With the emergence of new technologies, such as cloud computing, big data and artificial intelligence, the possibility to move data freely has become a key issue for European companies.

The draft law approved by the Internal Market Committee on the free flow of non-personal data is one of a series of proposals in the Digital Single Market Strategy. It complements the existing legislation for personal data (the GDPR), which provides for the free movement and portability of personal data within the EU.

The proposed rules would prevent any EU Member State from imposing territorial restrictions or prohibitions on the storage or any other processing of non-personal data anywhere within the EU, with narrow exceptions by clarifying that any restrictions on the location of data would only be allowed "on an exceptional basis", where justified on "imperative grounds of public security". Any remaining or future data localization requirements would have to be communicated to the EU Commission and published online, in order to ensure transparency.

The draft law ensures that the competent authorities will have access to data stored or processed in another Member State for regulatory control purposes, such as for inspection and audit. It also states that where personal and non-personal data in a mixed data set are inextricably linked, this regulation would apply without prejudice to the GDPR.

Once the draft is green-lighted by the European Parliament at the 2018 June's plenary session, three-way talks between the Parliament, the Council and the Commission can start, scheduled to the mid-June 2018.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.