11.11.2024
Practice Areas: Intellectual Property and Information Technology
Services: Data Protection and Cybersecurity
Free Flowing
On 4 November 2024, Decree-Law no. 85/2024 of 4 November, authorised by the Presidency of the Council of Ministers, was published in the Official Gazette.
This Decree-Law will ensure that Regulation (EU) 2018/1807, which created a regime for the free flow of non-personal data in the European Union, is implemented in the national legal order.
This Regulation was driven by the recognition that the information and communications technology sector is no longer a specific sector, but the basis of all economic systems and all modern and innovative societies.
The European regulation in question is designed to make it easier to carry out cross-border transactions in the European Union and to create a single market for data storage and processing services, such as cloud computing.
Although it is a regulation (and therefore directly applicable in the national legal order), the European instrument contains provisions that require the adoption of implementing acts by the national legislator.
Rules that, for example, imply the identification of the competent entity as the single point of contact and manager of the single national online information point – for which the Agency for Administrative Modernisation, I. P., (AMA IP) and its respective competences have been designated -, the adoption of mechanisms and procedures to comply with notification obligations and also the determination of minimum sanction thresholds.
It should also be noted that the Supervisory Authority will be the ASAE (Food and Economic Safety Authority), not the AMA, and that the decree-law’s sanctioning scheme associates light and serious administrative offences (punishable by amounts ranging from EUR 600.00 to EUR 24,000.00) with violations of the provisions of the decree-law.
The vacatio legis period of this Decree-Law then began, and it should come into force at the beginning of 2025.