Tag: data ownership

First results of the public consultation on revision of the EU Database Directive

IPlens1 Comment

Last 6 October, the European Commission published the first results of the public consultation on revision of the Database Directive 96/9/EC (here) that took place between 24 May and 30 August 2017 (here).

Among the various initiatives to foster European data economy, the European Commission is conducting an ex-post evaluation of the Database Directive. In its view, the Directive should play a key role in increasing legal certainty for database makers and users, and enhancing the re-use of data.

There is however little evidence regarding the application and effects of the Directive. The previous report published in 2005 concluded that “the economic impact of the ‘sui generis’ right on database production is unproven” (here). The 2005 Report (not really positive) invited for more analysis on the Directive’s effects.

After more than 10 years, where the CJEU had to clarify the boundaries of the sui generis right, the aim of the consultation is “to understand how the Database Directive, and in particular the sui generis protection of databases, is used, to evaluate its impact on users and to identify possible needs of adjustment”.

The European Commission asked in particular if:

  1. by creating the sui generis right, the Directive has protected investment in the creation updating or maintenance of a database
  2. the Directive is encouraging investments in advances information processing systems
  3. the Directive reached a good balance between interest of rightholders and users
  4. the Directive has achieved harmonisation
  5. national contract law give more legal certainty than sui generis protection when it comes to prevention of extracting or re-using database content
  6. the Directive still fit for purpose in an increasingly data driven economy

Respondents were a mix of business, academics/research institutions, trade associations, and non-governmental organizations.

At a first glance views are divided, particularly in relation to whether [I have tried to count the answers, including the report of the anonymous replies, taking aside hesitant positions – so apologies for any inaccuracy]:

  • the Directive sufficiently protects investments in creating databases (II.2.1) – pro: 45 / contra 25
  • the Directive has achieved its objective to protect and stimulate a wide variety of databasesand innovation in advanced processing systems (II.2.2) – pro: 38/ contra 39, and development of the data market (II.3.9) – pro: 39/ contra 39
  • the current scope of the sui generisright is still satisfactory (III.5.1) pro (satisfactory – too narrow): 42 / contra (too broad – unclear): 53
  • the original objectives of the Directive are still in line with the needs of the EU (III.1) – pro: 53/ contra 39
  • the Directive is coherent with the EU Data Economy Package objectives (III.4.4) pro: 27 / contra: 34
  • the sui generis right has brought more legal certainty for database makers (II.3.1) – pro: 43 / contra: 42, and lawful users (II.3.2) – pro: 38 / contra: 47
  • the Directive achieves a good balance between interests of rightholders and users (II.2.4) – pro: 32 / contra 49
  • the Directive had a positive effect on (i) access to data (II.3.5) – pro 29 / contra (negative or no effect) 57; or (ii) re-use of data (II.3.6) – pro: 30 / contra (negative or no effect) 51
  • national case law gives more legal certainty than the sui generis right (II.2.6) – pro: 30 / contra: 35
  • whether the Directive still fit for purpose in an increasingly data driven economy (2g) – pro: 36 / contra: 47
  • whether the restriction drawn by the CJEU on the scope of the sui generis right (i.e., no protection of the investment made in the creation of data) had positive effect on the scope of the protection of database (III.9.1) – pro: 33 / contra: 27
  • The sui generis right should apply to databases which contain automatically collected and/or machine-generated data (III.10.2) – pro: 20 / contra: 36

As said, opinions are divided, although at a first glance, the general outcome seems not very positive.

It is difficult to foresee which adjustments the European Commission is willing to propose, if any. It is known that the introduction of the sui generis right has been largely criticized (going in the opposite direction than that endorsed by Feist in the US). And it does not seem that any other country has been inspired by and replicated our EU database protection system. Both the 2005 evaluation and this public consultation highlighted that the subject matter and the extension of the sui generis right are often unclear. Indeed, the CJEU intervention has been necessary to limit an excessive extension and the possibility to protect the investments in the creation of data (only those relating collection, verification and presentation of data can be protected – see here and here). However, the points raised in this consultation seem to suggest that the European Commission is trying to question the CJEU approach. The European Commission indeed has inquired about the respondents’ approval of the CJEU interpretation (to ask whether they would instead include also the creation of data under the database right) and whether businesses have appetite to explore the extension of rights also in non-personal raw data (machine generated data), at the moment excluded by the scope of the database right (that requires the investment in the “organization” of data – i.e., the contrary of “raw” data). Thus it seems that apparently the goal is finding confirmations from the market to legitimize a stronger legislative approach to data.

