| News | Blog | Data exchange in the EU: Infrastructure (Part 1/2)

Data exchange in the EU: Infrastructure (Part 1/2)

On the path to greater digital sovereignty, the EU is focussing on an explicitly European data strategy. The key building blocks are the promotion of infrastructures and the creation of a new legal framework. This first article categorises the strategy in its (geo)political framework and outlines the infrastructure process for data exchange in the EU.

After the governments of authoritarian states, such as China and Russia in particular, had already developed concepts of  “digital sovereignty” in the 2000s, the Estonian hacks in 2007 and the Snowden revelations in 2013 led to voices being raised in the European Union that no longer saw digital information and communication technologies merely as limitless growth opportunities and freedom machines.

The (geo)political dimension of European data sovereignty

While the opportunities of the digital transformation tended to be emphasised in Germany and the EU until the late 2000s, this has been increasingly problematised since the 2010s under the buzzwords of digital sovereignty and strategic autonomy. In France and Germany in particular, the possibilities of limiting and regulating digitalisation have been discussed. The debate was initially focussed primarily on security policy. The state, its apparatus and its personnel were to be better protected from access by foreign states. However, the discourse quickly expanded to include the economic policy concern of curbing the growing influence of non-European technology companies on core areas of the European economy.

The shaping of the digital transformation is increasingly and explicitly linked to issues of geopolitical and geoeconomic competition and has also reached the highest European level, at the latest with the election of Ursula von der Leyen as President of the European Commission, as specifically European digitalisation is a key project of her legislative period; the 2020s have been proclaimed the European Union’s Digital Decade.

A key milestone on this European path to digitalisation is the achievement of data sovereignty. The European Commission understands this to mean that both personal data of citizens and non-personal data (e.g. industrial data) are protected in a standardised manner in line with European values, but can also be shared with other people on a basis of trust if the protected persons are willing to do so. On this basis, an open European single market for data is to be created in which the potential of the digital transformation is utilised to the benefit of European companies and citizens. In doing so, the EU is explicitly distancing itself from the US model, in which the organisation of data exchange is left to the private sector, as well as from the Chinese model, in which state institutions and state-affiliated companies organise data exchange. Instead, the EU wants to open up an independent European path in the global competition for the profits of the digital transformation.

The European data strategy: legislation and infrastructure

In order to concretise this European path, the EU has formulated the European Data Strategy (2020). With the Data Governance Act (DGA) and the Data Act (DA), two important laws have been introduced in this context that are intended to provide an overarching framework for the data-agile economy. While the DA primarily establishes legal obligations for data access in certain situations, the DGA essentially regulates the framework conditions for voluntary data sharing. In addition to the creation of a legal framework, the second important component of the European Data Strategy is to promote measures for the development and strengthening of European infrastructures for the shared use of data. The very design of their architecture should ensure that data-based value creation remains with the respective producers and cannot be siphoned off by non-European big tech platforms. Currently, the US companies Amazon Web Services (AWS), Microsoft Azure and Google Cloud together cover around two thirds of the cloud market in the EU.

Establishment of (federated) data rooms in the EU

A key infrastructure project is the establishment of federated data rooms. The concept of data spaces was already formulated in the mid-2000s in computer science as an alternative to centralised approaches to data integration. In federated data rooms, data does not have to be stored centrally, but only in identical database structures in order to be shared. In this way, different, industry-specific data spaces can be created that are nevertheless compatible with each other. As the data of companies and other stakeholders can remain within the sphere of influence of the respective data owners until it is retrieved, this approach should offer more data sovereignty.

The Gaia-X project was founded in 2020 on the initiative of the German government to establish federated European data spaces. While Gaia-X is not the only project with this goal, it is the most important in terms of its scope and its political and media presence. In this project, central rules (architecture, policy, standards, software repositories) are being developed to enable sovereign data sharing. In parallel to Gaia-X and building on its framework conditions, specific data spaces are being created, such as Catena-X, which aims to establish and operate a data space for the digitalisation of supply chains in the European automotive industry, as well as comparable projects in the areas of health data (Health-X), agricultural data (agdatahub), financial data (EuroDaT) and mobility data (Mobility Data Space).

Federated data spaces as a form of technical infrastructure are not congruent with the data spaces mentioned in the DGA. The EU initially also refers to the section of the European internal market that deals with the desired trade in data rather vaguely as a “single” or “common European data space” (Recital 2 DGA). In addition, the DGA also refers to “European data spaces” in the plural, which are to be established and specialised in data from individual sectors (e.g. health, mobility, financial services, industry, Green Deal). This second type of data space refers not only to a specialised section of the internal market for data, but above all to the creation of specific technical infrastructures for the transfer and use of data in conjunction with the establishment of suitable structures and rules. In addition to the EU legal acts still planned for individual data spaces, the rules of the game developed in the Gaia-X project should also contribute to the organisation of the European data spaces. The independent but compatible data spaces together form key elements of the common European data space.

This blog post is part of a two-part series on the infrastructuralisation process of European data spaces. Click here for part 2.

The blog posts published by bidt reflect the views of the authors; they do not reflect the position of the institute as a whole.