On 10 June 2016, the European Consumers Association (BEUC) and European Digital Rights (EDRi) sent an open letter to the EU Commissioner for Trade, Cecilia Malmström, to express our concerns about the inclusion of a ban on (non-defined) “data localisation” in trade agreements.
We urge the Commission to defend one of the biggest successes of the EU, its legal framework on data protection,
said Joe McNamee, Executive Director of European Digital Rights.
The EU can’t bypass its valuable data protection rules by including weak provisions in trade agreements.
There’s no clear definition in the EU for “data localisation”. There is often a confusion between “forced data localisation”, which may require a mandatory obligation to store data; and data processing and storage measures taken for the purposes of personal data protection. While the latter is legitimate, necessary and proportional in line with EU law, forced data localisation can lead to problems for security, privacy and interoperability.
Rules on “data localisation” are not needed in trade agreements such as the Transatlantic Trade and Investment Partnership (TTIP) and Trade in Services Agreement (TiSA). Discussions on forced data localisation should take place outside trade agreements. Otherwise, our fundamental rights to privacy and data protection can be undermined or challenged as trade barriers. If included, this could mean that the protections of citizens’ rights in EU’s primary and secondary law could be undermined by trade agreements. In the case of the EU and the US, for instance, both Parties are already having discussions on data protection and privacy in other fora, such as the Privacy Shield.
Letter to Malmström (pdf) (10.06.2016)
EDRi’s position on TiSA (January 2016)
EDRi’s booklet: TTIP and Digital Rights (08.06.2015)
EDRi’s red lines on TTIP (12.01.2015)