On 23 February 2022, the European Commission published its proposal for a Data Act. After the Data Governance Act, the proposal is the second legislative element of the European Data Strategy presented in 2020. The proposed act aims to “ensure fairness in the allocation of value from data among actors in the data economy and to foster access to and use of data”.
The proposal marks a significant step in the EU’s data strategy. It contains provisions on access to data generated by connected devices, rules for business to government data sharing in the public interest, and interoperability provisions for shared data spaces. As such, it proposes a framework that will help building the European data commons and improve the use of data for public good
Our observatory tracks the further legislative development of the proposal as it moves through the European Parliament and the Council.
The Committee on Industry, Research and Energy publishes its draft report, containing amendments collected by Rapporteur Pilar del Castillo Vera (EPP). In total, the draft report contains 94 amendments.
CZ Presidency First Compromise Proposal on Chapter V
The Czech presidency of the Council of the European Union publishes a compromise proposal for Chapter V of the Data Act. The compromise constitutes the basis of the technical discussion taking place during the Telecom Working party meeting on 5 September. The text contains a new definition of public emergencies, including both natural and human-induced disasters, such as cybersecurity incidents; and further elaborates on the notion of public interest, which is now linked to situations where access to data, including metadata, is necessary for purposes related to local transport, city planning, and infrastructural services. The compromise also strengthens the principles of proportionality, transparency and purpose limitation in B2G contexts, with a restriction specifying that the European Commission and European agencies can have access to data shared in B2G contexts.
The high-level opinion by the Body of European Regulators for Electronic Communications focuses on discussing the Commission proposal from the perspective of setting the underlying conditions for an enforcement ecosystem based on cross-border cooperation among Member States authorities.
The Czech presidency of the Council of the European Union publishes a compromise proposal for the Data Act. The compromise constitutes the basis of the technical discussion taking place during the Telecom Working party meeting on 19 July and focuses on the first four chapters of the proposal. Notably, the definition of a product has been modified to any item able to collect or generate data and communicate it, including metadata, while the definition of users has been expanded to include public sector bodies. Finally, he overall text has been greater aligned with GDPR terminology for personal data protection.
On 21 June, we organized a panel discussion titled “Data Act: in-between policy and practice”, at the 2022 MyData Summit in Helsinki. The session provided a forum for an exchange of perspectives on the Data Act from public, private and civil society representatives.
This policy brief presents a model for public-interest B2G data sharing, aimed to complement the current proposal of the Data Act. The proposal includes the creation of the European Public Data Commons, a body that acts as a recipient and clearinghouse for the data made available.
We submit our feedback to the European Commission’s public consultation on the Data Act proposal, in which we generally welcome the proposal’s efforts to broaden access rights to machine-generated data while providing conditions for greater sharing and reuse of data. Our feedback identifies five points for the proposal to improve and deliver the objectives set in the European strategy for data: rules for business-to-government data sharing; review of the sui generis database rights; access right to machine-generated data; rules on interoperability; terminology and regulatory consistency.
JURI Committee publishes study on IP rights and open data sharing
The JURI Committee of the European Parliament published a study on Intellectual property rights and the use of open data and data sharing initiatives by public and private actors. The study outlines current developments in data-related practice, law and policy as well as the current legal framework for data access, sharing and use in the EU. On the basis of this analysis, the study evaluates the Commission’s proposal for a Data Act by identifying venues for improvement to address current barriers to data sharing in the single market. In particular, it proposes amendments to avoid contradicting enforcement competencies across Member States’ national authorities.
The European data protection board and the European data protection supervisor published their opinion on the Data Act. The opinion focuses on discussing the proposal from a perspective that acknowledges the risks posed by new harmonized rules on fair access to and use of data on data protection law. In particular, the opinion identifies three areas where significant improvement is needed: the rights to access, use and share data; the obligation to make data available in case of "exceptional need"; and the overall implementation and enforcement structure.
Alek finds that the impact of the proposed Data Act was assessed based solely on economic cost-benefit analysis. Important provisions on Business-to-Government (B2G) data sharing were evaluated without any methods for assessing societal value.
This note assesses the interconnectedness of the GDPR respectively with the Data Governance Act and Data Act, shedding light on the different inconsistencies between the two acts and the GDPR that risk hindering the overarching objective of the European strategy for data.
The Dataprotection landscape is a collaborative project which aims to keep track of data protection requirements stemming from EU activity in the field. It started after the publication of the GDPR in 2016 with the goal of providing more clarity on potential interpretations arising from data processing obligations. It is a full use of resources to understand the intersectionality of EU legislative initiatives in the field. The Data Act provisions have now been added to the repository. In total, following the Commission proposal, the authors identify 157 separate data processing provisions. As such, the Data Act repository functions as an important resource to allow anyone to link to a specific element of the Commission proposal.
