Overview and Analysis of General Legal Barriers Stemming from Other Sources than Horizontal Legislation Confidentiality and commercial secrecy
Information can apart from being within the scope of personal data also be included in legislative acts governing the areas of confidentiality, secrecy and access to documents. The process of data within that area can be subject to a barrier for exchange. Confidentiality can originate either from legislation or on the basis of contractual provisions. Regarding contractual provisions these are discussed in detail below.
Provisions addressing confidentiality and commercial secrecy can be found in several legislative acts governing the maritime area e.g. VMS Directive, VTM, Directive, SOLAS Convention, port security regulations, data protection rules and the PSI Directive. Such provisions do not necessarily constitute an obstacle, as such, to the exchange of data between MS. However, recipients of such data are under a duty of confidentiality.
Legal complexity
As mentioned above one example is the VMS or VTM framework that establishes confidentiality of VMS data. However, provisions like that do not constitute an obstacle to the exchange of data between relevant authorities but it establishes obligations for the receiving authority to apply the same level of confidentiality as the provider. The information can therefore not be shared with third parties potentially including other functions. The reasons for not sharing or exchanging such data are often for professional and commercial secrecy reasons. These rules does not in themselves constitute a barrier however they do raise an issue of legal complexity for CISE.
Classification of information
A commonly detected administrative hindrance is public authorities' classification of information, which gives the information a specific label even though there is no strict legal barrier for access. That is not a legal barrier but can be perceived as such and it could potentially be a challenging issue for the efficient implementation of CISE.
Access to documents
The relevant legislation regarding access to documents contains reasons for denying access to certain data and is it normally specified in the legislation, which type of data access should be refused. However in some cases the legislative provisions do not correspond with secrecy clauses in contracts between private actors and authorities. In those cases the ruling of relevant courts (administrative or legal) might be necessary.
As regards the European institutions the procedures are governed by the Transparency Regulation,19 however similar rules apply in the national legislation.
Data policies of public authorities
Data policies of public authorities are normally created in a mixed environment between technical requirements and policies. The data policies are aiming to strike a balance between openness, legal/administrative restrictions and technical feasibility.
Fragmented approach
The main barrier of national data policies is the fragmented approach across MS, which holds numerous different examples of solutions. These solutions either facilitate sharing or constitute an administrative hindrance. The diversity entails difficulties to gain knowledge on how to know which information is possible to exchange and how to execute the actual exchange.
Data policies and architectural visions
Data policies are also highly relevant in the further discussions on the architectural visions for CISE. Depending on the choice of vision the data policy of the MS and relevant public authorities will be a key input for the discussions.
One example of a data policy is the United Kingdom, which has a very clear and open strategy towards public data in general. Information hereof can be found in the portal www.data.gov.uk where all sectors are represented and as much information as possible are shared. Another example is the Digital Agenda for Europe scoreboard where all statistical information regarding the information society in Europe are made available for policy makers, private sector companies and others that wish to use the data.20
International law and EU legislation
The maritime area stretches beyond the EU borders and it is a global domain. It is therefore besides from European and national legislation also governed by international conventions functioning globally. Moreover the maritime area is governed by several regional conventions.
International obligations
This gives in some cases a legally complex picture when authorities exercise their authority. However the vast majority of the provisions in international conventions have been implemented in the European legislation and the Community has acceded to the treaties.
Contractual barriers
In the CISE context, three types of contracts are relevant:
Agreements between authorities.
Procurement contracts with private providers of data and information
Outsourcing of CISE related tasks
Contracts are concluded in accordance with standard agreements, national law, or the choice of law among the contract parties. This means in practical terms, that CISE faces a multitude of different contract approaches as national contract law and contract practise vary throughout Europe.
Furthermore, the quality of the contract outcome requires negotiation powers, which depends on resources available for the public CISE actor and the actual bargaining position.
Differentiated approach
This illustrates that contractual barriers vary significant amongst the CISE stakeholders throughout Europe. CISE cannot legally ensure a uniform approach to the conclusion of contracts as this will interfere with national legislation and competences.
Instead, the EU may apply CISE related recommendations directed at CISE national stakeholders when entering contracts governed by private law. The contract, which itself is only binding for the contracting parties, shall safeguard both the private interests and the need for CISE distribution of the data provided. It shall be recalled that the data collected by the public stakeholders may be governed by EU and national legislation, such as data protection rules and openness. However, a poorly drafted contract concluded with private data providers may restrain the actual public use in that case and thus be a barrier for CISE. This may be the case, for instance where the public authority has agreed to an extreme confidentiality clause or use based on a costly license agreement21.
Outsourcing
In case a contract allows a private contract party to possess or obtain information that legally is in the domain of the principal contract party, the contract must regulate the use of the information by the private contract party. This concerns typically outsourcing, and is especially important where such use by the private party is not governed by adequate legislation.
No "Real Time" sharing of information
The legislation does not typically include an obligation for "real time" sharing of information. This can in some cases have the consequence that it is difficult to compare information and reap all the benefits from sharing information. This is both in terms of security and in terms of commercial exploitation of the data.
Standardised approach
Moreover there is a potential for better information sharing in creating standardised approaches to frequencies and formats for exchanging information. Some legislative acts within the maritime area include an obligation to share but not specified, some specify an obligation to report annually or biannually. However if CISE should function to the highest possible potential the information should be available at any moment for relevant stakeholders and be able to be processed to the specific need of the users.
Reporting categories
Almost all legislative acts have a reporting mechanism, which roughly can be divided into three categories according the analysis presented in annex 3.
(1) The regulatory follow up and effective evaluation of e.g. a directive. This is a streamlined and necessary process, which is essential for improving the legislation.
(2) Reporting set to be done with a specific frequency on the specific area of information related to the directive.
Those two categories can be seen as vertical and static in their information sharing approach.
(3) Other pieces of legislation are more specific in the process description regarding information sharing. Some provisions do target a more horizontal and dynamic approach.
Information sharing and processing will almost in all cases be an administrative burden for the authorities gathering the information or for the private actor that needs to provide the information.22
Technological possibilities
Generally the legislative acts governing the maritime area hold provisions on information sharing or reporting. The current technology offers possibilities to lower the administrative burden related to sharing information by putting in place systems that share the information automatically. This would however normally require an upfront investment.
As mentioned above most of the legislative acts oblige authorities to some level of responsibility to share information. However in order to ensure the best possible exploitation of the available information it is essential that the information is easily accessible for the relevant stakeholders. It is likely that in communities where information sharing is part of the culture further information sharing will not be perceived as a significant administrative burden. But in other communities even small efforts will be perceived as significant administrative barriers. Differentiated administrative procedures
From the research done so far it is clear that administrative procedures varies and the approach to information sharing is different from function to function and Member State to Member State.
Share with your friends: |