European Proposal for a Data Act: A First Assessment - International Center for Law & Economics
Focus Areas:    Data Security | EU | Platforms | Privacy | Remedies

European Proposal for a Data Act: A First Assessment

Centre on Regulation in Europe View Original

INTRODUCTION AND BACKGROUND

On 23 February 2022, the European Commission unveiled its proposal for a Data Act (DA).[1] As declared in the Impact Assessment,[2] the DA complements two other major instruments shaping the European single market for data, such as the Data Governance Act[3] and the Digital Markets Act (DMA),[4] and is a key pillar of the European Strategy for Data in which the Commission announced the establishment of EU-wide common, interoperable data spaces in strategic sectors to overcome legal and technical barriers to data sharing.[5] The DA also represents the latest effort of European policy makers to ensure free flows of data through a broad array of initiatives which differ among themselves in terms of scope and approach: some interventions are horizontal, others are sector-specific; some mandate data sharing, others envisage measures to facilitate the voluntary sharing; some introduce general data rights, others allow asymmetric data access rights.

Notably, the General Data Protection Regulation (GDPR) enshrined a general personal data portability right for individuals,[6] the Regulation on the free flow of non-personal data facilitated business-to- business data sharing practices,[7] the Open Data Directive aimed to put government data to good use for private players,[8] and the Data Governance Act attempted to harmonising conditions for the use of certain public sector data and further promoting the voluntary sharing of data by increasing trust in neutral data intermediaries that will help match data demand and supply in the data spaces.[9] Sector- specific legislations on data access have also been adopted or proposed to address identified market failures, such as in the automotive,[10] payment service providers,[11] smart metering information,[12] electricity network data,[13] intelligent transport systems,[14] renewables,[15] and energy performance of buildings.[16]

Against this background, given that the DA is a horizontal legislative initiative fostering data sharing by unlocking machine-generated data and overcoming vendor lock-in, an issue of coherence with existing and forthcoming EU data-related legislations emerges.

The premise of such regulatory intervention is provided by the fact that an ever-increasing amount of data is generated by machines or processes based on emerging technologies, such as the Internet of Things (IoT), and is used as a key component for innovative services and products, in particular for developing artificial intelligence (AI) applications.[17] The ability to gather and access different data sources is crucial in order for IoT innovation to thrive. IoT environments are possible as long as all sorts of devices can be interconnected and can exchange data in real-time. Therefore, access to data and data sharing practices are pivotal factors for unlocking competition and incentivising innovation.

From this perspective, the proposal for a DA represents the last episode of a long thread of European Commission interventions. Since the 2015 Digital Single Market Communication, the Commission has indeed emphasised the central role played by big data, cloud services, and the IoT for the EU’s competitiveness, also pointing out that the lack of open and interoperable systems and services and of data portability between services represents a barrier for the development of new services.[18] The issue of (limited) access to machine-generated data has been raised in the 2017 Communication on the European Data Economy,[19] where the Commission envisaged some potential interventions which are now advanced by the DA, as well as in more recent Commission’ Communications on a common European data space and a European strategy for data.[20] In particular, the latter indicated the “issues related to usage rights for co-generated data (such as IoT data in industrial settings)” as a priority area for a legislative intervention.[21]

Moreover, the IoT economy has been the subject of a recent sector inquiry which offered a comprehensive insight into the current structure of IoT environments and the competitive dynamics that are shaping their development.[22] In particular, the Commission underlined the role of digital ecosystems within which a huge number of IoT interactions take place and identified the most widespread operating systems and general voice assistants as the key technological platforms that connect different hardware and software components of an IoT business environment, increase their complementarity as well as provide a single access point to diverse categories of users.[23] Against this backdrop, interoperability is deemed to play a crucial role in improving consumer choice and preventing lock-in into providers’ products.

