• Skip to primary navigation
  • Skip to main content
MyData

MyData

  • About
    • Purposes and principles
    • People
    • Members
    • Careers
    • History
  • Participate
    • Become a member
    • Members Board
    • Sign the Declaration
    • Subscribe to Newsletter
    • Community Panel
    • Projects
    • Local Hubs
    • Thematic groups
  • Awards
  • Publications
    • Declaration
    • All publications
    • White papers
    • Case Studies (old site)
  • Events
    • Upcoming events
    • MyData 2025 Conference
    • Help Shape the Future of Skills – Cyanotypes framework pilot onboarding webinar
    • Past events
    • Event materials (member login required)
  • News
    • Updates
    • Member Opportunities and Resource Board
  • Login
  • Show Search
Hide Search

MyData and the European Union’s latest data developments

28 Oct 2021 · Update · EU, MyData Chair

The European Union (EU) is a global regulatory powerhouse in the data rights space, with the General Data Protection Regulation (GDPR) being the most well known example. The upcoming Data Governance Act may be the next globally influential, data-related regulation benefiting citizens at home and abroad. In this blog, MyData Chair, Antti “Jogi” Poikola explains the EU Data Governance Act and how it supports achieving the goals in the MyData Declaration. 

Since MyData Global’s creation three years ago, it has expanded rapidly with 30 hubs established globally. The EU has been an important forum for putting into practice a human-centric, ethical approach to personal data. The development of the Data Governance Act (DGA) is exciting for MyData because it shows a clear link to the MyData Operators white paper, which describes the operations and functions of what the EU terms as “data intermediaries”. Data intermediaries are organisations that facilitate the flow of personal data across services in such a way that the individuals stay in the driver’s seat. Seeing this come to fruition through legislation is a significant step, but implementation of the DGA will be the key test. 

By defining data intermediaries, the DGA shapes the underlying structures of the data economy to be more human-centric. With regulated data intermediaries, the use of personal data will become more transparent and more ethical. The regulation also ensures a level playing field for data intermediaries by requiring them to all follow the same rules and practices. The DGA aligns with the MyData Declaration by facilitating people to benefit from the data about them. Furthermore, it encourages interoperability between companies, thereby unlocking the full potential of personal data to revolutionise the services and products that we all rely on. 

The DGA goes beyond existing EU regulations and laws by making sure all stakeholders – from small to large companies, governments, citizens, and other organisations – benefit from the flow of personal data. Whilst the law itself is robust, as ever, implementation will be the real test. The DGA requires each country to assign or set up a competent authority by 2023 to oversee the implementation of the legislation. There is a risk that by the time national authorities start implementing the legislation, common guidelines for interpreting the requirements nationally as well as between member states may not yet be harmonised. 

A bigger question remains around whether and how the authorities will actually monitor the compliance whilst the common guidelines are being developed. Companies will be “validated” once by competent authorities, but not monitored thereafter – this opens the door to companies changing their policies once they have been through the validation process. There is also the risk that authorities could change their monitoring practices once the interpretation guidelines are in place, which could create regulatory uncertainty for the data intermediaries. Assessments should be ongoing and continuous as intermediaries are a nascent area for both technology and the law, but at the same time the interpretation rules should be transparent and predictable, and any changes should be communicated well in advance. 

As with most new legislation, there are costs involved and the regulation allows authorities to charge for registering data intermediaries. These fees may vary between countries. There is a risk that, with a lack of guidance, some national authorities may put in place overly heavy processes, and the costs may become too burdensome for small- or medium-sized companies, undermining the goal of creating a level playing field. The existing unregulated system had costs, too, of course, by giving an implicit advantage to established companies as well as non-financial costs associated with unethical data practices. Moving forward, companies that are data intermediaries and data users will now have to split their operations into separate companies, and they will need to be clear on how their operations cross the line between these two functions. 

Whilst the EU sphere is key for the reasons stated above, data intermediaries exist in all jurisdictions and there are probably similar regulations coming into force elsewhere. For example, in Japan there is already soft regulation for information banks. MyData Global has a role to play in helping businesses understand, meet, and exceed legislation. We can help companies stay competitive and ahead of the curve by defining best practice. We are already doing this through the MyData Operator Awardees, which are data intermediaries that come from around the world.  

If you want to keep up to date with MyData Global’s thoughts on the EU DGA and MyData Operators you can join the Slack channel. For more information on MyData Operators, view the factsheet and the white paper. The 2021 My Data Operator Awards will be announced in November in Amsterdam.

Categories: Update Tags: EU, MyData Chair

Previous Post: « Hub spotlight: MyData Japan – Promoting ethical approaches to personal data
Next Post: Event: MYDATA OPERATOR AWARDS 2021 »

Reader Interactions

Trackbacks

  1. 22 companies and organisations receive the MyData Operator 2021 Award - MyData.org says:
    17 Nov 2021 at 4:37 pm

    […] Operators are examples of what the recent EU Data Governance Act calls “data intermediaries”, and they are set to play a critical role in the provision of the […]

  2. 2021 in review: the events and activities shaping the personal data landscape - MyData.org says:
    17 Dec 2021 at 12:25 pm

    […] 2021 has been a productive year for MyData Global, and a significant one for the wider personal data world. The Facebook Files helped raise the issue of personal data and ethics to the general public, and the EU’s Data Governance Act has helped put into practice many of the changes MyData Global has been advocating for.  […]

  3. Announcing the MyData Operator Awards 2022 - MyData.org says:
    20 Dec 2021 at 1:05 pm

    […] saw the EU negotiate the Data Governance Act (DGA). The DGA shows a clear link to the MyData Operators white paper, which describes the operations and […]

  4. EU Data Act – making data portability actionable - MyData.org says:
    25 Feb 2022 at 11:25 am

    […] proposal should not be confused with the Data Governance Act (DGA) -proposal (our analyses here and here) published by the Commission in late 2019. From the MyData perspective, these two similarly named […]

  5. Exemplary personal data businesses: 33 organisations receive the MyData Operator 2022 Award  - MyData.org says:
    16 Mar 2022 at 4:31 pm

    […] Operators are examples of what the recent EU Data Governance Act calls “data intermediaries”. They are set to play a critical role in the provision of the […]

  6. Exemplary personal data businesses: 33 organisations receive the MyData Operator 2022 Award  says:
    17 May 2022 at 7:40 am

    […] Operators are examples of what the recent EU Data Governance Act calls “data intermediaries”. They are set to play a critical role in the provision of the […]

MyData

  • About
  • Participate
  • Updates
  • Privacy
  • Bylaws
  • Code of Conduct
  • Contact

Empowering individuals by improving their right to self-determination regarding their personal data.
Copyright © 2018–2025
This site uses only strictly necessary cookies to remember your choices and to allow members to log in to the member portal.