Why research may no longer be the same: About the territorial scope of the New Data Protection Regulation

In an innovative digital information society, research plays a key role. This research is no longer an individual and national activity, but is increasingly collaborative involving various resources, stakeholders and countries. For this purpose, research platforms are set up as they offer various advantages. In this article, we discuss examples of such research platforms and their benefits, including but not limited to the BEAT platform for biometric technology testing. After an analysis of the current and of the new territorial application rules under the data protection legislation, we investigate the consequences of these new rules for research and platforms in four particular situations. We warn and advise the regulator that research platforms and the use of other equipment for the collection and processing of personal data in the Union for research may escape from data protection legislation once the new data protection regulation applies. This is due to the revised territorial application rules in the new regulation. We therefore plead for more reflection and clear terminology and for keeping the criterion of the use of equipment for the territorial application of data protection legislation. Rejecting this criterion may result in considerable better (competitive) positions for non-Union companies and institutions collecting and using personal data collected in the Union for research as compared to Union research organisations.