Mervinskiy 418

Page 36

Cross-border data flow in the digital single market: study on data location restrictions operation Prohibition against third party access and/or disclosure

(SMART 2015/0054)

supervisory authorities. Ensuring sufficient security/confidentiality

Clarification from national regulators, supervisors and lawmakers that the requirement can be met if substantive access to the contents of financial data is made impossible. Offsite storage should not necessarily be considered as constituting third party access and disclosure.

The overview above illustrates that part of the solution – alignment on substantive requirements – is comparable to the state of play for health data. However, financial data faces an additional challenge through the requirements imposed by national regulators and supervisors, who require the ability to access and audit data processing facilities. 2.3.3 Citizen data and company records Overview and subtypes of data Correspondents were also invited to identify barriers to the free flow of data for two other types of information which are examined together in this section of the report:  

Citizen data: basic identity registers, particularly any official records in relation to a country’s citizens or residents (such as their names, addresses, date of birth) or to legal entities; Company data: company records, such as balance sheets, income statements or annual accounts submitted by companies.

These two categories of data are examined together here, as they all relate to fundamental information about natural or legal persons which is considered authoritative and therefore has high requirements in relation to trustworthiness and security. A second similarity is that these records tend to be managed as a part of a specific statutory or legislative mandate provided by the public sector. The following overview can be provided for the reported barriers: Figure 8 – Types of barrier observed (Citizen data and company records)

Country

Source

Belgium

Wet van 8 augustus 1983 tot regeling van een Rijksregister van de natuurlijke personen / Loi

36

Restriction imposed on providers / users / data Any party that wants to access or use

Direct or indirect Indirect

Summary of obligation / restriction The law identifies the Minister of Foreign Affairs as the competent authority to maintain the Register (Article 4), and notes that an authorisation is

Turn static files into dynamic content formats.

Create a flipbook

Articles inside

4.4.2 Land prices and data centre locations

0
page 91

6.3 Annex III: Workshop Report

18min
pages 141-151

5.3.2. Recasting regulations to support the free flow of data

7min
pages 112-114

5.4 Summary – key requirements and recommendations

3min
pages 115-116

4.4.1 Electricity costs and data centre location

1min
page 90

3.3.2 Interview methodology

1min
page 69

4.7 Labour costs and data centre construction and operating costs

2min
pages 88-89

4.3.2 Costs of building and operating a cloud data centre

4min
pages 85-87

4.3.1 Cloud data centres in EU28 Member States

3min
pages 83-84

4.3 Costs of cloud data transfer

8min
pages 79-81

4.5 Cloud data centre costs

1min
page 82

3.3.3 Preliminary interview results and analysis

23min
pages 70-77

3.3 Interviews

2min
page 68

2.3.2 Financial data, particularly data which is subject to supervision by national regulators

12min
pages 29-35

2.3.4 Judicial data and privileged data

15min
pages 40-47

2.3.3 Citizen data and company records

7min
pages 36-39

2.3.5 Tax and accounting records

11min
pages 48-52

3.2.2 Analysis of survey outcomes

5min
pages 65-67

2.3.6 Other data types and barriers

15min
pages 53-59

understanding of data requirements in the EU Member States

8min
pages 60-62

1. Introduction

5min
pages 14-16
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.