Written by Justin Hemmings
Peter Swire, Alston & Bird Senior Counsel and Nancy J. and Lawrence P. Huang Professor of Law and Ethics at the Georgia Institute of Technology’s Scheller College of Business, recently participated in a policy hearing held by the European Political Strategy Centre, the in-house think tank of the European Commission. Swire joined five other experts in answering a series of questions posed by the Centre’s moderators on how Europe can build its data economy to compete globally, protect fundamental privacy rights, and guard against anti-competitive behavior.
In his remarks, Swire pointed out an underlying tension for the EU in building a data sharing economy: Europe often acts on an initial presumption against the use of personal data, except where a legitimate basis can be shown for such processing. In comparison to countries like the U.S. and China, where there is a legal presumption in favor of using Big Data analytics, European companies can have difficulty becoming first movers for Big Data innovations. Given the advantages for first movers, and the network effects they can achieve, this presumption against Big Data analytics can put European companies at a comparative disadvantage.
To develop Europe’s Big Data economy, Swire encouraged the European Union and its committees to find ways for data protection experts, economists, Big Data experts, and others to systematically engage with each other. One effect of the independence required of Data Protection Commissioners is that they have little built-in incentive to work towards outcomes that both protect privacy and achieve other goals. Instead, these different areas can be seen as different projects, which can result in a lack of understanding or ability to weigh reasonable requests from different perspectives appropriately. Systemizing engagement among DPCs and other subject matter experts can aid in balancing various public interests in future decision-making.
Swire pointed out an underlying tension between the benefits of an open data perspective, where all researchers and individuals gain access to data, and an “intellectual property approach” aimed at protecting companies’ ability to gain proprietary yields from investments in data. He encourages more research to better understand how to decide when one approach is more important than the other.
Finally, Swire drew on his prior research to discuss the issue of data portability, and how the right to data portability in the GDPR departs from EU competition law. The GDPR applies far beyond the dominant firms that are typically the target of antitrust analysis. The right to portability applies also to small- and medium-sized enterprises, which can discourage investment in small firms facing the costs to write software to comply with the GDPR’s data portability requirement. Additionally, the GDPR would make a lack of portability into a per se violation. Swire noted that there can be efficiency reasons to not share data and that such a per se rule departs from the traditional rule of reason analysis used in European competition law.
In closing, Swire cautioned that the presumption against processing will cause greater difficulties for the European data economy when combined with the increasingly broad definition of “personal data.” That definition has become broader, in part due to worries about the ability to re-identify data that had previously seemed anonymized or de-identified. One way to enable Europe to participate more in the Big Data economy would be to permit more processing where strict controls exist within organizations, such as audit trails and other organizational controls protect against re-identification. Doing so could permit more research and innovation, while still maintaining strong privacy protections.
A full transcript of the panel is available here.