The GDPR and the DGA Proposal: are They in Controversial Relationship?

Abstract

Summary At the end of 2020, the European Commission published a new European data strategy, which aims to create a new legal framework to promote the development of a single European data market. In the scope of the new strategy the European Commission has already proposed the Data Governance Act proposal (hereinafter – the “DGA”), which aims to strengthen the mechanism to facilitate data exchange. The proposal of the new legislative act has raised the question about the right balance between it and the existing EU legislative acts, which were adopted in the key of personal data protection, especially with the General Data Protection Regulation (hereinafter – the “GDPR”). We argue that there are a number of inconsistencies between the DGA proposal and the GDPR that may prevent the full implementation of mechanisms that allow achieving the EU’s intended goals in this field within the framework of the new European strategy. The interaction of the DGA with the GDPR is characterized by conflict of laws and legal uncertainty, which can jeopardize the achievement of the objectives of the DGA itself and can reduce the level of personal data protection in the EU, compared to the GDPR. Besides, the examination of the relevant case-law of the Court of Justice of the European Union (hereinafter – the “CJEU” or the “Court”) regarding the implementation of the GDPR identifies approaches that prevent the opening of data exchange as the DGA proposal requires.