EU policy/Data Economy Consultation
 Home
|
 About
|
 Statement
|
 Monitoring
|
 Documentation
|
 Handouts
|
 Team
|
 Transparency
|
.svg)
Data Economy Consultation
The European Commission has launched its Public consultation on building the European data economy. This is the Wikimedia working page to draft answers to be submitted by the Free Knowledge Advocacy Group EU.
Submitting the answers[edit]
The final set of answers submitted will be linked to this page. Apart from the Free Knowledge Advocacy Group EU, individual chapters, volunteers and the Wikimedia Foundation might decide to participate. In this case we will make link their answers as well.
Organisational details[edit]
Idea behind consultation[edit]
In its Communication on a Data economy strategy from January 2015, the Commission states that the data-driven economy stimulates research and innovation on data, increases business opportunities and availability of knowledge and capital across Europe. It regrets that data isn't shared widely enough and thus remains unused. As a solution the Commission even envisions a new right on raw data, which is supposed to solve the issue of the lock-up of data.
Important deadlines[edit]
The consultation will remain open in the period 10 January - 26 April. 26 April is the deadline for submitting our answers.
Previous EU positioning by Wikimedia[edit]
- Copyright Consultation
- Position Paper on EU Copyright
- Platforms Consultation
- FKAGEU Statement of Intent
- Position Paper on Copyright Reform Proposal
Who should edit this page?[edit]
Everyone! Please just leave a draft answer/comment underneath the questions followed by your signature. We will then try to unify the replies.
How do we edit[edit]
As the European Commission's new survey tool allows for online editing and the saving of drafts, everyone is invited to make changes and save them as a draft. Please do not submit the answers. For discussion purposes, the questions of the consultation are copied below. If you wish to discuss any of them, please edit underneath.
Consultation[edit]
Editing inside the EUSurvey Tool[edit]
PLEASE DON'T SUBMIT, ONLY SAVE AS DRAFT
Consultation questions for discussion[edit]
1. Localisation of data for storage and/or processing purposes[edit]
The main objective of this part of the questionnaire is to get detailed insights into the extent, nature and impacts of data localisation restrictions within the EU and what could constitute limited, justified grounds for such restrictions without unduly jeopardising the free movement of data within the EU (except for restrictions to the free movement of personal data for reasons connected with the protection of natural persons with regard to the processing of personal data. The Treaty on the Functioning of the European Union and the General Data Protection Regulation (GDPR) establish the free flow of personal data within the EU and set out the rules relating to that free movement).
Another important aspect is to find out to what extent businesses store or process data in multiple geographical locations within the EU and what are the reasons for this multiple location and, respectively, local storage or processing. The Commission also seeks respondents' views on the perceived impacts of the removal of data localisation restrictions within the EU. The Commission welcomes replies particularly from businesses, including SMEs, and public sector organisations.
Which of these statements apply to you in relation to data storage or processing?
My organisation is a data service provider
My organisation operates its own data infrastructure without using third-party services
My organisation is a user of third-party data services
My organisation is a scientific research organisation
None of the above
I don't know
Do you know about legislation or administrative rules or guidelines (including those adopted in the context of public procurement) requiring to store or process data in your or other EU countries (please see part 2 of the Staff Working Document linked to on the consultation webpage for the summary of data localisation restrictions identified so far)?
Yes
No
For your own organisation's purposes, do you store or process your data in multiple locations within the EU?
Yes
No
When providing IT-related services (e.g. cloud, applications, software, infrastructure, hosting, Over-The-Top, etc.), have your customers demanded that their data is stored or processed locally (in the same country as their relevant business establishment)?
Yes
No
I don't know
In your opinion, should data localisation restrictions be removed within the EU?
Yes
No
I don't know
In your opinion, what grounds would justify keeping data localisation restrictions within the EU?
Public security
Law enforcement needs
Public policy (such as immediate availability of data for supervisory authorities)
Public health (please note that patient data may already be covered by a free movement provision under the General Data Protection Regulation)
Other
What kind of action at EU level do you consider appropriate to address the restrictions?
The EU should not address the issue
A legislative instrument
Guidance on data storage / processing within the EU
Increasing the transparency of restrictions
Other
I don't know
2. Access to and re-use of non-personal data[edit]
This part of the questionnaire aims to understand the data trading practices of businesses, and how all businesses, in particular SMEs, and other stakeholders access and trade non-personal data, and what are the perceived barriers to such trading and re-use of such data. The Commission seeks the views of businesses and other respondents on ways to enhance access to and re-use of data and data trading in Europe today.
2.1. Accessing data
This section is addressed to businesses and organisations of any size, and especially SMEs and start-ups which are seeking access to non-personal or anonymised data for running their businesses or developing new businesses. For consumer access issues, please see section 4.1 on data portability for non-personal. The aim is to find out whether and to what extent businesses and organisations have access to the data they need to develop or conduct their tasks, and furthermore to find out what role existing legislation plays in today's data markets, and whether there is a need to revise or introduce legislation to support the European data economy.