To contribute to the current policy debate, this paper will provide a first assessment of the tabled DA and will suggest possible improvements for the ongoing legislative negotiations. The paper is structured as follows. Section 2 deals with the problems addressed and the objectives pursued by the legislative initiative. Section 3 analyses the scope of the new data access and sharing right for connected devices. Then, Section 4 investigates the provisions aimed at favouring business-to- government data sharing for the public interest. Section 5 deals with the rules which tackle the vendor lock-in problem in data processing services by facilitating switching between cloud and edge services. Section 6 analyses the requirements set forth regarding interoperability. Finally, Section 7 concludes by addressing the governance structure. Each section briefly summarises the DA proposal and then makes a first assessment with suggestions for improvements.

[1] European Commission, ‘Proposal for a Regulation of the European Parliament and of the Council on harmonised rules on fair access and use of data (Data Act)’ COM(2022) 68 final.

[2] Commission Staff Working Document, Impact Assessment Report accompanying the Proposal for a Regulation on harmonised rules on fair access to and use of data (Data Act) SWD(2022) 34 final, 1.

[3] Regulation (EU) 2022/868 on European data governance (Data Governance Act) [2022] OJ L 152/1.

[4] Regulation (EU) on contestable and fair markets in the digital sector (Digital Markets Act).

[5] European Commission, ‘A European strategy for data’ COM(2020) 66 final.

[6] Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, [2016] OJ L 119/1, Article 20.

[7] Regulation (EU) 2018/1807 on a framework for the free flow of non-personal data in the European Union, [2018] OJ L 303/59.

[8] Directive (EU) 2019/1024 on open data and the re-use of public sector information, [2019] OJ L 172/56.

[9] Data Governance Act, supra note 3.

[10] Regulation (EU) 2018/858 on the approval and market surveillance of motor vehicles and their trailers, and of systems, components and separate technical units intended for such vehicles, amending Regulations (EC) No 715/2007 and (EC) No 595/2009 and repealing Directive 2007/46/EC, [2017] OJ L 151/1.

[11] Directive (EU) 2015/2366 on payment services in the internal market, [2015] OJ L 337/35, Article 67.

[12] Directive (EU) 2019/944 on common rules for the internal market for electricity and amending Directive 2012/27/EU, [2019] OJ L 158/125; and Directive 2009/73/EC concerning common rules for the internal market in natural gas and repealing Directive 2003/55/EC, [2009] OJ L 211/94.

[13] Regulation (EU) 2017/1485 establishing a guideline on electricity transmission system operation, [2017] OJ L 220/1; and Regulation (EU) 2015/703 establishing a network code on interoperability and data exchange rules, [2015] OJ L 113/13.

[14] Directive 2010/40/EU on the framework for the deployment of Intelligent Transport Systems in the field of road transport and for interfaces with other modes of transport Text with EEA relevance, [2010] OJ L 207/1.

[15] Proposal for a Directive amending Directive (EU) 2018/2001, Regulation (EU) 2018/1999 and Directive 98/70/EC as regards the promotion of energy from renewable sources, and repealing Council Directive (EU) 2015/652, COM(2021) 557 final.

[16] Proposal for a Directive on the energy performance of buildings (recast), COM(2021) 802 final.

[17] On the economic value of data, see Jan Krämer, Daniel Schnurr, and Sally Broughton Micova (2020), ‘The role of data for digital markets contestability’, CERRE Report https://cerre.eu/wp-content/uploads/2020/08/cerre- the_role_of_data_for_digital_markets_contestability_case_studies_and_data_access_remedies-september2020.pdf.

[18] European Commission, ‘A Digital Single Market Strategy for Europe’, COM(2015) 192 final, 14.

[19] European Commission, ‘Building a European Data Economy’, COM(2017) 9 final, 12-13.

[20] European Commission, ‘A European strategy for data’, supra note 5, 10; and European Commission, ‘Towards a common European data space’, COM(2018) 232 final, 10.

[21] European Commission, ‘A European strategy for data’, supra note 5, 13, and 26.

[22] European Commission, ‘Final Report – Sector inquiry into consumer Internet of Things’ COM(2022) 19 final.

[23] Commission Staff Working Document accompanying the ‘Final Report – Sector inquiry into consumer Internet of Things’ COM(2022) 10 final.

Download PDF