Companies such as Alphabet, which owns Google, have shown how combining and sharing data within an ecosystem can bring innovation. It also concentrates power. Distributing the benefits of data to other organisations, particularly small and medium-sized enterprises, is one of the drivers of the EU’s digital strategy.
To strengthen a more open data ecosystem—one where fundamental rights of European citizens are protected—the EU released the Digital Services Act package. These data ecosystems, referred to as data spaces, set rules for exchanging information. This information can include open data from data portals, collected by public agencies, as well as other data sets that cannot be open to a general public. This means that data can be shared on a more limited level, so it can include both open and protected data.
An important part of this package is the Data Governance Act (DGA), proposed on 25 November 2020. It aims to reform the digital environment for data (re-)users and producers. The Act will enter into full force in September 2023 following a 15-month roll-out period.
The Act has several goals:
- To make it easier to re-use public sector data to which other parties own the rights, supplementing EU Directive 2019/1024 on Open Data and the Re-use of Public Sector Information. This specifically open up data that is confidential, protected by copyright, or personal data according to the General Data Protection Regulation.
- To increase trust in data sharing by creating common rules to publish and exchange data produced by people, businesses and public organisations.
- To create rules for “data intermediation”, creating a business model for organisations to work as brokers between data holders (who collect data) and data users (who use that data to provide services). Once the DGA comes into force, companies that work as data brokers can register with an authorised government body. These intermediaries also need to remain independent, meaning that they will be limited re-use data and metadata.
- To facilitate “data altruism”, so that people and organisations can give their open their data to use for the common good, such as for medical research projects or climate change.
The Data Governance Act, data spaces, and open data
The rules set out by the Data Governance Act, which supplements the Data Act, should help drive European data spaces, where information can be safely shared by the public and private sector. These common data spaces cover strategic domains, including health, environment, energy, agriculture, mobility, finance, manufacturing, public administration, and skills sector. The data spaces will be supported by technical infrastructure to pool, access, process, use, and share data.
But where do open-data portals stand within the data spaces and new ecosystems that the Data Governance Act and other pieces of legislation are looking to create?
Traditionally, open data has been the easiest to share because it came without restrictions. But, given its nature, it meant that a lot of interesting data would remain unshared. The DGA will increase the amount of data available and promote data exchange across businesses, public institutions and EU Member States. Supplementing open data with other, more restricted pieces of information will create additional value. Open-data portals should become integral players in helping deliver data within broader data spaces.
The DGA will impact several stakeholders, including businesses, public institutions, and citizens.
First, the DGA should lower costs for gathering, integrating, and processing data. Additionally, there will be a decrease in the time needed to sell innovative goods and services, enabling small and large businesses to create new data-driven goods and services.
Second, the Act will support the creation and development of common European data spaces by ensuring that the data being exchanged is protected and regulated. Here, the DGA will lay the initial foundation for future restrictions on the transfer of non-personal data through, for example, data intermediaries and acknowledged data altruism providers, impacting businesses.
Third, the DGA has introduced regulations and stakeholders responsible for overseeing the exchange of data with stakeholders outside of Europe: data intermediaries. The data intermediaries will determine if foreign countries provide adequate safeguards for the transfer and use of non-personal data and will process requests made by national authorities to obtain non-personal data that originated in the EU. This will impact businesses and public institutions, and indirectly effect citizens.
For businesses, the DGA will leverage the growing digital market and development of data spaces by supporting data (re-)users and producers within Europe. Thus, the DGA will be a powerful engine for innovation and new jobs and will allow the EU to position itself at the forefront of the second wave of data innovation. This will therefore lead to a stricter vision regarding privacy for tech platforms that could be regarded as intermediaries. The public sector will benefit substantially via the increased amount and value of data altruism that will take place within the Union.