Comment Neelie (Kroes)

To add your comment to this speech, see the social version of the speech heresentence permalink

You have been talking intensively about data; and how to protect it.sentence permalink

I want to talk about data too: the opportunity as well as the threat.sentence permalink

Making data the engine of the European economy: safeguarding fundamental rights capturing the data boost, and strengthening our defences.sentence permalink

Data is at a cross-roads. We have opportunities; open data, big data, datamining, cloud computing.sentence permalink

Tim Berners Lee, creator of the world wide web, saw the massive potential of open data. As he put it, if you put that data online, it will be used by other people to do wonderful things, in ways that you could never imagine.sentence permalink

On the other hand, we have threats: to our privacy and our values, and to the openness that makes it possible to innovate, trade and exchange.sentence permalink

Get it right and we can safeguard a better economic future. Get it wrong, and we cut competitiveness without protecting privacy. So we remain dependent on the digital developments of others: and just as vulnerable to them.sentence permalink

How do we find that balance? Not with hysteria; nor by paralysis. Not by stopping the wonderful things, simply to prevent the not-so-wonderful. Not by seeing data as a dirty word.sentence permalink

We are seeing a whole economy develop around data and cloud computing. Businesses using them, whole industries depending on them, data volumes are increasing exponentially. Data is not just an economic sideshow, it is a whole new asset class; requiring new skills and creating new jobs.sentence permalink

And with a huge range of applications. From decoding human genes to predicting the traffic, and even the economy. Whatever you're doing these days, chances are you're using big data (like translation, search, apps, etc).sentence permalink

There is increasing recognition of the data boost on offer. For example, open data can make public administrations more transparent and stimulate a rich innovative market. That is what the G8 Leaders recognised in June, with their Open Data Charter. For scientists too, open data and open access offer new ways to research and progress.sentence permalink

That is a philosophy the Commission has shared for some time. And that is what our 'Open Data' package of December 2011 is all about. With new EU laws to open up public administrations, and a new EU Open Data Portal. And all EU-funded scientific publications available under open access.sentence permalink

Now not just the G8 and the Commission are seeing this data opportunity: but the European Council too. Last October, they recognised the potential of big data innovation, the need for a single market in cloud computing; and the urgency of Europe capitalising on both.sentence permalink

We will be acting on that. Next spring, I plan a strategic agenda for research on data. Working with private partners and national research funders to shape that agenda, and get the most bang for our research euro.sentence permalink

And, beyond research, there is much we can do to align our work and support secure big data. From training skilled workers, to modernising copyright for data and text mining, to different actors in the value chain working together: for example through a public-private partnership.sentence permalink

For some, the instinctive reaction is to be worried by these trends. They see the rise of big data, mobile and cloud as meaning a paradigm shift for privacy, with endless data being mixed and meshed, leading to outcomes that may be intrusive, annoying, or just plain wrong.sentence permalink

I agree we should not ignore those risks: we should understand them.sentence permalink

We need to ensure that new technologies are designed to respect privacy, without the law becoming a strait-jacket to innovation.sentence permalink

Attending to fundamental rights does not mean preventing possibilities, and losing this opportunity. On the contrary: mastering big data means mastering privacy.sentence permalink

Because we need to recognise that tomorrow's world will be digital. In that digital world, Europe can either lead or follow. We can either be at the table - or on the menu. So let's remember the opportunities on offer, and not be afraid to capture them.sentence permalink

With the economy where it is, we can't be afraid of new opportunity.sentence permalink

The fact is, many online services rely on data, and are free only because of the information people supply. In some ways data has become currency and it has proven to be a valid business model.sentence permalink

And most people can make those decisions themselves; whether to exchange data for a service. Informed, empowered adults with fair and transparent options can be in in control of their own privacy. In a competitive market they can make that trade-off; our data policies should be equally grown up. Indeed building that competitive market offers a big economic opportunity.sentence permalink

Empowering people is not always easy in this complex online world. I want to see technical solutions emerge that can do that, give users control over their desired level of privacy, how their data will be used, and making it easier to verify online rights are respected.sentence permalink

How can we do that? How can we ensure systems that are empowering, transparent, and secure? There are a number of subtleties in play. Here's my take.sentence permalink

