Shaping Europe’s digital future seems to be top of mind across the board. You’ll recall that in February the European Commission published its visionary communication, "A European strategy for data." Ever since, there has been a hive of activity emanating from the commission giving rise to several consultations and reports across a gamut of priority areas and digital drivers ranging from AI to the Digital Services Act. What has remained a recurrent tenet to all these initiatives is the desire to establish a set of rules to govern an equitable playing field between major platforms and other digital entities and one which promotes the notions of excellence and trust.

This week, the European Data Protection Supervisor published its opinion on the EU strategy, which it adopted in March of this year. In its own words, the EDPS opinion presents its views on data strategy — as a whole — addressing specific aspects such as the public good, open data, the use of data for scientific research, data altruism and international data sharing to name a few.

The EDPS confirms it supports the wider strategic digital objectives of the European Union and the growing importance of data for both the economy and society, acknowledging developments toward an EU single digital market, as well as digital sovereignty. However, Wojciech Wiewiórowski reminds us of the "big responsibility" and duty of care that comes with big data. On European fundamental rights and values and the right to protection of personal data, his vision is crystal clear. Their foundational basis for the EU strategy of the future and its implementation as assured by the commission must be developed in full compliance with the GDPR. The EDPS furthermore recalls that the adoption of the proposed ePrivacy Regulation is also crucial in protecting these same rights in the digital age and a conditional component for the completion of the EU’s legal framework and success of an EU data strategy.

Moreover, there is also a recognition that with the implementation of such a far-reaching strategy comes an inevitable increase in risk to data protection, including security risk. Connectivity amplifies potential frequency and diversity of adverse impacts. The EDPS suggests that a review of the NIS Directive or new parallel legislative initiatives also in the areas of product or consumer law and policy may be optimal.

Regarding the digital experience of today, the EDPS articulates its perception of the inherent constraints toward an alternative digital economy that is open fair and transparent. This is, in its view, characterized by a predominant business model of "data concentrations" in the hands of a few non-EU-dominant players and the wide-scale pervasiveness of unseen tracking. What seems important here is the emphasis on transparency and effective accountability in the service of data subjects and society.

Herein lies the challenge for policymakers and legislators alike: From an economic standpoint, striking a balance that facilitates societal progress and trust, and yet avoids stifling sustainable innovation that favors only the strong, more established players is key. This has and remains a challenge for the future of Europe, at both the Union and member state levels. We need to work toward smarter regulation in which the goals and benefits can be achieved to both those ends without overly burdensome regimes.