Digital single market

The creation of a Digital Single Market is a priority of the Union and aims liberties associated with the EU internal market to expand to the digital world, thereby promoting growth and employment in the EU. Following the Lisbon Strategy , the Strategy Europe 2020  has introduced the Digital Agenda for Europe as one of the seven major initiatives, while accepting the key role of the use of information and communication technologies, that the EU will succeed in its effort in 2020. The Digital Agenda for Europe has seven policy areas.

European Union founds important to extend the current EU single market, which consist of free movement of goods, services, labor and capital. The single market makes the EU territory without any barriers. Currently four freedoms included in the internal market needs to reflect the development of the society and the digital era. After creating the Digital Single Market, the European Union can enjoy its full potential.

“A Digital Single Market is one in which the free movement of goods, persons, services and capital is ensured and where individuals and businesses can seamlessly access and exercise online activities under conditions of fair competition, and a high level of consumer and personal data protection, irrespective of their nationality or place of residence. Achieving a Digital Single Market will ensure that Europe maintains its position as a world leader in the digital economy, helping European companies to grow globally.”

The idea of the Digital Single Market generally covers the European Union without any digital barriers, which includes the option of the consumers to compare goods from all over the Europe, access the digital entertainment around the Europe, simple access to sources of information, no barriers when accessing digital banking and other financial products, possibility for small and medium businesses present themselves online and enjoy the opportunities given by the electronic world.

Development of the Digital Single Market

The idea of the Digital Single Market came up already in mid - 1990´s. “Michal Barner, the European Commissioner for the Internal Market, labelled the Digital Single Market a new frontier in 2013 speech.” 

As already mentioned the Strategy Europe 2020 approved by the EU Commission in 2010 is marked as an official beginning of the new era in European Union. It established the seven priorities such as Innovation Union, Youth on the move, A digital agenda for Europe, Resource efficient Europe, An industrial policy for the globalization era, An agenda for new skills and jobs, European platform against poverty.

In May 2010, the Commission published a communication dealing with the digital agenda for Europe . Commission highlighted that it is time for a new single market to deliver the benefits of the digital era. At the same time, another communication was published: Towards a Single Market Act; For a highly competitive social market economy, 50 proposals for improving our work, business and exchanges with one another  The preparation for the digital era started, the Commission provided an accurate action plan about the legislative development for next years. The aim is to adopt the new legislative which is a Single Market Act. “Its implementation will make it possible to exploit the considerable opportunities for growth presented by the digital economy, the services sector and developments associated with the environment and climate change. The adoption of the Single Market Act will be a dynamic way of commemorating the 20th anniversary of the single market at the end of 2012.” 

In January 2012, the Commission issued another communication  about building the Digital Single Market for e-commerce and online services. The Commission states that Europe is still not unified in the internet world and has different legal rules, standards and practices. The aim of the Commission is to set the plan to meet the Digital Single Market by 2015. Five obstacles to reach the goal were identified: a) the supply of legal, cross-border online services are still inadequate; b) there is not enough information for online service operators or protection for internet users; c) payment and delivery systems are still inadequate; d) there are too many cases of abuse and disputes that are difficult to settle; e) insufficient use is made of high-speed communication networks and hi-tech solutions. Those obstacles led to five priorities.

A second communication about the Single Market Act was published in October 2012  were the Commission stated about the Digital Single Market that despite progress made, the European Union is still far from reaching the Digital Single Market. “To reach our vision of the Digital Single Market, the EU must address swiftly a number of further issues, including the best use of spectrum in the Single Market and pursuing a reflection on the need to further adapt the EU telecommunications law and copyright law.” The Commission's vision was a digital economy that delivers sustainable economic and social benefits based on modern online services and fast internet connections. All citizens and businesses must have the opportunity to be part of the digital economy, while at the same time being protected from illicit trade.

Another step forward reaching the digital single market was the Commission´s communication from May 2015  stating the Digital Single Market Strategy. “Europe has the capabilities to lead in the global digital economy but we are currently not making the most of them. Fragmentation and barriers that do not exist in the physical Single Market are holding the EU back.” The three pillars of creation of the Digital Single Market are: 1. Better access for consumers and businesses to online goods and services across Europe; 2. Creating the right conditions for digital networks and services to flourish; 3. Maximizing the growth potential of our European Digital Economy. Communication states the term “geo-blocking” which refers to online practices of the seller and e-shops when the access to several websites is denied or when the buyer cannot purchase a product from the webpage based in different Member State due to the commercial reasons. Geo- blocking question is recently discussed at the EU level by adopting the regulation on addressing geo-blocking and other forms of discrimination based on customer´s nationality, place of residence within the internal market . The proposal was currently (December 2017) rejected by the Parliament. Also, the issue with different VAT is a question. Commission identifies the key aim of the Digital Single Market Strategy which is to establish a supportive investment climate for digital networks, research and innovative business.

