Annexes to COM(2018)232 - "Towards a common European data space" - Main contents
Please note
This page contains a limited version of this dossier in the EU Monitor.
| dossier | COM(2018)232 - "Towards a common European data space". |
|---|---|
| document | COM(2018)232  |
| date | April 25, 2018 |
a) Transparency: The relevant contractual agreements should identify in a transparent and understandable manner (i) the persons or entities that will have access to the data that the product or service generates, the type of such data, and at which level of detail; and (ii) the purposes for using such data.
b) Shared value creation: The relevant contractual agreements should recognise that, where data is generated as a by-product of using a product or service, several parties have contributed to creating the data.
c) Respect for each other's commercial interests: The relevant contractual agreements should address the need to protect both the commercial interests and secrets of data holders and data users.
d) Ensure undistorted competition: The relevant contractual agreements should address the need to ensure undistorted competition when exchanging commercially sensitive data.
e) Minimised data lock-in: Companies offering a product or service that generates data as a by-product should allow and enable data portability as much as possible 39 . They should also consider, where possible and in line with the characteristics of the market they operate on, offering the same product or service without or with only limited data transfers alongside products or services that include such data transfers.
As the debate on business-to-business data sharing is ongoing and more experience is garnered over time, this Communication will launch a further consultation process with stakeholders. Based on the analysis of the information gathered, these principles may evolve further. The Commission will continue to assess whether such amended principles and possible codes of conduct prove to be sufficient in order to maintain fair and open markets and will address the situation if necessary by taking appropriate action. As a result of the difference in structure of individual markets, they may need to be complemented by sector-specific measures.
As part of the Digitising European Industry 40 initiative, the Commission has already taken action to support industry, among other things by giving financial assistance to industrial data platforms and innovation hubs under the Horizon 2020 programme. As a continuation of these efforts, the research and innovation measures under Horizon 2020 in 2018-2020 41 (in particular the ʻindustrial and personal data platformsʼ) promote the development of trusted and secure platforms and privacy-aware analytics methods for the secure sharing of proprietary industrial data and personal data explicitly, while facilitating compliance with relevant legislation (such as data protection legislation).
The Support Centre for data sharing under the Connecting Europe Facility programme will put in place a set of measures to make it easier to share private sector data in addition to public sector data. It will offer know-how and assistance on data sharing by providing best practice examples and information on APIs, existing model contracts and other legal and technical aspects. It will also help in further developing the guidance set out in the staff working document accompanying this communication 42 ; checklists and, if it is considered useful, model contract clauses could be developed. The work will take into account the results of the Interoperability Programme for the period 2016-2020 (ISA2).
The Commission will also explore further the fostering of application programming interfaces in, for example, e-government and actions surrounding the use of the once only principle. Today, many companies have large assets of unused data and they do not have the resources or the capacity to analyse the data or to create commercially interesting services around their data. With a suitable use of application programming interfaces, this may open up for the creation of start-up ecosystems, drawing value from an unused asset and helping the host companies to create new services and products. This has been the case in the financial sector where the access to certain bank data, via the use of well designed application programming interfaces, has opened up for a whole new ecosystem of financial services like personalised advice on daily spending patterns, all under the control and management of the financial institutions that would not, otherwise, offer such services. The set-up and use of application programming interfaces needs to be based on several principles: stability, maintenance over the lifecycle, uniformity of use and standards, user-friendliness as well as security.
Finally, the Commission will continue to facilitate tests and demonstrations in selected areas, for example for the large-scale deployment of connected and automated mobility on digital cross-border corridors. The work on these corridors results from the Letter of Intent signed by 29 Member States and EEA countries, the Frankfurt Round Table with industry and Member States and the Digital Day 2018, where EU and EEA Member States and relevant industry stakeholders signed up for these actions. The experience on these corridors will inter alia test the technical and legal means of access to and reuse of in-vehicle data and other commercial relevant data in the connected and automated mobility eco-system and the experiences may contribute to further EU guidance addressing this aspect of the Digital Single Market.
b) Access to private sector data for public interest purposes – business-to-government (B2G) data sharing
The Commission is also examining data sharing between businesses and the public sector. Public sector bodies have started to assess the potential of data analytics to guide policy decisions or improve public services by deploying a significant number of pilots.
