New Regulation Reinforces Free Flow of Data in the EU

Alicja Kwiatkowski
July 10, 2019

This blog was last updated on July 23, 2019

When thinking about the aim of GDPR, one of the first things that comes to mind is the set of rules, obligations, and restrictions on the processing of personal data. When in fact, as the full title of GDPR – General Data Protection Regulation – and its recitals explain, the subject matter and purpose of this regulation is not only the protection of personal data of natural persons but also the free flow of such data.

GDPRRegulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

To further increase the cross-border exchange of data and boost the data economy in Europe, the European Union have adopted another regulation, which supplements GDPR with respect to non-personal data. The Free Flow of Non-Personal Data Regulation (FFNPDR) became effective from May 28, 2019 – one year after GDPR.

FFNPDR– Regulation (EU) 2018/1807 of the European Parliament and of the Council of 14 November 2018 on a framework for the free flow of non-personal data in the European Union (The Free Flow of Non-Personal Data Regulation).

The FFNPDR introduces the principles of free movement of data and prohibits data localisation requirements within the EU, including indirect measures such as certification of local providers. It also establishes co-operation to ensure local authorities have sufficient access to data stored in other countries. Lastly, it provides incentives for data portability through codes of conduct.

This recent regulation also applies to mixed datasets, in other words documents containing both personal and non-personal data. In case of any conflict between the FFNPDR and GDPR, the latter takes precedence.

It is worth mentioning that the regulation has implications for the future as it will not affect current localisation requirements in the EU or its Member States’ legislation in effect prior to May 2019. Taking invoicing as an example, EU Member States may still need to notify local tax authorities about their intention to archive invoices in another EU country. Similar obligations may no longer be introduced in new legislation.

The clear aim of the FFNPDR is to create legal certainty for businesses to process their data wherever they want in the EU. It certainly raises trust in data processing services, such as digital archives, from other EU countries.

Take Action

Sovos Trustweaver provides eArchiving solutions for clients in over 50 countries. Find out more and follow us on LinkedIn and Twitter to keep up-to-date with regulatory news and other updates.

Sign up for Email Updates

Stay up to date with the latest tax and compliance updates that may impact your business.

Author

Alicja Kwiatkowski

Alicja Kwiatkowski is a Legal Counsel at Sovos TrustWeaver. Based in Stockholm, Alicja’s background is in law and IT with a professional focus on international e-invoicing compliance, personal data protection and cyber security. Alicja earned her degree in Law from University of Warsaw, Poland and LL.M in European IP Law from Stockholm University, Sweden.
Share this post

retailer dtc wine shipping
North America ShipCompliant
February 6, 2025
Retailer DtC Wine Shipping: The Time Has Come

This blog was last updated on February 6, 2025 By Tom Wark, Executive Director, National Association of Wine Retailers We are often reminded by the media and those in the wine industry—as well as by wine enthusiasts—that the three-tier system of alcohol distribution in most states hinders consumer access to the expansive number of wines […]

Montana 1099-DA
North America Tax Information Reporting
February 5, 2025
State Filing Alert: Montana’s New 1099-DA Requirements for Crypto Brokers

This blog was last updated on February 5, 2025 Reporting digital asset transactions on Form 1099-DA just got a little more complicated. For 2025 transactions, crypto brokers that file Form 1099-DA with the IRS will be required to file the 1099-DA with the State of Montana. This makes Montana the first state to introduce a […]

North America ShipCompliant
January 23, 2025
DtC Wine Shipping in 2024: A Year-in-Review

This blog was last updated on January 28, 2025 The direct-to-consumer (DtC) wine shipping channel faced a storm of challenges in 2024, navigating some of the toughest market conditions in over a decade. As inflation tightened wallets and consumer behaviors shifted, the industry recorded its steepest declines in shipment volume and value since the inception […]

Form 1099-DA Crypto Transactions
North America Tax Information Reporting
January 21, 2025
What is Form 1099-DA and How Does it Impact Crypto Transactions?

This blog was last updated on January 24, 2025 The IRS has released Form 1099-DA and its accompanying instructions for filing for TY 2025. Form 1099-DA is the newest IRS information return, designed for reporting digital asset proceeds from broker transactions and is required to be filed by brokers managing digital assets such as NFTs […]

Greece B2B E-invoicing
E-Invoicing Compliance EMEA
January 14, 2025
Greece: Mandatory B2B E-invoicing Possible From July 2025 After EU Derogation

This blog was last updated on January 14, 2025 Greece has been in the process of implementing mandatory B2G e-invoicing over the past few years, with a B2B e-invoicing mandate expected to follow. Following reports that Greece had requested a derogation to introduce mandatory B2B e-invoicing in 2024, the European Commission has published a proposal […]