Recent mid – term review on the implementation of the Digital Single Market Strategy  reviews the current stage of the establishment of the Digital Single Market. The Digital Single Market Strategy outlined the path for the EU to build the right digital environment: one in which a high level of privacy, protection of personal data and consumer rights are ensured, businesses can innovate and compete, and cybersecurity strengthens the fabric that weaves our societies together. Digital era and its power and role on the future development of the Europe is also described in the White Paper on “The Future of Europe” .

On Digital Single Market summit in Tallinn in September 2017 was agreed that the Digital Single Market will be completed and the European Union will follow the strategy. 

Data Protection as Part of the Digital Single Market

The protection of personal data is a fundamental step to reach the Digital Single Market which was already taken. The reform of the data protection rules was adopted. The reform includes General Data Protection Regulation  which was adopted in April 2016 and will apply from 25. May 2018 and the Directive  which has to be transposed by Member States into their national law by 6 May 2018.

Reform and its aims are well expressed by Commission  that citizens need guarantees that their personal data will not be used without their consent, and operators must be able to develop innovative economic models. The development of new online services such as behavioral advertising generates fears about the use and standard of protection of personal data. People affected by any processing of their personal data must be given clear, comprehensible information. Reform provided a good balance to be achieved between encouraging innovation and setting a high level of user protection.

This uniform legislation at level of European Union replaces the current divergent national legislation of the Member States of the Union. In EU the new data protection rules, establishing a modern and harmonized data protection framework across the EU were enacted.

European Union calls the reform as the most important change in data privacy in 20 years. There are more reasons for such a characteristic. Personal data is specified much broader as any information relating to an identified or unidentified natural person.

Firstly, the data protection regulation gives more rights and intensifies already existing right of people to protect their data (such as: right to be forgotten , right to personal data portability, right to restriction of processing, right to access to personal data, right to rectification, right to know about the personal data breach). Principle of transparency is the main principle of the rights and mostly refers to clear, easy communication and information of the data subjects. On the other hand, the rights are creating the new obligations for the data controllers.
Data portability right is completely new right and includes the right to receive the personal data in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided. The right includes the right to direct transfer of the data from one controller to another. This means that data controllers that outsource data processing or process data jointly with other controllers must have clear contractual arrangements to allocate responsibilities of each party in answering data portability requests and implement specific procedures in this respect.  The right consist of a) the right to obtain and reuse personal data for further personal use (ex. contact list, etc.) b) the right to transmit personal data from one data controller to another one on request of the data subject. This right creates indirectly duty for data controllers not to establish any barriers to the transmission. c) right to controllership, which means that data controllers answering a data portability request have no specific obligation to check and verify the quality of the data before transmitting it. On the other hand, receiving data controller is responsible for ensuring that the portable data provided are relevant and not excessive with regard to the new data processing. Regulation also provided that data portability based on the regulation shall be provided without any payment required unless an exception applies.
A discussion about the right to explanation of decisions made by automated and artificially intelligent algorithmic systems is included in the General Data Protection Regulation. The right to explanation is viewed as a promising mechanism in the broader pursuit by government and industry for accountability and transparency in algorithms, artificial intelligence, robotics, and other automated systems.  Currently there are two opinions about the existence of the mentioned right. 

Secondly, the applicability of the regulation extends its applicability also outside of EU under specific conditions . The regulation also covers the data controllers and processors having seat outside of the EU while offering goods or services (no matter if payed or not) and while monitoring of behavior people inside EU. 

Thirdly, the penalties for breaching the rules of the regulation are serious and the maximum is twenty million Euro. Generally speaking the penalty model is based on revenue – annual worldwide turnover of the undertaking as it is already known in anti-trust law.

Fourthly, the consent and its conditions were changed to simplify and make the consent and its withdrawal as easy, clear as possible. Processing of a sensitive personal data is prohibited unless the exception applies (ex. The person makes such a data public voluntarily (on social media or other way or a separate consent was given). Separate consent with profiling is also needed. Profiling as itself has separate rules which needs to be followed. The discussion about the consent and whether is given free is ended in the regulation stating that the consent should not be a condition to the entering into contract in case data are not necessary for preforming the contract.

Fifthly, one stop shop mechanism was established to simplify the contact with public authorities. Supervisory Authority is the only authority the data controllers and operator has to deal with. In case they are multinational companies they deal with the authority based on its establishment and with the Lead Supervisory Authority also.

The topic of the data protection reform is very broad and this part of article can only outline the general idea of the data protection reform.