The Center of European Policy Studies produced a policy brief “The EU Data Act: towards a new European data revolution?” on the regulatory intention behind the Commission proposal. The authors highlight that a variety of the Member States and other stakeholders are not necessarily aligned with the Commission’s regulatory intentions and that the final proposal is likely to be subject to fierce inter-institutional negotiations. They caution that, ultimately, this might significantly reduce the scope of the Data Act, therefore not leading towards a new European data revolution. In addition, they stress the importance of achieving effective enforcement across Member States agencies, given the high number of EU initiatives in the field which might lead to overlapping competencies.
MyData – one of the key players in the field of personal data governance – publishes a first reaction to the Data Act. In their reaction, titled "EU data act — making data portability actionable" they highlight the effects of the new data access provisions for consumers and businesses which they characterize as GDPR on steroids. In this light, according to their submission, is important to make sure that interoperability requirements are accompanied by well-defined APIs to make the right to data interoperability actionable. In addition, it is important to increase legal certainty on the relationship between the Data Act and the Data Governance Act.
Open Future reviewed the proposal for a Data Act released by the European Commission on 23 February and published three briefs on the issues of Interoperability, Access to Data and B2G Data Sharing in the public interest.
Digital Europe – the leading Digital European industry association – shares its position on the Data Act proposal. It argues that the Data Act will unleash value in the data economy if it acts as an enabler, rather than a set of restraining obligations.
In particular, Digital Europe expresses significant concerns that the new rules would undermine companies’ contractual freedom by replacing voluntary and commercially viable data sharing agreements. In addition, the current proposal would severely restrict international data transfers beyond the provisions set in the GDPR, therefore leading to significant economic losses for European digital business.
The value and use stemming from data sharing are conceptualized around a market logic, despite the collective societal benefits derived from society-wide access. The Data Act offers an opportunity to change this by attributing a public interest function to data sharing between the private and public sector.
Regulatory Scrutiny Board issues a positive opinion with reservations
The European Commission’s Regulatory Scrutiny Board issues a positive opinion with reservations on the impact assessment for the Data Act. The board finds that the internal Commission report has substantially improved on the problem definition and on the costs and benefits analysis.
However, it still finds it short in articulating its relationship with other legislative initiatives in the field, the scope of data access provisions for connected products and services, and on the conditions for business-to-government data sharing obligations in exceptional situations and public emergencies.
In this policy brief we review the EU policy debate on access and use of data in view of the upcoming Data Act. We provide arguments against the introduction of new property rights–including the sui generis database right–in favor of strengthening data access rights.
At MyData in the Netherlands, we co-hosted with Waag the workshop: "A closer look at data governance and the European data strategy: the Data Governance Act & the Data Act", during which we analyzed the EC's Inception Impact Assessment Document.
Regulatory Scrutiny Board issues a negative opinion
The European Commission’s Regulatory Scrutiny Board issues a negative opinion on the impact assessment for the Data Act. According to the internal review process, the Commission’s report falls short, first, in providing sufficient clarity on the purpose and scope of the initiative as well as on its relation with other initiatives in the field. Second, it lacks clarity on the precise design and content for policy options, in particular around the notion of fairness and public interest. Finally, the internal report does not sufficiently highlight the envisaged costs and benefits of the new measures as well as the difference in view between various categories of stakeholders.
The Netherlands publishes a non-paper on the upcoming Data Act
The Government of the Netherlands publishes a non-paper on the upcoming Data Act. The Dutch non-paper is the only document shared by a Member State prior to the publication of the Commission proposal. This is a strong signal that not all Member States are necessarily aligned with the Commission’s regulatory ambitions.
The document voices significant concerns towards binding data transfer obligations for business-to-business situations and business-to-government situations. Instead, it calls for the development of effective market incentives.
In addition, the non-paper calls the Commission to preserve an open economy by expanding on the existing right to data portability provisions, secure cooperation with international partners in cross-border data transfer situations and provide incentives for society-wide reuse of data by private and public stakeholders while respecting end-users and companies’ rights.
We submit our feedback to the European Commission’s roadmap consultation on the Data Act & amended rules on the legal protection of databases. In our feedback, we discuss the proposal from a perspective that acknowledges public interest data use, and the fundamental role played by Open Data and Open Access Commons data sharing in the overall data ecosystems. It is important to complement the market-based approach to data sharing with a perspective that acknowledges a societal perspective of data governance, rooted in public interest data use and individual end-users rights.
To improve the measure, business-to-government data sharing should be limited to public interest uses, the Sui Generis Database right introduced by the 1996 Database Directive should be repealed and to improve B2B data sharing strong interoperability measures should be considered.