.png){kind=small}
.png)
Although the digitization of data has occurred for the last decades, the rate of data available has increased exponentially in the last few years. According to IBM's research dated 2017, 90% of the current world’s data has been created in the previous two years. The estimation of data growth goes from 33 zettabytes in 2018 to 175 zettabytes in 2025. Having billions of (inter)connected devices that gather, transfer, and process data poses significant risks, from data protection to cybersecurity, but, at the same time, creates multiple opportunities for industries and citizens.
What is data? From a legal point of view, the recent Data Act proposal, presented in February 2022 by the EU Commission, defines data as ‘any digital representation of acts, facts or information and any compilation of such acts, facts or information, including in the form of sound, visual or audio-visual recording’. Knowing information has always generated a competitive advantage and has allowed to change or influence behaviours. That has increased dramatically in our digital world. Access to data is a new form of power, as data-driven actions exhibit better performance, achieved in a faster way. Being data one of the most powerful economic resources, the interests at stake are massive as all industries and societies are impacted by the digital revolution. This situation is reflected by the agenda of legislators around the world that are trying to drive this digital transformation. In the European Union, we can identify three main open regulation yards on digital technology. The mentioned Data Act is one of the pillars of the European Digital Strategy for Data, which includes also the Digital Market Act proposal and the Data Governance Act proposal. In parallel, the EU institutions are discussing the Digital Financial Package, which contains the proposal for a regulation on markets in crypto-assets, on markets infrastructure DLT-based, and on the digital operational resilience for the financial sector. Last but to least, the Artificial Intelligence Act sets a proposal for a regulation laying down harmonised rules on artificial intelligence. These proposals will likely be approved between this year and the following one. The magnitude of this regulatory process, which will directly impact nearly half a billion people, is impressive. This is confirmed by the fact that the EU approach on digital technologies is already generating political frictions across the globe; while the US wants to defend the business of their tech industries, China is developing technologies following an approach based on different, or even opposite, values from the ones that are moving the EU legislator. Digital social scoring and facial recognitions on public sites are just some of the most debated cases. These regulatory choices derive from different cultural approaches. In the digital world, the myth of the neutrality of technology is definitely vanishing, as now we have clear evidence that cultures are capable of shaping any aspect of tech innovation, from its design to its deployment.
Notwithstanding the approach used, regulation is key when we talk about data. Regulations set a data governance scheme that provides legal certainty on who is the data owner, who is entitled to process data, what is possible to do with data, and how data is managed. Deciding on the balance of interests to govern these dynamics is a political decision. Regulations aim to ensure protection to certain values, as they find formal recognition within the law. But what are the values protected by data regulation? The EU is certainly paying more attention to the social implications of data processing, by putting human dignity first. The legislative proposals under the European Digital Strategy for Data encode these principles. These proposals set the obligations to make data accessible to their users, the right to access and use our own data, and the users’ right to share data with third parties. Moreover, they promote data standardisation to facilitate interoperability and portability of data to increase the number of players that could provide services by using data. These proposals will have a deep impact on product manufacturers, that shall design products in a way to make these obligations applicable, thus embedding in the production phase the compliance by design principle. Understandably, the values behind these rules will have deep political, social, and economic implications as these rules affect power relations.
While data can empower individuals, data can also serve to consolidate dominant positions over people. That is why the way we regulate the digital dimension shall express the moral and ethical roots of society. If globalisation was supposed to level differences across countries and to harmonise rules, what we are seeing is that the differences in values are reflected in the regulation of the digital world, which replicates the huge cultural divisions and political tensions of the physical one. We are still at the beginning of a new era and a large part of the population, even in the most tech-developed countries, seems to be still unaware of the enormous impact that data regulation can have in our daily lives. However, we need to start being conscious that understanding these dynamics shall be the gateway to citizens, industries, and governments for entering this new digital era.