Q1/2020 - European Union, Brussels
Strategy for a digital Europe, Brussels, 19 February 2020
On 19 February 2020, the new European Commission presented its strategy for a digital Europe for the coming 5 years. Ursula von der Leyen, President of the European Commission, pointed out that the future of Europe was “green and digital”. Europe wanted to shape its digital future independently on the basis of the “European values”. She explained that the new digital strategy covered all fields: from cyber security to digital economy, the basic democratic rights and new technological developments. Van der Leyen was supported by the Executive Vice President of the EU Commission, Margrethe Vestager, and by Commission member Thierry Breton. The two Commissioners are responsible for the implementation of the digital strategy. All in all, five documents were presented:
- Communication “Shaping Europe's digital future”
- Communication “A European strategy for data”,
- White Paper “On Artificial Intelligence”,
- Expert report “Towards a European strategy on business-to-government data sharing for the public interest”,
- Commission report on safety and liability implications of AI, the Internet of Things and robotics.
Shaping Europe's digital future: In four sections, the document outlines the key strategic cornerstones the EU intends to rely on in order to prepare itself for the digital age in the next five years. The digital Europe shall be “open, fair, diverse, democratic and confident” and be based on the European “values”. Europe‘s technological sovereignty, it says, is derived from the ability to determine its own rules and values. European technological sovereignty is not defined against anyone else, but focusing on the needs of Europeans and of the European model of social market economy. The EU will remain open to anyone willing “to play by European rules”. The overall strategy is a “complex puzzle”. For the four strategic areas, a total of 28 key actions is proposed.
Technology that works for people: Europe must invest more in its strategic capacities, above all in 5G/6G, deep tech and education in digital skills. Artificial intelligence will play a major role in this context. The changes will go far beyond the technical sector, especially in the field of cyber security. The transition must be fair and just and encourage women to fully take part. The design of the platform economy must ensure that disturbances of the labour market do not result in undermining of social rights. The key actions include
- The drafting of a White Paper on Artificial Intelligence with the purpose to create a legislative framework,
- The establishment of a Cybersecurity Unit,
- A Digital Education Action Plan,
- An Interoperability Strategy, and
- A Framework for Platform Workers.
A fair and competitive economy: Europe needs a genuine digital market, where data are widely and easily available, easily accessible, and simple to use and process. Administrative burdens and hampering legal regulations must be reduced, in particular for SMEs. The rules that apply offline must also apply online. The European competition law must be adjusted. This includes the creation of a tax regime that makes it impossible for a small group of large Internet platform companies to avoid paying taxes. The key actions proposed in this field include
- The drafting of a “European Data Strategy”,
- A fitness check for current European legislation concerning the digital economy, and
- A strategy for introducing a global digital tax in cooperation with the OECD.
An open, democratic and sustainable society: A digital Europe must be based on the rule of law. There is no doubt in Europe that what is illegal offline is also illegal online in Europe. This affects particularly the fundamental rights and freedoms of European citizens, including data and consumer protection. Citizens and consumers need more control over their own data. A universally accepted “electronic Identity” (eID) would be helpful in this respect. Protective measures for democratic processes such as elections and referendums are necessary to protect these processes against manipulation and disinformation campaigns. This also includes strengthening "trustworthy quality media", such as public broadcasting. The key actions proposed in this field include
- New and revised European legislative provisions within the framework of the newly proposed “Digital Services Act”,
- A revised regulation for electronic identity (eIDAS), and
- An action plan for the media sector and a “European Democracy Action Plan”.
The international dimension: Europe as a global player: The strength of Europe in geopolitical terms is its regulatory power, but also its industrial and technological capabilities, its diplomatic instruments and global aid programs. Europe must assume a leading role in the international negotiations on Internet issues, such as cyber security, digital economy, human rights and technology within the UN ecosystem, the G20, the OECD and other institutions like the standardisation bodies. This applies in particular to issues like 5G, Internet of Things and artificial intelligence. Europe has special responsibility for the cooperation with Africa. Therefore, the EU-AU Digital Economy Task Force must be strengthened. As regards digital trade, unjustified restrictions for European companies must be removed. The key actions proposed in this field include
- The drafting of a “Global Digital Cooperation Strategy” by 2021,
- A white paper on an instrument on foreign subsidies for the digital economy,
- A strategy for standardisation, and
- An action plan to promote the European approach in bilateral relations and multilateral negotiation fora.
