant Professor at the Department of Constitutional Law, Political Science and Administration, University of Valencia. Fide Academic Advisor.
Data Governance Act (DGA) is a regulation that integrates the legislative package linked to the European Digital Strategy and the creation of the European Data Spaces. The set of the normative block aims to make possible the free flow or circulation of data, promote the so-called "Data Driven Economy" and promote the use of personal and non-personal data to promote research, innovation, public policies and entrepreneurship. .
Throughout the session different relevant issues have been identified. As a first conclusion, it can be anticipated that the new Regulation will need a national legislative implementation both from the point of view of the definition of the managing bodies of access to public sector data, and from the point of view of the administrative authority for the registry. and control of entities dedicated to data intermediation. (Jose Manuel)
On the other hand, during the session a certain need to consider aspects that will require technological solutions was pointed out. The design of the governance conditions of the different data sharing models is not enough. In this sense, there is a common element to public data access environments, data brokering in the private sector, data cooperatives and data altruism. In all cases, it is necessary to have secure infrastructures for processing, which must also be capable of guaranteeing the so-called FAIR principles, which ensure that the data is easily locatable/indexable, accessible, interoperable and reusable. To this we must add the procedures ordered to guarantee rights. Technological solutions capable of ensuring anonymization, traceability and control over data processing are obviously needed when that is not possible (by means of techniques such as differential privacy or multi-party computing, or ensuring adequate guarantees in terms of intellectual property and commercial or industrial secret (Jeremy).
Finally, it was pointed out from the industry how sharing the ultimate goals of the standard reveals the high degree of complexity that it introduces in the market. Good examples of this would be the conditioning factors associated with the previous conditions to operate in the market, or the rigid regime that is applied to the sharing of data with third parties and in third countries. On the other hand, there is evidence of a certain concern or reservation in relation to the current state of the market itself, in which there is an industry that has already developed data analytics models with a high level of investment that will have to readjust its legal conditions and/or its operative.
In general, the debate has revolved around different issues:
- Regulatory interaction with the GDPR and with future regulations (Data Act, AI Regulation, European Health Data Space Regulation)
- The presence of different authorities with powers over the sector (Spanish Data Protection Agency, independent transparency authorities, new authorities created with the DGA).
- The need for the DGA to overcome current barriers and inefficiencies in the reuse of public sector information.
- The need for proactive approaches focused on the development of the data economy and the competitiveness of European industry in the case of small and medium-sized enterprises.