Data held by companies, such as telecoms operators, online platforms, car manufacturers, retailers or social media is highly relevant in this context. Its use can, for example, lead to a more targeted response to epidemics, better urban planning, improved road safety and traffic management, as well as better environmental protection, market monitoring or consumer protection.
When compiling official statistics, analysis of such data can be more cost-efficient and produce faster outcomes on aspects such as population movements, prices, inflation, the internet economy, energy or traffic. This can also lower the burden on companies and citizens by avoiding survey questionnaires. The 2017 Communication ʻBuilding a European Data Economyʼ 43 discussed these opportunities, and in the mid-term review of the Digital Single Market strategy the Commission committed to exploring this issue further.
The results of the consultation undertaken in the context of the review of the Directive on reuse of public sector information 44 showed support for the idea of improving access to private sector data for public authorities and scientific purposes in general. However, data holders pointed to the need to address a number of issues, including compensation, allowing to recover the investments made into collecting or adapting the data.
Any action taken in this respect shall be fully compliant with the legislation on the protection of personal data.
Taking into account the existing experience and the results of the consultation of stakeholders, the Commission considers that the respect of the following key principles could support the supply of private sector data to public sector bodies under preferential conditions for re-use.
a) Proportionality in the use of private sector data: Requests for supply of private sector data under preferential conditions for re-use should be justified by clear and demonstrable public interest. The request for private sector data should be adequate and relevant to the intended public interest purpose and be proportionate in terms of details, relevance and data protection. The cost and effort required for the supply and re-use of private sector data should be reasonable compared with the expected public benefits.
b) Purpose limitation: The use of private sector data should be clearly limited for one or several purposes to be specified as clearly as possible in the contractual provisions that establish the business-to-government collaboration. These may include a limitation of duration for the use of these data. The private sector company should receive specific assurances that the data obtained will not be used for unrelated administrative or judicial procedures; the strict legal and ethical provisions governing statistical confidentiality in the European Statistical System could serve as a model in this regard.
c) ʻDo no harmʼ: Business-to-government data collaboration must ensure that legitimate interests, notably the protection of trade secrets and other commercially sensitive information, are respected. Business-to-government data collaboration should allow companies to continue being able to monetise the insights derived from the data in question with respect to other interested parties.
d) Conditions for data re-use: business-to-government data collaboration agreements should seek to be mutually beneficial while acknowledging the public interest goal by giving the public sector body preferential treatment over other customers.
This should be reflected in particular in the level of compensation agreed, the level of which could be linked to the public interest purpose pursued.
Business-to-government data collaboration agreements that involve the same public authorities performing the same functions should be treated in a non-discriminatory way.
Business-to-government data collaboration agreements should reduce the need for other types of data collection such as surveys. This should reduce the overall burden on citizens and companies.
e) Mitigate limitations of private sector data: To address the potential limitations of private sector data, including potential inherent bias, companies supplying the data should offer reasonable and proportionate support to help assess the quality of the data for the stated purposes, including through the possibility to audit or otherwise verify the data wherever appropriate. Companies should not be required to improve the quality of the data in question. Public bodies, in turn, should ensure that data coming from different sources is processed in such a way to avoid possible ʻselection biasʼ.
f) Transparency and societal participation: business-to-government collaboration should be transparent about the parties to the agreement and their objectives. Public bodies’ insights and best practices of business-to-government collaboration should be made publicly available as long as they do not compromise the confidentiality of the data.
The Commission will organise a high-level round table on access to private sector data for public interest reasons to further reflect on this topic. Due attention will be paid to the advanced degree of maturity of the discussion in some domains (e.g. the re-use of such data for official statistics). The principles above will be proposed as the basis for further discussions with stakeholders. The Commission will continue to assess whether these measures prove to be sufficient in facilitating business-to-government data sharing and it will address the situation if necessary by taking appropriate action, including possible measures in specific sectors.
