Four (More) Areas of the European Digital Market to Be Impacted by Future Regulation

In a recent article, we discussed four new European regulations impacting the digital market from 2021 onwards. While these pieces of regulation exist and produce effects already or will start producing effects in the months to come, there are other areas of concern for the European regulators that will receive increasing attention in the near future.

1. Data Governance

A draft proposal for a regulation on data sharing in the European Union was published for consultation this November 2020. This regulation aims to facilitate the exchange of data between public and private sectors withing all Member States and increase trust in data sharing within the EU.

This regulation has the potential to boost the re-use of data available in the hands of public actors which is normally protected by an available form of confidentiality, by other business and not-for-profit actors. These vast amounts of data can prove decisive in training AI models for various applications, can be poured into various R&D projects or help drive European or nation-wide public policies.

It also introduces the concept of data altruism as a new type of consent for the use of protected data (personal or otherwise) without reward for general interest.

2. The Common European Health Data Space

In February 2020, the EC published its European strategy for data in which digital health sector, including healthcare and medical devices, was specifically addressed. To remove the fragmentation between the Member States in the health sector, the EC proposes a Common European Health Data Space, supporting the idea of a single market for data.

Just like the Data Governance Act, this proposal is based on the use and re-use of data, in this case, health data, which is extremely important for innovation in the healthcare sector, for improving accessibility and effectiveness of the healthcare systems and the competitiveness of the European industry. Although such system brings numerous benefits to society in general and individuals in particular, all use and combination of health data within Europe will have to include adequate safeguards in compliance with, among other, the provisions of the GDPR.

3. Artificial Intelligence – White Paper and & Consultation Report

This year, the EC kick-started the process for a regulation on AI with the White Paper on Artificial Intelligence – A European approach to excellence and trust, together with a series of accompanying documents, including the aforementioned European strategy for data and a Report on the safety and liability implications of Artificial Intelligence, the Internet of Things and robotics. The documents discuss the objectives of a potential regulatory framework and address many potential risks and concerns related to the use of AI.

The White Paper on AI is the first step to start the legislative process, being a document used by the EC to launch a debate with the public, other stakeholders, EU Parliament and the Council to reach a concrete proposal for a European approach to AI. According to the EC, the main risks identified concern the fundamental rights, including data privacy and non-discrimination, and safety and liability issues. Taking this into account, the EC concluded that a new regulation specifically on AI is necessary to address these risks.

Following a period of consultation concluded in June 2020, a report was published summarizing the opinion of over 1,200 respondent from a broad spectrum of stakeholders. The report showed that the respondents were concerned, inter alia about AI potentially breaching fundamental rights, AI leading to discriminatory outcomes or posing a safety risk. Almost 75% of the respondents opined that regulators need to issue new regulations or strengthen existing ones to tackle the identified risks.

Among the high-risk application areas of AI, the respondents identified the defence sector (autonomous weapons), remote biometric identification and surveillance, healthcare, critical infrastructure, human resources and employment.

4. Crypto-Assets & Digital Operational Resilience

Two new regulation proposals, Regulation on Markets in Crypto-Assets(“MiCA”) and Regulation on digital operational resilience for the financial sector, published in September 2020, aim to establish a harmonized EU regime for the regulation of crypto-assets and to reduce ICT risk in the financial sector as well as to overcome regulatory fragmentation in this field among the Member States and sub-sectors.

MiCA concerns cryptocurrencies not presently included in general regulation, establishing separate frameworks for three categories of crypto-assets: e-money tokens, asset-referenced tokens and other crypto-assets, as well as a new subset of crypto assets, the so-called „stablecoins”, which recently emerged and attracted the attention of both the public and regulators around the world.

The proposal for a Regulation on digital operational resilience for the financial sector introduces an oversight framework to cover critical third-party information providers and communications technology services, including cloud service providers, as well as a ban on using critical ICT third-party service providers established outside the EEA.