'Data is the new oil' has been a popular phrase in recent years, but perhaps a more apt comparison would be solar power: a renewable natural resource that can benefit everyone at once, without diminishing. Data is created everywhere in our society. Networking and digitalisation are increasing across industries, and Bengt Holmström, among others, has called for the EU to recognise the value of data. At the same time, as Vili Lehdonvirta notes, data is a highly heterogeneous good with a content-specific value.
The Commission aims for a single market for data
In its 2020 data strategy, the European Commission deemed that data is insufficiently available for re-use and that data sharing is hampered, in part, by companies' fear of losing their competitive edge. According to the Commission, the strategy aims to make the EU a leader in a data-driven society by creating a single market for data that will allow data 'to flow freely within the EU and across sectors for the benefit of businesses, researchers and public administrations.'
In February 2022, the Commission published its proposal for the new Data Act (DA). This Act aims to increase data availability and create a regulatory framework for sharing data between different actors in the EU, including rules on who can use and access what data and for which purposes. The Data Act is part of the Commission's larger proposal package, the so-called Big Five, that also includes the Data Governance Act (DGA), the Digital Markets Act (DMA), the Digital Services Act (DSA) and the Artificial Intelligence Act (AIA). As for the Data Act, the legislative process is well underway, and its goals include rules on who can access and control what data, among other things.
Data protection through agreements
In this connection, it should be noted that data itself is not protected under any special IP rights. Instead, the protection is largely based on agreements between companies and, in some cases, on the protection of trade secrets. Data can also form a database that is protected. In practice, the underlying data set must always be identified so that the related rights and restrictions can be evaluated. Agreeing on how the data can be used is key when data is shared and re-used.
The important thing is to understand the nature of the data and, consequently, what rights may be attached to it. It is equally important to know what the data will be used for, i.e. what rights the user needs to have. This allows for the data user to control the risks associated with third-party rights through agreements. For the party sharing the data, a formal agreement on data sharing provides an opportunity to protect data such as trade secrets, for example by restricting the use of the data to a specific purpose.
Progressing protection procedures
In Finland, the business and industry organisations recognised the need to develop the practices for data sharing agreements early on. The Technology Industries of Finland drafted the model terms for data sharing in 2019. In addition, the IT2022 terms, drafted in cooperation by IT supplier and client organisations, include new special terms and conditions for data use.
Efficient use of data always requires that industry-specific characteristics are taken into account in data sharing agreements so that reaching commercial goals is supported. We have assisted clients in various fields in matters related to data use and data agreements. If you would like to discuss the protection of your company's data or any of the other topics covered in this blog in more detail, please do not hesitate to contact the authors.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
