First and revision of public services information directive

The first EU project to maximize the economic potential of data was that of public data. This directive of November 17, 2003, aims to encourage and regulate the re-use of public sector data. These data are defined by this directive as “any content whatever its medium” emanating from the public sector body i.e. “means the State, regional or local authorities, bodies governed by public law and associations formed by one or several such authorities or one or several such bodies governed by public law”.

This text establishes a body of principles inherent to this reuse. It must be thought from the production of the data and must be encouraged without distinction of the final potential beneficiary. Moreover, this text puts a point of honor to the unification of the license system in order to accentuate the standardization as well as the accessibility to the data. Finally, the text also defines data sets with a high potential of valorization and recommends the implementation of programming interfaces (API) to make these data as accessible as possible and in real time.

In June 2013 the directive is updated by the commission, remaining in the logic of the first directive it intends to increase the scope and strengthen the principles set. We note for example:

• The extension of the data concerned to the data held by private companies in charge of public services (related to the public service)
• The principle of free provision is the one, the potential costs are restricted to the marginal cost of provision.
• Strengthen the obligation of publication for high value data set • Fight against exclusive agreement between public and private sector
• Involve state member to improve availability of data (through data portal for instance)

Open data directive

On July 16, 2019, the EU completes the 3rd step of opening and re-using public data via the open data directive. This directive strengthens the PSI directive by extending its scope to research data, transport, and energy sectors. Moreover, it sets more requirements on the availability of high value datasets and provides a list of datasets falling into this category. Finally, it further restricts the possibility of imposing fees on the provision of data, and clearly frames exclusive data agreements between a public entity and another actor.

Non-personal data regulation

On November 9, 2018, the European Commission enacts the Non-Personal Data Directive. This directive is the counterpart to GDPR for, the latter promulgated the principle of free movement of personal data upon request of the data subject. The directive of 2018 prohibits all legal requirements set by a member state when it comes to the location of non-personal data. In addition, this text reinforces the right to portability, especially between cloud service providers. We also note the strengthening of regulatory authorities in fact another provision guarantees the availability of data for regulatory control: public authorities will be able to access data for examination and control purposes wherever they are stored or processed in the EU.

European data strategy

In February 2021 the European Commission publishes a communication entitled “A European Data Strategy”. This communication is intended to be the first step towards a harmonization of existing regulation, in addition to the desire to have a pro-active regulation to stimulate the data economy as well as to protect European interests against foreign actors, especially American. This strategy is materialized, at the data level, by the Data Act and the Data Governance Act.

Data Act

On February 23, 2022 the Commission publish the first draft of the Data Act. This text is intended as the first stone of a regulation in favor of data sharing. It is also the first text that focuses on a regulation for commercial purposes for industrial data including personal data (still under the authority of the RGPD).

An important area of the Data Act is the sharing of data from the Internet of Things (IoT), it establishes the principle of sharing free data between the user of the connected object and the data holder (the one who collects the data from the object). Moreover, it protects the user by specifying that the use of data from the object must be subject to contractual clauses and prohibits anti-competitive behavior. In other words, the data holder cannot use the user’s data to compete with him.

This text also focuses on the usual provisions of the commission by facilitating data portability and lowering the costs of changing operators for cloud and edge services. We also note in the same logic the strengthening of interoperability standards for data to facilitate its reuse. Finally, the Data Act opens the possibility for public authorities under certain conditions to request private data (for example for crisis management).

Data Governance Act

On June 23, 2022 the Commission adopted the main text of its new data strategy, the Data Governance Act. This text is global, it intends to cover non-personal and personal, industrial, and public data. The text revolves around the mechanism of data sharing.

For public data, we note among other things, the prohibition of exclusive agreements on data. Moreover, a change of tone when it comes to public personal data or data with high strategic stakes, it is no longer a question of exempting them from the Open Data Directive, but of recommending to public authorities to anonymize them before publishing them. Regarding the sharing of industrial data, the DGA intends to set up data intermediation services. These neutral actors must facilitate on all levels the sharing of bilateral data. They must be economically and legally separate from any other data sharing stakeholder and base their business model on data sharing. They will be able to report to the competent national authorities to be labeled “data intermediation service”.

Another major contribution of the DGA is “Data Altruism” i.e., the voluntary sharing by individuals and companies of the data they have generated – without receiving a reward – so that it can be used for general public interest purposes. To achieve this goal, the DGA introduces a common European data altruism consent form that will facilitate the collection of data in all member states in a uniform format, while ensuring that consent can be given and withdrawn easily. This should provide legal certainty for researchers and companies wishing to use such data and create a framework of trust that will encourage data altruism and facilitate data sharing for societal purposes.

In the end, the DGA is the last legal text of the EU when it comes to regulation of data, and it truly symbolizes the legislative path of the commission. It started by operationalizing pre-existing rights, to protect consumers and to create a public data service. Then, in view of the technological progress, the commission brings a global regulation that aims at reinforcing the creation of value behind data sharing. The objectives behind the European regulation are not only commercial, but also aim at creating the trust necessary to establish viable ecosystems, as well as reinforcing the role of data to fulfill social and economic objectives.