The Data Governance Act (DGA) is applicable since 24 September 2023[1] and it outlines aset of rules for providers of data intermediation services (so-called data intermediaries, such as data marketplaces) to ensure that they will function as trustworthy organisers of data sharing or pooling within the common European data spaces. In order to increase trust in data sharing, this new approach proposes a model based on the neutrality and transparency of data intermediaries whilst putting individuals and companies in control of their data. In addition, the DGA lays the groundwork for the creation of data intermediary services and data altruism organisations.
Relevant to the FAME data intermediation activities, pursuant to the DGA, data intermediaries are meant to function as neutral third parties that connect individuals and companies with data users. While they may charge for facilitating the data sharing between the parties, they cannot directly use the data that they intermediate for financial profit (e.g. by selling it to another company or using it to develop their own product based on this data). Data intermediaries will have to comply with strict requirements to ensure this neutrality and avoid conflicts of interest. In practice, this means that there must be a structural separation between the data intermediation service and any other services provided (i.e. they must be legally separated). Also, the commercial terms (including pricing) for the provision of intermediation services should not be dependent on whether a potential data holder or data user is using other services. Any data and metadata acquired can be used only to improve the data intermediation service.
To the extent that FAME will operate as a data intermediation service, provisions in the DGA will be of direct relevance.
[1] Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance and amending Regulation (EU) 2018/1724 (Data Governance Act)
Legal basis for Data Governance Act
The Data Governance Act promotes the re-use of certain categories of data and applies to those held by public authorities but also provides certain organizational rules for data intermediary service providers.
It refers publicly held data that is protected on the following grounds:
- Commercial confidentiality
- Statistical confidentiality
- Third party IPR protection
- Protection of personal data
Key Definitions
- Re-use; use by natural or legal persons of data held by public sector bodies, for commercial or non-commercial purposes other than the initial purpose within the public task for which the data were produced, except for the exchange of data between public sector bodies purely in pursuit of their public tasks.
- Non-personal data; data other than personal data.
- Data holder; a legal person, including public sector bodies and international organisations, or a natural person who is not a data subject with respect to the specific data in question, which, in accordance with applicable Union or national law, has the right to grant access to or to share certain personal data or non-personal data.
- Data user; means a natural or legal person who has lawful access to certain personal or non-personal data and has the right to use that data for commercial or non-commercial purposes.
- Data intermediary service; a service which aims to establish commercial relationships for the purposes of data sharing between an undetermined number of data subjects and data holders on the one hand and data users on the other, through technical, legal or other means, including for the purpose of exercising the rights of data subjects in relation to personal data.