Lokke Moerel, Professor of Global ICT Law at Tilburg University and a Dutch Cyber Security Council member has written about the EU approach to digital sovereignty. He has called for a more rational approach to the debate. The post on the Future of Privacy Forum talks about how the EU has moved to become increasingly dependent on major foreign market tech providers. There is also acknowledgement for a need to democratize access to data assets to drive innovation. He states that criticism of the DPAs on the US state surveillance powers are like “the pot calling the kettle black”, as some Member States may well have similar powers.
The EU has been trying to address the issue of digital colonialism. This is the idea that EU Member States are increasingly reliant on digital infrastructures that are in the hands of a few dominant foreign market players. The realization is that Europe’s digital dependencies are so great that its digital sovereignty is under pressure. The Schrems II decision and concern surrounding US governments having access to EU data there has created a need to update trans-Atlantic data transfers. The EU is in the process of figuring out how to shape its US data transfer policy in a manner that reinforces Member State sovereignty over their citizens’ data.
Industry organizations have been advocating for a new EU-U.S. Privacy Shield. An important thing being highlighted is that EU data privacy laws have always been about enabling personal data flows while protecting the rights and freedoms of individuals. Moerel says that “data transfers by now are a geopolitical issue”. The recent Russian invasion of Ukraine has made it seem more likely that a new trans-Atlantic agreement can be reached. Whereas a short while ago this seemed impossible.
The main concerns regarding digital colonialism are:
Systematic theft by hostile states of intellectual property and know-how of high-tech companies and universities undermines Europe’s future earning capacity.
The EU is mainly dependent on digital infrastructures owned by a number of major foreign market players. This offers limited portability and interoperability of data and applications.
Both the US and China regularly draw on national security as a reason to justify addressing critical supply chain issues by:
- Bringing manufacturing back to their countries
- Imposing stricter export controls of critical technology
- Stepping up controls of foreign direct investments
Europe’s Push for Digital Sovereignty
Europe acknowledges that its sovereignty will have to be supported by a smart combination of measures. Becoming self-sufficient is not realistic or desirable. They want to focus on not excluding foreign digital providers and not building European hyperscalers.
The aims are to democratize access to data assets and drive data sharing in open digital ecosystems across the whole EU economy. Also, to create a single market for data to be exchanged across sectors efficiently and securely within the EU. This also needs to be in a way that fits European values of:
- Fair competition
Finally, bring together EU data from nine defined sectors to achieve the scale of data required for AI-related innovation. The design of the data spaces will be based on full interoperability and data sovereignty. This will also aim to provide users tools to decide about data sharing and access.
Another EU initiative is aimed at achieving interoperability between different cloud infrastructures. By setting common technical standards and legal frameworks for the digital infrastructure and standardizing contract conditions.
Read more about data and privacy news around the world.