European Strategy for Data: In a communication to the European Parliament and the European Council dated 19 February 2020, the European Commission set out its strategy for handling data. According to this document, data is the central resource of the digital transformation, the lifeblood of economic development (data-agile economy). By 2030, the EU must have become “the most attractive, most secure and most dynamic data-agile economy in the world”. At present, a small group of large companies controls the major share of all data. But the leading competitors, the US and China, have other strategic concepts – the US relies exclusively on market mechanisms, China on state control. Europe opposes these approaches with a balanced concept, in which the use of the resource data is reconciled with the guarantee of data privacy, security and ethical standards. Europe has a large reservoir of previously untapped non-personal industrial data and public data. The amount of this data will grow exponentially in the context of the Internet of Things, especially in the areas of G2B (Government to Business), B2B (Business to Business), B2G (Business to Government) and G2G (Government to Government). This will open a window of opportunity for Europe. Today's winners do not necessarily have to be those of tomorrow. Europe's technological sovereignty is not based on isolation, but expects global partners to respect European values and statutory basis. The communication cites national fragmentation, lack of interoperability, underdeveloped consumer awareness and skills gaps as European weaknesses. The strategy is based on four interlinked lines of action:
- Cross-cultural governance framework for data access and use: An overarching legal framework for the governance of a common European data space must be created. Moreover, high-quality public sector data must be made available to the private sector in Europe, in particular to small and medium-sized enterprises and start-ups. By 2021,regulations shall have been drafted in a data act for this new level of data sharing between the public and the private sector.
- Enablers: Investment in data and strengthening Europe´s capabilities and infrastructure for hosting, processing and using data, interoperability: Within the scope of this action line, the European Union intends to develop a project extending up until 2027 for developing a European cloud (High Impact Project on European data spaces and federated cloud infrastructure). National initiatives – like Germany’s GAIA-X project – shall be integrated and it is intended to adopt a memorandum of understanding with all EU member states (“EU Cloud Federation”). Existing cloud codes of conduct and certifications related to security, energy efficiency, quality of service, data privacy and data portability shall be compiled in an EU cloud book.
- Competences: Empowering individuals, investing in skills and in SMEs. The communication laments that on both the user side and the provider side there is insufficient awareness of the issue and that a fundamental lack of qualification exists. Investments must be made in education programs designed to increase consumer awareness with regard to the handling of their personal data and also and in particular to impart to SMEs the knowledge they need (Digital Education Action Plan), so that they can hold their ground in the data-agile economy.
- Common European data space in strategic sectors and domains of public interest: When implementing the activities described for the three areas above, nine common European data spaces shall be created by means of a so-called horizontal framework.
- A Common European industrial (manufacturing) data space, to support the competitiveness and performance of the EU’s industry, allowing to capture the potential value of use of non-personal data in manufacturing (estimated at €1,5 trillion by 2027);
- A Common European Green Deal data space, to use the major potential of data in support of the Green Deal priority actions on climate change, circular economy, zero-pollution, biodiversity, deforestation and compliance assurance. The “GreenData4All” and “Destination Earth” (digital twin of the Earth) initiatives will cover concrete actions;
- A Common European mobility data space, to position Europe at the forefront of the development of an intelligent transport system, including connected cars as well as other modes of transport. Such data space will facilitate access, pooling and sharing of data from existing and future transport and mobility databases;
- A Common European health data space, which is essential for advances in preventing, detecting and curing diseases as well as for informed, evidence-based decisions to improve the accessibility, effectiveness and sustainability of the healthcare systems;
- A Common European financial data space, to stimulate, through enhanced data sharing, innovation, market transparency, sustainable finance, as well as access to finance for European businesses and a more integrated market;
- A Common European energy data space, to promote a stronger availability and cross-sector sharing of data, in a customer-centric, secure and trustworthy manner, as this would facilitate innovative solutions and support the decarbonisation of the energy system;
- A Common European agriculture data space, to enhance the sustainability performance and competitiveness of the agricultural sector through the processing and analysis of production and other data, allowing for precise and tailored application of production approaches at farm level;
- Common European data spaces for public administration, to improve transparency and accountability of public spending and spending quality, fighting corruption, both at EU and national level, and to address law enforcement needs and support the effective application of EU law and enable innovative computer-aided applications for government action (‘gov tech’), governance (‘reg tech’) and administration of justice (‘legal tech’), supporting practitioners as well as other services of public interest;
- A Common European skills data space, to reduce the skills mismatches between the education and training system on the one hand and the labour market needs on the other.
