Data Act Series - Part 1: Introdution - Structure and Content of the Draft

Data plays a central role in our networked world. Yet its potential is far from being exploited. Where data is created, rights are often not clarified. Data ownership - that much is clear - cannot be the right instrument to clarify the challenges in dealing with data. Rather, what is needed are clearly regulated access rights to the data.

Promote Data Use

In the past spring, the EU Commission presented a draft Data Act to regulate access to data. In doing so, it wants to ensure a fair distribution of the value created from data and promote the use of data. The overriding goal is to ensure the innovation and competitiveness of companies in all sectors.

Part of an Overarching Strategy

The Data Act is part of an overarching strategy of the EU Commission to regulate Europe's digital future. This includes the 2016 General Data Protection Regulation (GDPR) and the Data Governance Act.

The draft Data Act consists of a total of 42 articles divided into 11 chapters. Chapter 1 defines the subject matter and scope of the regulation. It essentially deals with the provision of data as well as the rights and obligations of data owners, users and data recipients arising therefrom. The regulation pays particular attention to the role of the public sector.

Specifically, the Data Act addresses the following target groups within the EU:

  • Manufacturers of products and providers of related services,

  • The users of these products and services,

  • Data owners who provide data to recipients,

  • Data recipients,

  • Public agencies and bodies and other entities that require data holders to provide data,

  • Data owners who provide such data,

  • Data processing service providers.

Rights and duties

This defines the rights and obligations of users, data owners and third parties. This includes the so-called "accessibility by default". This means that products must be designed and associated services provided in such a way that the data generated during their use can be accessed simply, securely and directly. The user's access claim also includes the possibility of passing on the data to third parties.

The 3rd chapter deals with obligations for data holders. Here, the conditions are defined under which data owners make data available to recipients. In this context, the data owner must be remunerated appropriately. The specially provided bodies for resolving disputes must be accessible to both parties.

To protect small and medium-sized enterprises, chapter 4 regulates how to deal with unfair terms. A term is unfair if its use clearly deviates from good business practice and violates the principle of good faith. If a clause is classified as unfair, it is not binding.

Chapter 5 governs the exceptional need to provide data to public agencies. These are cases in which data must be used to prevent and respond to a public emergency. Under certain circumstances, this data may also be made available to research institutions acting in the public interest.

The Data Act aims to make switching between data processing services as easy as possible (chapter 6). To this end, obstacles are to be removed, and fees for switching are also to be gradually eliminated.

The other chapters deal with safeguards for non-personal data in the international environment, interoperability requirements for data, procedural requirements for implementation, and other provisions.

Comprehensive governance regulation

In summary, the Data Act regulates data governance in the use of products and associated services comprehensively and for the first time. It thus complements the GDPR. In its approach, the Data Act follows a logic of ownership. It places the data owner at the centre. He can be granted comprehensive rights to the data.

In the subsequent parts of this series, the following aspects shall be covered:

  • Distinction from the GDPR

  • Distinction from other legal acts

  • Which claims and obligations exist for which parties?

Given the scope of the regulation, it is a challenge to keep track of the changes relevant to your own company. We support you and advise on all aspects of IT law. In doing so, we help you to identify relevant topics and regulate them contractually.

Background information:

Teaser from 27.07.22

More #innovation and #competition through data: That's what the #EU wants to achieve with the #DataAct.

The @Deutsche Anwaltverein welcomes the EU proposal, but criticizes some details. For example, the definition of the "data holder" as the central addressee of the obligation is unclear. The DAV is particularly critical of the transfer of data protection rules to non-personal data. In addition, the DAV demands that business secrets must be protected at all costs in any #data exchange.

👉 on the DAV statement:

#DataEconomy #data #legaladvice #businesslaw #businesslaw #webp

Teaser from 22.02.22

A new #Data Act for Europe: The new legal framework presented by the #EU on February 23, 2022 is intended to offer more innovation and competition. The so-called Data Act-E is intended to fundamentally change the framework conditions for accessing and using data. Competition Commissioner Margrethe Vestager explains "We want to give consumers and businesses even more say over what can happen to their data by clarifying who has access to it and under what conditions."

👉 to EU press release:

#DataAct #DataEconomy #legaladvice #businesslaw #businesslaw #webp

Data Act Series

  1. Introduction: structure and content

  2. Distinction from the GDPR

  3. Distinction from other legal acts

  4. What are the claims and obligations for which parties ?

Michaela Witzel, LL.M. (Fordham University School of Law),
Certified Expert for IT Law