“Data ownership” in the big data era: some thoughts on the new Bird&Bird White Paper – what’s next for the EU?

Few days ago, a Bird&Bird team (Benoit Van Asbroeck, Julien Debussche, and Jasmien César) published a white paper about “Data Ownership” in the EU legal framework (available here).

The paper is issued within the Toreador Project (Trustworthy model-aware analytics data platform – a three-year big data research project funded by the EU Commission), and fits within the EU Commission’s strategy towards data.

The White Paper makes a thorough analysis of the EU acquis on data ownership. In sum, the paper affirms that:

  1. no EU legislation directly regulating ownership in data exists;
  2. a number of legislations provides other forms of protection to certain data. In particular the IP law area, namely: database rights; copyright; and trade secrets. However, none of these provides an adequate protection of ownership in data (e.g., sui generis right does not protect data as such; trade secrets require information to remain secret, etc.);
  3. EU case-law does not acknowledge an ownership right in data, with minor exceptions at national level where Courts occasionally addressed the data ownership issue;
  4. scholars are suggesting a new interpretation of current civil law provisions;
  5. while the paper does not provide an extensive examine of data protection legislation, it suggests that personal data is not necessarily owned by individuals. Instead, an ownership right in personal data for data controllers can be recognised, although subject to the individuals’ control.

The paper concludes that the current legal framework does not sufficiently deal with all issues related to data. Indeed, the data ownership is complicatdata-cycleed by the data value cycle which can involve numerous stakeholders (ISPs, IT providers, data providers such as marketplaces, data analytics service providers, data-driven services, etc.). Actors involved in the data value chain have no certainty as to the ownership of the data they process. Hence, the data ownership issue would require a new solution. The paper suggests creating a non-exclusive and flexible ownership right in datasets, with a data traceability obligation as a safeguard. 

Many points of this White Paper are in line with our view. In a paper presented in a conference about a holistic approach on personal data held by the Max Plank Institute in October 2016 (some slides are available here), I analysed the interface between IP rights (database sui generis right and trade secrets) and data protection rules. The latter in fact allow data controllers to exercise control over data, thus creating a semi ownership regime (though some scholars say it should be seen as a sort of licence on personal data granted by individuals). And I concluded that this interface produces an ownership regime on data, which can be strong although it cannot cover all situations. Residual areas are currently regulated by contract or by technology measures.

Property in data challenges civil law principles: information has public nature; property and IP rights are subject to the numerus clausus principle; and res incorporales are generally not included in property rights. Whether a new right on data should be created is debated (in a recent public consultation promoted by the EU Commission, here, the market answered “no”). We however agree that such possible new right should not be exclusive nor absolute. An exclusive right would risk blocking access to data. Access to data appears crucial in this data driven-economy. Big data requires data reuse, data enrichment, and access to multiple sources of raw information (in certain cases, we won’t be surprised to think about big data as essential facilities). At the current stage, it is impossible to predict where value will be created. Thus, a flexible approach to data is welcomed.

In this context, instead of a property rule, a liability rule appears more balanced. In other words, in certain cases the new right should entitle the data owner to receive payment for its data but would not allow him to exclude other from its access. This solution should be introduced for commercial uses of data only. Research uses should instead remain free, in line with the approach taken by the proposed Directive on copyright in the Digital Single Market (here).

Francesco Banterle

Trade Secrets Directive: final text agreed between the European Parliament and the Council of Europe

On 15 December 2015 the European Parliament and the Council of Europe, through their respective internal bodies, the Legal Affairs Committee (JURI) and the Committee of Permanent Representatives (COREPER), reached an agreement on the final draft of the Directive (available here, see also our previous comment on the EU Commision’s proposal here).

The final version of the text was endorsed by the JURI on 28th January 2016. The European Parliament shall vote upon it in plenary session. Subsequently, the text shall be submitted to the Council of Europe for final revisions.

