Differential Data Protection Regimes in Data-Driven Research: Why the GDPR Is More Research-Friendly Than You Think

Against the backdrop of an evolving landscape describing data driven research, the study discusses the role of data protection laws in shaping a free flow of research data. In particular, it enquires whether European data protection law hampers or rather encourages data-driven research, and how. The analysis critically challenges the shared belief that the more severe data protection regime laid down by the European legislator adversely affects data flows and with that data-driven research, contrary to what occurs in the US where the more fragmented and less developed data protection framework may facilitate data flows and related innovation patterns. Research objectives through data re-usability have been very recently given primary importance in the GDPR, where they find a formidable ally enabling the re-usability of public data by businesses and of private data by public institutions, for either public interest-related research purposes or commercially-oriented innovation purposes. We argue that the GDPR differently promotes research-valuable data flows in consistency with an emerging principle of free movement of personal data. Our analysis links to this principle three-directional research regimes emerging from the GDPR.