First, companies engaged in big data will need to start thinking about privacy protection at every stage: and from system development, to procedures and practices.sentence permalink

This is the principle of "privacy by design", set out clearly in the proposed Data Protection Regulation. In other words, from now on new business ideas have two purposes: delivering a service and protecting privacy at the right level.sentence permalink

Second, also under the regulation, big data applications that might put fundamental rights at risk would require the company to carry out a "Privacy Impact Assessment". This is another good way to combine innovation and privacy: ensuring you think about any risks from the start.sentence permalink

Third, sometimes, particularly for personal data, a company might realise they need user consent. Consent is a cornerstone of data protection rules, and should stay that way.sentence permalink

But we need to get smart, and apply common sense to consent. Users can't be expected to know everything. Nor asked to consent to what they cannot realistically understand. Nor presented with false dilemmas, a black-and-white choice between consenting or getting shut out of services.sentence permalink

Fourth, we can also get smart when it comes to anonymisation. Sometimes, full anonymisation means losing important information, so you can no longer make the links between data. That could make the difference between progress or paralysis. But using pseudonyms can let you to analyse large amounts of data: to spot, for example, that people with genetic pattern X also respond well to therapy Y.sentence permalink

So it is understandable why the European Parliament has proposed a more flexible data protection regime for this type of data. Companies would be able to process the data on grounds of legitimate interest, rather than consent. That could make all the positive difference to big data: without endangering privacy.sentence permalink

Of course, in those cases, companies still to minimise privacy risks. Their internal processes and risk assessments must show how they comply with the guiding principles of data protection law. And – if something does go wrong - the company remains accountable.sentence permalink

Indeed company accountability is another key element of our proposal. And here again we welcome the European Parliament's efforts to reinforce that. Clearly, you might assure accountability in different ways for different companies. But standards for compliance and processes could make a real difference.sentence permalink

A single data protection law for Europe would be a big step forward. National fortresses and single market barriers just make it harder for Europe to lead in digital, harder for Europe to become the natural home of secure online services. Data protection cannot mean data protectionism. Rather, it means safeguarding privacy does not come at the expense of innovation: with laws both flexible and future proof, pragmatic and proportionate, for a changing world.sentence permalink

Of course, laws aren't always enough; they need to be properly implemented. So I strongly support industry driven initiatives to ensure that. Lots of good work has already happened, for example on the data protection code of conduct for cloud providers; a joint undertaking by the industry with national data protection authorities fully involved. And I am looking forward to the final version of that plan early next year, as endorsed by the Article 29 Working Party.sentence permalink

But data protection rules are really just the start.sentence permalink

They are only part of our response to the Snowden revelations.sentence permalink

Because, let's be honest: spying has been going on for some time; perhaps it's the world's second oldest profession. It uses whatever tools lie to hand; today it uses digital ones.sentence permalink

So let's not be naïve. However well drafted and carefully negotiated, the risk of breaking EU law will not deter your average hacker or spy. When your house is broken into – you don't need a lawyer, you need a lock.sentence permalink

That response must involve many elements beyond data protection. And it will.sentence permalink

We will also invest in security solutions - through our research and innovation programme, Horizon 2020. We have proposed legal safeguards – obliging public and private actors to keep networks and systems resilient and secure, protected from hacking and spying, through a Directive on network and information security.sentence permalink

And we can ensure secure and transparent cloud computing: so ordinary users get contracts crystal clear about what happens to their data, and when it might ever leave Europe. And with governments working together to stimulate solutions that meet the highest security standards: getting the European Cloud to cruising altitude. sentence permalink

On their own, data protection is not about putting barriers in the way of well-meaning businesses, or limiting the options of innovators; it is about safeguarding fundamental rights, building trust, and ensuring a system built on fairness, transparency and user control.sentence permalink

Ultimately our goal should be clear: to stimulate European leadership, and make our continent the world's natural home for secure online services.sentence permalink

That is what our Digital Agenda is all about: ensuring Europe can capture the rich and rewarding benefits of the online age; growth, opportunities, jobs. Let's find the solution that lets openness, innovation and fundamental rights go hand in hand.sentence permalink

Loading data

Side Bar

Manage your searches and email notificationssentence permalink

What were you looking for?

Any suggestions?

Footer