Following these steps, the European Member States will have 24 months to transpose the Directive. This time period will begin from the date of publication of the Directive in the Official Journal of the European Union, which is not due before March or April 2016.

During the negotiations, one of the main issues of debate between the European Parliament and the Council of Europe concerned the necessity to strike a balance between, on the one hand, the right of information, the freedom of expression and investigative journalism (so-called “whistle-blowing”) and, on the other hand, the protection of trade secrets.

For this purpose, the final text provides for guarantees for the preservation of each of these fundamental rights and strengthens the position of whistle-blowers, by stating, at Art. 1, that the Directive “shall not affect the exercise of the right of freedom of expression and information” and, at art. 4, that “the measures, procedures and remedies provided in this Directive are dismissed when the alleged acquisition, use or disclosure of trade secret was carried outfor revealing a misconduct, wrongdoing or illegal activity, provided that the respondent acted for the purpose of protecting the general public interest”.

Finally, the Directive will guarantee that its rules will not create unjustified barriers to worker’s mobility. Indeed, as underlined by the JURI, the Directive specifies, at Art. 1, that rules protecting trade secrets will not “[limit] employees’ use of the experience and skills honestly acquired in the normal course of their employment”, and that rules should not “[impose] any additional restrictions on employees in their employment contracts other than in accordance with EU or national law”.

Alessandro Massolo

Researcher at Osservatorio di proprietà intellettuale, concorrenza e comunicazioni, LUISS Guido Carli

Trade Secrets: EU Commission’s Proposal for a Directive

In November 2013, the European Commission (EC) proposed a draft Directive on “the protection of undisclosed know-how and business information (trade secrets) against unlawful acquisition, use and disclosure” (full text here). The draft was approved in May 2014 by the Council of the European Union (full text here).

The proposal is innovative, it has no precedent in EU legislation. It has the ambitious goal of aligning existing laws against the unlawful acquisition, use and disclosure of trade secrets across the EU. This impulse of harmonization is consistent and part of the broader strategy of the EC aiming at strengthening the single market for IP rights.

At the moment, the proposal is still under scrutiny following the ordinary EU legislative procedure. Therefore, the final directive is not due to be issued before the end of 2015.

The draft directive is the final step of a thorough assessment of the role played by trade secrets in enhancing innovation and competition within the EU market, in particular through their interaction with intellectual property, and of the legal framework governing them. The analysis was carried out on the basis of two external studies and consultations with stakeholders.

One of the main results of this assessment was that the legal framework governing trade secrets protection is highly fragmented throughout the EU. Hence, corporations have less incentives to do cross border investments in R&D or to exchange valuable information within the EU. Thus, the proposal starts by giving a uniform definition of trade secrets in accordance with existing international binding standards such as art. 39.2 of the TRIPS Agreement. Essentially, information is considered a trade secret when it is not easily accessible by an average expert in the field, it has a commercial value and it has been subjected to reasonable secrecy measures. Furthermore, the draft defines the relevant forms of unlawful acquisition, use and disclosure of trade secrets and clarifies that reverse engineering and parallel innovation shall be considered a lawful manner of appropriation of trade secrets.

Moreover, the proposal harmonizes the legal remedies available to plaintiffs to enforce the misappropriation of trade secrets: in particular, injunctions and corrective measures (i.e. the cessation of or prohibition on the use or disclosure of trade secrets, the prohibition on the production or import/export of “infringing goods” and the adoption of appropriate corrective measures with regard to the infringing goods), interim and precautionary measures at the request of trade secret holder, and the victim’s right to compensation for the damages caused by the unlawful use or disclosure of the misappropriated trade secret.

In conclusion, an analysis of this general framework indicates that trade secrets are not yet being elevated, in terms of status and legal protection, to the level of IP rights. In this manner, the proposal avoids the risk that patents, and their related pro-competitive effects such as disclosure of information, are replaced by trade secrets.

Alessandro Massolo

Researcher at Osservatorio di proprietà intellettuale, concorrenza e comunicazioni, LUISS Guido Carli