5) Conclusion
In this Communication the Commission has presented measures that will make it easier for businesses and the public sector to access and re-use data coming from different sources, sectors and disciplines in the EU. Together with the initiatives that are already in place, such as the new regulatory framework for the protection of personal data that enters into force in May 2018, the proposal on the free flow of non-personal data and the initiatives on boosting connectivity and encouraging high-performance computing, these measures will create a truly European common data space supported by both EU-wide policy measures and targeted research and innovation funding. These are essential for EU economic growth and competitiveness.
The Commission calls on the co-legislators to work towards a rapid adoption of the legislative element of the proposed data package 45 to ensure that the EU can fully benefit from the opportunities offered by the data economy. It also calls on the Member States and all other stakeholders to contribute to the announced measures and initiatives.
(1)
From 1.99% of EU GDP in 2016 to 4% in 2020, IDC 2017, European Data Market Study, Final Report.
(2)
OJ L 119, 4.5.2016, p. 1.
(3)
COM(2017) 495 final.
(4)
COM(2017) 9 final.
(5)
https://ec.europa.eu/digital-single-market/en/news/public-consultation-building-european-data-economy
(6)
COM(2017) 228 final.
(7)
COM(2018) 234.
(8)
C(2018) 2375.
(9)
SWD(2018) 125.
(10)
Organisations whose main activity is producing data-related products, services, and technologies.
(11)
OECD, Data-driven innovation. Big Data for Growth and Well-being, 2015.
(12)
Staff Working Documents on the evaluations of both the Machinery Directive and the Product Liability Directive and a Staff Working Document on liability for emerging digital technologies.
(13)
SWD(2018) 127.
(14)
Directive 2003/98/EC of the European Parliament and of the Council of 17 November 2003 on the re-use of public sector information .
(15)
https://www.europeandataportal.eu/
(16)
Commission Decision 2011/833/EU on the re-use of Commission documents .
(17)
https://data.europa.eu/euodp/en/home
(18)
COM(2018) 234.
(19)
The main problem of such arrangements is that they lead to one or very few re-users exploiting the data in practice and that this limited re-use is due not to the specifics of the market but to the way in which the public-private arrangement was concluded. The increased transparency of the process aims at limiting the 'excessive first-mover advantage' by a) allowing any company to learn about the data being available and b) increasing the chance of a wider range of re-users actually exploiting the data in question.
(20)
Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases .
(21)
SWD(2018) 146.
(22)
A single-source database means that there is no other source to data than by relying on the one database.
(23)
SWD(2018) 145.
(24)
Directive 2007/2/EC of the European Parliament and the Council of 14 March 2007 .
(25)
http://data.europa.eu/europeandataportal .
(26)
https://ec.europa.eu/digital-single-market/en/news/connecting-europe-facility-cef-telecom-work-programme-2018-adopted .
(27)
https://cohesiondata.ec.europa.eu .
(28)
COM(2018) 22 final.
(29)
http://data.consilium.europa.eu/doc/document/ST-9526-2016-INIT/en/pdf.
(30)
SWD(2018) 83 final.
(31)
C(2012) 4890 final.
(32)
COM(2016) 178 final.
(33)
COM(2017) 228 final.
(34)
C(2018) 2375.
(35)
COM(2018) 234.
(36)
SWD(2018) 125 "Guidance on sharing private sector data in the European data economy" consisting of two parts: one dealing with data sharing in business-to-business (B2B) relations, and one addressing data sharing in business-to-government (B2G) contexts.
(37)
https://ec.europa.eu/digital-single-market/en/news/public-consultation-building-european-data-economy
(38)
COM(2017) 9 final, p. 11.
(39)
E.g. data produced by robots in the context of industrial processes, relevant for provision of after-sales services (e.g. repair and maintenance), or data on the rating of service providers.
(40)
COM(2016) 180 final.
(41)
http://ec.europa.eu/research/participants/data/ref/h2020/wp/2018-2020/main/h2020-wp1820-leit-ict_en.pdf .
(42)
SWD(2018) 125.
(43)
See also: Commission Staff Working Document SWD(2017) 2 final.
(44)
COM(2018) 234.
(45)
COM(2018) 234.