White Paper on Artificial Intelligence: On 19 February 2020, the European Commission started a broad multistakeholder consultation with a White Paper for a European approach to artificial intelligence, which shall culminate in key elements of a future regulatory framework for AI in Europe. This regulatory framework shall be developed with a view to the global efforts of the OECD, UNESO, UN, WTO and other global institutions. In May 2019, the OECD adopted a “Declaration on Principles on Artificial Intelligence“, which was supported by the G20 in June 2019. The UNESCO is working at a normative instrument related to this issue. The EU intends to assume a leading role in AI in the next ten years.
For Europe, the White Paper relies above all on the next wave of data. It says that while Europe is lagging behind the major US platforms in the commercial exploitation of personal data, it could gain an edge in the processing of public and economic data (B2G, G2G, B2B, G2) due to its industrial and administrative strengths. However, this would require higher investments. The White Paper states that in 2016, Europe will have invested €3.2 billion in AI, which is far too little compared to China (€6.5 billion) and the USA (€12.1 billion).
In order to achieve the objectives, the White Paper proposes to build an "ecosystem of excellence", which shall comprise investment in research and development across the entire value chain up to promotion of innovative offers by small and medium-sized enterprises. The aim behind this is to overcome the lack of skilled workers and the fragmented landscape of national competence centers in the 27 EU states.
This shall be supplemented by an "ecosystem of trust". European initiatives on artificial intelligence shall be in line with European values and in accordance with the European legal system, including the fundamental and consumer rights of European citizens. An autonomous new legislative framework is envisaged, which will aim at promoting Europe's innovative capacity in the field of AI, while supporting the development and deployment of ethical and trustworthy AI throughout the EU economy to put artificial intelligence at the service of people.
The White Paper also addresses risks, particularly in relation with issues such as face recognition and human oversight . It is necessary to introduce a mechanism for conformity assessment for AI applications, which also distinguishes between “high risk” and “low risk”.
The White Paper states that a multistakeholder approach is the only way to find appropriate solutions for a European approach to artificial intelligence. All the partners concerned and involved from the private sector, academia and civil society must be involved on a broad basis. A future legislative framework must be based on the seven key demands presented by the EU High-Level Expert Group on AI in April 2019.
In addition to the three policy documents, the European Commission published two other papers on 19 February, which all together constitute the new European digital strategy:
- The report of the “B2G Expert Group: Towards a European strategy on business-to-government data sharing for the public interest” states that a large amount of data held by European public administrations in Europe is not yet available for commercial use. Thus, great potential for the development of innovative services for European citizens remains unused. The report recommends how this potential can be tapped by new "data sharing" strategies in the G2B, but also in the B2G sector, taking into account European values and the fundamental rights of citizens.
- The “Commission Report on safety and liability implications of AI, the Internet of Things and Robotics” deals with product safety and liability implications of new digital technologies such as artificial intelligence, Internet of Things and robotics. It requests existing product safety regulations, in particular the Directive on General Product Safety, the Machinery Directive and the Radio Equipment Directive to be adapted.
EU Toolbox zu 5G, Brussels 29 January 2020
On 29th January the European Commission published a so-called toolbox (EU toolbox on 5G cybersecurity) that aims to help European governments in dealing with calls for tender for national 5G networks in a differentiated manner. The EU Commission recommends a series of measures such as the specification of security requirements for network operators, concrete supervisory mechanisms, precise risk analyses, differentiation between high and low risk areas, diversification of supply chains and suppliers as well as own research into 5G and subsequent technology generations such as 6G.
Speech of Ursula von der Leyen, President of the European Commission, at the World Economic Forum, Davos, 22 January 2020
Even before the new European digital strategy was published, the new EU Commission President Ursula von der Leyen had stated in a keynote speech at the Davos World Economic Forum that Europe should become “green” and “digital”. Neither state control of the Internet (as in China) nor pure market control (as in the USA) was desired in Europe. European digital policy should combine economic efficiency and innovation with European values and individual fundamental rights. The European data strategy should enable Europe to become the most attractive, most secure and most dynamic “data-agile economy” in the world. Von der Leyen placed particular emphasis on the “new data wave” of “non-personal data” that will be generated in the economy and administration in the 2020s. She pointed out that up to now, 85 percent of this data were not processed further. Those data were hidden treasures and untapped opportunities for business and society. The innovative and comprehensive use of that growing resource of “non-personal data”, combined with the rights to the protection of “personal data” enshrined in the EU General Data Protection Regulation were characteristic of the European path to digitisation.
