Data policy and Data protection

Thanks to the digital transformation of the economy, the data sector is rapidly expanding. Electronic data lies at the heart of innovative economic systems and modern societies and can generate significant value when analyzed or combined with services or products, or advance scientific research, for example. The development of emerging technologies poses new challenges for legal frameworks that support the development of the digital single market and ensure the protection of fundamental rights. The free circulation of data within the European Union concerns both personal data, which requires a high level of protection, and non-personal data, such as aggregated and anonymized data sets.


Protection of personal data

The Constitution, as it will be applied on July 1, 2023, enshrines the rights to privacy and the protection of personal data (Articles 20 and 31). In particular, the SMC took part in the work at European Union level, which resulted in the adoption of a strong, consistent and trusted data protection framework that enables the digital economy to develop and citizens to have control over their personal data: Regulation (EU) 2016/679 (General Data Protection Regulation "GDPR"). The SMC played a central role in the development of the bill that resulted in the law of August 1, 2018 organizing the National Commission for Data Protection and the general regime on data protection accompanies and complements the RGPD.


In its policy on the protection of personal data, the SMC monitors new developments in this field, participates in national and international exchanges related to it, especially to ensure that this fundamental right is taken into account horizontally in the development of various data policy instruments.

 

Data policy

With a view to further freeing up data flows, the SMC took part in the work at European Union level that led to the adoption of Regulation (EU) 2018/1807 establishing a framework applicable to the free flow of non-personal data in the European Union (the "free flow of non-personal data" Regulation). This legal instrument prohibits localization requirements for non-personal data, with the exception of restrictions on grounds of public security. The SMC is the national contact point for the free flow of non-personal data (to contact us on this subject, please send an email to freeflowofdata@smc.etat.lu).

In addition, the SMC also contributes to national and international exchanges relating to various data flows through its policy.