On the other hand, some critics of the reform stated that the reform is not perfect.
Right of data portability has more practical challenges and challenges in the enforcement procedure. Right of data portability applies only to the data provided by the subject based on the wording of the art. 20 of the regulation. This might limit the current development of the cyberspace as far the data added by others might be also important part of the subject data which he might be interested in. On the other hand, the data added by the subject might include also data about third party. Then the question remains whether based on the wording of the article 20 regulation those data should be transmitted also or not?  Until now the practical realization of the right of data portability is in question. The costs and the technical support needed for realization of such a right are not know yet. Based on the wording of the article 20 there is only a word “technically feasible”. The explanation of the working party is more about not providing any obligation on data controllers only asking them not to make any barriers in the transfer. In practice, this might lead to blocking the real usage of the right with stating of the data controller that the transfer is not technically feasible. The Union should provide more practical guidance on the technical support of the real exercise of the right, otherwise it can happen that the right will not be exercised in practice due to the technical issues.
More critic as the IT experts are worried about the practical exercise of some provision of the regulation. Discussion about the cloud and their usage and their security level and compliance with the regulation started. 

General data protection regulation affects all kind of life and different sectors. Artificial intelligent is a specific topic which arise also from the General Data Protection Regulation and its regulation is currently in question and subject of a discussion. Genetic research is another specific sector which will be affected by the General Data Protection Regulation as far they also fall into the scope of the personal data and are specified as sensitive data. 

The regulation applies only on personal data as they are defined in the regulation.  For establishing the digital single market we also need rules for non-personal data. The unrestricted movement of non-personal data across borders and technology systems in the EU is also considered a key building block of the EU's Digital Single Market strategy. In September 2017 Commission proposed a draft regulation  on free flow of non-personal data which is based on the communication with the topic Building a European Data Economy . The proposal of the regulation is much shorter than the General Data Protection Regulation and has 10 articles and shall apply to storage or other processing of electronic data which are other than personal data as defined in General Data Protection Regulation and stipulates the free movement of such a data. A more power is proposed to be given to authorities by data availability for competent authorities means that relevant national law or Union authorities might provide assistance with obtaining the relevant data stored in different Member State.

Conclusion

There is no doubt that establishing a Digital Single Market is a difficult goal which on the other hand after reaching it will enable the European Union to use its potential in the digital world where the Union is nowadays behind. The impact of the establishment of the Digital Single Market will be on grow will be on all areas of life, law, technology, medicine, research, education, etc. To reach this goal the European Union has lots of work ahead of it. The first base stone was already laid down and that is the personal data protection reform. Personal data protection reform enables people “to move” in the digital world safely having specified clear rules, rights and a clear mechanism of supervision was set. The personal data protection reform does not apply yet, but already there are some gaps, overlaps and questions which shall be solved.

On the other hand, to establish the Digital Single Market this is not enough. Several goals have been already achieved such as: 
a) canceling the retail roaming charges , b) cross-border portability of online services , c) end of the unjustified geo-blocking . Directive on measures to reduce the cost of deploying high-speed electronic communications networks , was enacted in order to facilitate the deployment and/or roll-out of high-speed electronic communications networks (mobile as well as fixed broadband networks) by reducing the cost of deployment.

Establishing a safe cyberspace which can be digital single market needs common cybersecurity law which has the plan – cybersecurity package adopted by Commission in September 2017. The first NIS directive was already adopted  in July 2016. This put in place the necessary structures for strategic and operational cooperation between Member States and for making networks and information systems within the EU more resilient. A proposal for Cybersecurity Act  is already prepared by Commission where a new Agency on the Union level will be created (ENISA).

Another step into the digital single market is the revision of the Audiovisual Media Services Directive  - a legal framework for using media in digital world such us television in mobile devices as far current directive brings minimum harmonization and mostly national law applies. Commission already adopted a new proposal of such a revision 

Modern copyright rules for full functioning of the digital single market will be also needed. As already mentioned Europe has a lot of work ahead, some based stones are already laid down. The important message for Europe is that the Commission is providing new legislative proposals and the European Union is willing to finish the establishment of the Digital Single Market knowing that this will pick up the European Union to different level in all kind of areas of life. We still need to establish rules for digital labor market, public administration, public service (eGovernment), health and care digitalization, free flow of non-personal data and data cooperation framework within EU, energy sector and transport – mobility measures, financial and digital technologies. Artificial intelligent is a specific topic which comes hand by hand with the digital single market and should be solved too.

Establishing a digital single market is a huge challenge for European Union and we might not wonder that the timing is not as expected. The European Union will not be the same after the successful creation of Digital Single Market.