High Level Internet Governance Working Group (HLIG), Brussels, 28 January 2020
On 28 January 2020, the EU High-Level Group on Internet Governance (HLIG) held a meeting in Brussels.
The HLIG was established in 2003 between the two phases of the UN World Summit on the Information Society (WSIS). It is an institution of the EU Member States but has no decision-making powers. Its task is to ensure that the EU speaks "with one voice" in international negotiations on Internet Governance. The HLIG meets three to four times a year in closed sessions. For some years now, the HLIG meetings have been preceded by a “multistakeholder segment” with representatives from the private sector, civil society and the technical community. These consultations serve to find common ground with regard to current conferences and processes. No decisions are taken.
At the meeting in Brussels on 28 January 2020, there was a report on the IGF in Berlin (November 2019) and an outlook for the IGF in Katowice (November 2020), an outlook for EURODIG in Trieste (June 2020), a report by the German government on the implementation of the UN High Level Report (recommendation5A/B), a report by ICANN in preparation for the meeting in Cancún (March 2020), a report by DG Connect on the plans of the new EU Commission to develop a European digital strategy.
ENISA: Warnings related to the Corona crisis, cybersecurity skills and artificial intelligence, Athens, March 2020
Under its new Executive Director Juhan Lepassaar, the European Union Agency for Cybersecurity (ENISA) has upgraded its activities. Mr. Lepassaar is a citizen of Estonia. Until 2019 he was Head of Cabinet for the Vice President of the EU Commission, Andrus Ansip. Before, Lepassaar was EU advisor to the Estonian Prime Minister. On 16 October 2019, he had replaced Prof. Dr. Udo Helmbrecht, who had been Director of ENISA for ten years.
On 24 March 2020, in the context of the Corona crisis, ENISA published a document with tips for better cyber security when working from home. It contains eleven recommendations for employers and ten recommendations for employees. These include keeping multiple communication channels open, not using private devices to work from the home office, using secure and preferably multi-level authentication methods, using encryption techniques and refraining from exchanging sensitive data. The document also contains warnings with regard to phishing attacks.
On 26 March 2020. ENISA published a White Paper on “Cybersecurity Skills Development in the EU”. The report provides an overview of the status of the European education system for the qualification of cyber security experts. It examines the reasons why there is a shortage of such experts in Europe and makes suggestions on how to overcome this shortage, e.g. by linking higher education more closely to the labour market. The recommendations are based on four country studies (Australia, USA, France and Great Britain). To this end, ENISA has developed a new interactive database (Cybersecurity Higher Education Database) with information on study opportunities in the EU and the associated countries Norway, Iceland and Switzerland.
A new field of action for ENISA is artificial intelligence. According to ENISA, artificial intelligence can be abused for criminal purposes, at the same time it can be a powerful tool to strengthen cyber security and to defend against attacks. A new group of experts shall help ENISA to find out which mechanisms and instruments are useful and necessary to enable ENISA to better perform its tasks. On 24 March 2020, ENISA published a “Call for Expression of Interest” to become a member of the group of experts. Applications are accepted until 15 April 2020. The expert group is planned to be constituted after the summer break at the latest.
Brazil-EU Cyber Security Dialogue, Brussels, 20 February 2020
On 20 February 2020, the second EU-Brazil cyber security consultations were held in Brussels. The bilateral “Brazil-EU Cyber Dialogue” had started in 2017 with a first meeting in Brasilia. The long break is due to the change of government in Brazil. Being a member of BRICS, Brazil is a strategic partner of the EU in the “global south”, especially in the ongoing cyber security negotiations at the United Nations. In addition to that the 6th UN-GGE is chaired by a Brazilian diplomat, Ambassador Guilherme de Aguiar Patriota. In previously controversial issues, such as the drafting of a new instrument of international law or priority for the implementation of existing standards and support for the multistakeholder model, a rapprochement could be achieved in the consultations.