As a confirmation, the European Commission has already launched at least two other recent consultations about the opportunity to strengthen the legislative approach to data, respectively in (i) 2016, see the “Synopsis report – public consultation on the regulatory environment for data and cloud computing”, of 12 May 2016 here at § 4.2.4.; and (ii) in 2017, see the “Synopsis report – public consultation on building a European data economy, of 7 September 2017, here, at p. 5. However, the answer of the market seems always the same: the data value chains are extremely varied, making it difficult to design one-size-fits-all solutions, and freedom of contract should prevail (see here for our comments against the introduction of new exclusive rights in data).

Instead, adjustment can be introduced in the boundaries of the exclusive given by the sui generis right, such as the concept of “substantiality” of the extraction/re-use (Art. 7 of the Database Directive) and – above all – exceptions. Exceptions – especially those for research – should be made mandatory and not optional (see Articles 6.2 and 9 of Database Directive). In this regard, it should also be advisable to introduce the Text and Data Mining (TDM) exception suggested by the DSM Copyright Directive Proposal (see our comments here). However, we repeat that the new exception should allow also TDM for commercial purposes although based on compensation (paying access), in order to stimulate auto-regulation and new access schemes. TDM is not competing with the exploitation of the original database (in line with Art. 8.2 of the Database Directive) and seems instead a good mechanism to ensure flexibility and open data (that is a real instrument to foster a European data market).

In any case, the public consultation should push the European Commission to analyze the economic impact of the ‘sui generis’ right, in order to justify its stay in the EU acquis. We will keep monitoring the next communications from the European Commission on this issue.

Francesco Banterle

“Data ownership” in the big data era: some thoughts on the new Bird&Bird White Paper – what’s next for the EU?

IPlensLeave a comment

Few days ago, a Bird&Bird team (Benoit Van Asbroeck, Julien Debussche, and Jasmien César) published a white paper about “Data Ownership” in the EU legal framework (available here).

The paper is issued within the Toreador Project (Trustworthy model-aware analytics data platform – a three-year big data research project funded by the EU Commission), and fits within the EU Commission’s strategy towards data.

The White Paper makes a thorough analysis of the EU acquis on data ownership. In sum, the paper affirms that:

  1. no EU legislation directly regulating ownership in data exists;
  2. a number of legislations provides other forms of protection to certain data. In particular the IP law area, namely: database rights; copyright; and trade secrets. However, none of these provides an adequate protection of ownership in data (e.g., sui generis right does not protect data as such; trade secrets require information to remain secret, etc.);
  3. EU case-law does not acknowledge an ownership right in data, with minor exceptions at national level where Courts occasionally addressed the data ownership issue;
  4. scholars are suggesting a new interpretation of current civil law provisions;
  5. while the paper does not provide an extensive examine of data protection legislation, it suggests that personal data is not necessarily owned by individuals. Instead, an ownership right in personal data for data controllers can be recognised, although subject to the individuals’ control.

The paper concludes that the current legal framework does not sufficiently deal with all issues related to data. Indeed, the data ownership is complicatdata-cycleed by the data value cycle which can involve numerous stakeholders (ISPs, IT providers, data providers such as marketplaces, data analytics service providers, data-driven services, etc.). Actors involved in the data value chain have no certainty as to the ownership of the data they process. Hence, the data ownership issue would require a new solution. The paper suggests creating a non-exclusive and flexible ownership right in datasets, with a data traceability obligation as a safeguard. 

Many points of this White Paper are in line with our view. In a paper presented in a conference about a holistic approach on personal data held by the Max Plank Institute in October 2016 (some slides are available here), I analysed the interface between IP rights (database sui generis right and trade secrets) and data protection rules. The latter in fact allow data controllers to exercise control over data, thus creating a semi ownership regime (though some scholars say it should be seen as a sort of licence on personal data granted by individuals). And I concluded that this interface produces an ownership regime on data, which can be strong although it cannot cover all situations. Residual areas are currently regulated by contract or by technology measures.

Property in data challenges civil law principles: information has public nature; property and IP rights are subject to the numerus clausus principle; and res incorporales are generally not included in property rights. Whether a new right on data should be created is debated (in a recent public consultation promoted by the EU Commission, here, the market answered “no”). We however agree that such possible new right should not be exclusive nor absolute. An exclusive right would risk blocking access to data. Access to data appears crucial in this data driven-economy. Big data requires data reuse, data enrichment, and access to multiple sources of raw information (in certain cases, we won’t be surprised to think about big data as essential facilities). At the current stage, it is impossible to predict where value will be created. Thus, a flexible approach to data is welcomed.

In this context, instead of a property rule, a liability rule appears more balanced. In other words, in certain cases the new right should entitle the data owner to receive payment for its data but would not allow him to exclude other from its access. This solution should be introduced for commercial uses of data only. Research uses should instead remain free, in line with the approach taken by the proposed Directive on copyright in the Digital Single Market (here).

Francesco Banterle