Data governance: a forum on Europe’s specificity (or the need for one)
Monday 8 December was a good day for Isabelle Falque-Pierrotin, wearing the “double hat” of President of the Commission nationale de l’informatique et des libertés (CNIL, the French Privacy and Data Protection Commission) and President of the “G29”, the gathering of data protection agencies of all EU countries. At the UNESCO headquarters in the heart of Paris, she was the host of the European Data Governance Forum (EDGF) – an assembly of experts seeking to advance reflection on one of the most pressing issues of our digital times, the governance of personal data. The four round tables at the forum examined the extent to which, and the ways in which it is possible to reconcile the speedy pace of today’s technological innovation, the centrality of personal data for the digital economy, and the increasingly developed capacity of actors both public and private to profile and monitor individuals – with particular attention paid to the ethical and legal dimensions of personal data collection and use by third parties.
2015, the “Europe of data” year
Trust, at the root of data-driven business models
These two principles were illustrated by several speakers during the EDGF, whose presentations centered on the notion of trust as a possible business model for European-based services. Cozy Cloud CEO Benjamin André pleaded for the “restitution” of data as a lever of trust, and advocated the re-decentralisation of the web as a true alternative to the super-powers of its “giants”; StartPage Development Director Alex Van Eesteren called for a simplification of encryption and search protection techniques, so that better privacy-enhancing tools may be made as easy and comfortable to use as a passe-partout Google account.
For too long, have citizens been excluded from the debate, said Privacy International head Simon Davies. That is bound to change with initiatives such as Code Red, which is to be launched in Brussels in mid-January – a set of proposals for “citizen empowerment” when it comes to digital security. Max Schrems, the initiator of the Europe vs. Facebook collective lawsuit, compared Facebook’s line of behaviour related to personal data to that of a driver who is not afraid of what will happen to his car if he parks it in the middle of the street: “shouldn’t the giants be afraid of getting a fine as well?” he asked.
Overall, the notion of privacy – the forum seemed to say – is not dead yet; indeed, Europeans have never been keener to acquire or regain control over their data. The two principles stated by the G29 declaration – Europe “mastering its own data” and condemning surveillance – are likely to keep informing discussions about (European) data governance in the close future. Personal data protection – suggested Isabelle Falque-Pierrotin – is ultimately as much an issue for individuals as it is for the future of sustainable democratic models.