Greetings from Brussels!

Last Friday, the European Data Protection Supervisor released a new opinion on “Coherent Enforcement of Fundamental Rights in the Age of Big Data.” The EDPS reiterates that data-driven technologies and services are important and fundamental for economic growth, while maintaining that the users of those internet-based services are generally unaware of the nature and extent of the “covert tracking” that fuels the sector. The primary assertion remains that the growing imbalance between consumers and service providers would diminish choice and innovation and threaten the privacy of individuals. By extension, the rights of individuals enshrined in the EU Charter of Fundamental Rights would be threatened by “normative behavior and standards that now prevail in cyberspace.”

Building on the EDPS Preliminary Opinion on “Privacy and Competitiveness in the Age of Big Data,” issued in 2014, the EDPS had previously stated an existing tendency — despite obvious synergies like transparency, accountability, choice and general welfare — for EU rules on data protection, consumer protection and antitrust enforcement and merger control (M&A) to be applied and operate in independent silos. One could easily argue, as the EDPS suggests, that the objectives across the three pillars of data protection, consumer rights and M&A are common and their goals intertwined. If data is to be the fuel that drives the information age, then as a strategic asset, data needs to be treated as core to the way we legislate and treated with the appropriate level of attention in the relationships between business and consumers driving the economy.

Giovanni Buttarelli said, reflecting upon this latest opinion, that EU merger control rules should "better reflect" consumer interests for planned mergers between data-rich companies.

Through this latest opinion, the EDPS makes three key recommendations. The first, to better reflect the interests of individuals in big data mergers, protecting the right to privacy where personal data is clearly viewed as a commodity. The opinion also recommends establishing a Digital Clearing House for enforcement in the EU digital sector, a voluntary network of regulatory bodies to share information, voluntarily and within the bounds of their respective competences, regarding possible abuses in the digital ecosystem and the most effective way of tackling them. And lastly, with the goal to disrupt the duality of choice between free services that rely on tracking for income out of advertising and paid-for services, the EDPS proposes to create a “common area” for individuals to interact without fear of being tracked, in which the EU Charter’s rights are fully respected.  The EDPS cites existing services developed by civil society, and developer initiatives could serve as a model and pool of experience in this area.

It cannot be denied that big data opportunities are boosting global productivity and connectivity; in turn it is not unreasonable to expect that this exponential growth in data value be accompanied by big data protection safeguards. This is clearly the message from Giovanni Buttarelli. The coming of the GDPR largely attempts to provide the benchmark for protecting personal data in the digital economy, as the EU seeks to stimulate privacy standards in the digital economy. Coupled with the advent of Digital Single Market strategy, Buttarelli states the timing of the opportunity is now to engage in a coherent approach to ensure fundamental EU individual rights within our economic activity.