Public Security Exception in the Area of non-personal Data in the European Union

Briefing 16-04-2018

In order to avoid conflict with the freedom to conduct a business and the freedom of contract the wording of article 4(1) should be amended and be addressed to the Member States; • The proposal underplays that information security has a legal dimension to it, notoriously so because member states’ national security activities operate outside the scope of EU law; • The principle aversion against locality that emanates from the proposal may not be fully aligned with state-of-the-art technology where multiple data mirrors geographically distribute a dataset. For example, one local mirror is advisable for business continuity in the event of a disruption of transmission infrastructure; • Not all non-personal data is created equal; from the stream of non-personal data that is for example generated in the Internet of Things (IoT) data necessary to control real world devises should in addition be locally accessible; • Whithout contradicting the philosophy behind the free flow of non-personal data proposal this briefing presents examples for interventions that should be justifyable on grounds of public policy or the protection of health and life of humans, animals or plants.