Do you currently depend to a significant extent on data resources that you acquire from others (for products or services you offer, for your internal business processes)?
Yes
No
Have you had difficulties in acquiring data from other business actors (i.e. limited or no access to the data) or have you been exposed to business practices that you consider unfair with respect to access to such data?
Yes
No
When acquiring data from other economic operators or when negotiating such acquisition: To what extent do you consider to be in a situation of equal bargaining power when negotiating data usage licences?
To a great extent
To some extent
To a minor extent
Not at all
I don't know
When acquiring data from other economic operators or when negotiating such acquisition: How often do you consider having been exposed to a situation that in your view would amount to an abuse of dominant position (as defined in competition law)?
Never
Rarely
A number of times
Often
I don't know
Does current competition law and its enforcement mechanisms sufficiently address potentially anti-competitive behaviour of companies holding or using data?
To a great extent
To some extent
To a minor extent
No
I don't know
Have you entered contracts in which certain data was defined as a trade secret?
Yes
No
2.2. Holding and supplying data
This section is addressed mostly to businesses that hold non-personal or anonymised data not subject to significant data processing ("raw" data), in particular data collected by sensors embedded in machines, tools and/or devices and who are in a position to share them. The aim is to get more information about data licensing practices.
Do you believe existing EU legislation sufficiently protects investments made into data collection by sensors embedded in machines, tools and/or devices?
Yes
No
Only in some scenarios
I don't know
If you/your organisation hold/s raw data or data sets, do you license its usage to others?
No / to a minor extent
Only to sub-contractors that perform tasks closely related to the organisation's business processes
Only to companies within an economic group (e.g. parent and subsidiaries in a corporate group/holding; affiliate, etc.)
Only within IT innovation environments, collaborating with other companies on concrete projects
Yes, to a wider range of players based on paying licences
My company makes certain datasets accessible as open data (accessible online, e.g. through a web API), licensing conditions allow many re-use options and re-use is free of charge, at least for non-commercial re-use of the data
Other
Are you including the value of at least some of the data you hold as a business asset in your balance sheets?
Yes
No
Please explain why.
This is not required by the applicable accounting/financing reporting standards
I am not sure how to measure the value of the data I have or do consider that this would prove difficult
Considerations of commercial strategy
I have not given this a thought
Other
2.3. Possible solutions
Sections 2.3.1 and 2.3.3 are directed at all respondents, including consumers and businesses. Section 2.3.2 is directed at businesses that deal with data collected by sensors embedded in machines, tools and/or devices. The aim is to receive input on what a possible future EU framework should look like to support a thriving, diverse and innovative European data economy.
2.3.1. General objectives for a future EU framework for data access
To what extent do you agree with the following statements (1=not at all,2=to a minor extent, 3=neutral/I don't know, 4=to some extent, 5=to a great extent):
Trading of non-personal machine-generated data should be enabled to a greater extent than it is today.
The sharing of non-personal machine-generated data should be facilitated and incentivised.
Investments made into data collection capabilities and data assets should be protected.
Sensitive business and confidential data should always be safeguarded.
Lock-in effects in the data market should be minimised, especially for SMEs and start-ups.
2.3.2. Access for public sector bodies and scientific research
Could you agree to an obligation to license the use of (non-personal) data you hold for any of the following purposes (subject to conditions)?
For the establishment of statistics by public statistical offices
For government agencies for the prevention of public health or other specified risks
For government agencies in order to address other societal challenges (e.g. improving urban planning, manage supply of energy)
For scientific research that is funded from public resources
Other
I would not agree to such an obligation for any purpose Do you consider there should be action at EU level to address access to such data for the entities mentioned in the previous question (the establishment of statistics by public statistical offices, government agencies for the prevention of public health or other specified risks, government agencies in order to address other societal challenges (e.g. improving urban planning, manage supply of energy), scientific research that is funded from public resources)?
The EU should not address the issue
Yes, but only voluntary measures (e.g. industry self-regulation)
Yes, through legislative measures (for a scope to be defined)
I don't know
2.3.3. Access for other commercial entities
The following questions ask for an assessment of a number of potential measures that might help to make more data held by one commercial entity available for re-use by another commercial entity. Would you agree with the following statement: More data would become available for re-use if the Commission would issue guidance on how access, use and re-use of data should be addressed in contracts (data usage licences) – based on existing legislation (in particular the Trade Secrets Protection Directive, copyright legislation and the Database Directive)?
Yes
Sometimes
No
I don't know
What impacts (if any, including economic) on competition and innovation would you expect from the solution described in the previous question? 1000 character(s) maximum (1000 characters left)
Would you agree with the following statement: The optimal solution for making data collected by sensors embedded in machines, tools and/or devices available for re-use is to leave it entirely to the parties to decide (by contract) who should have the right to license the usage of these data, how and to whom.
Yes
Sometimes
No
I don't know What impacts (if any, including economic) on competition and innovation would you expect from the solution described in the previous question? 1000 character(s) maximum (1000 characters left)
Would you agree with the following statement: More data would become available for re-use if more data holders used Application Programming Interfaces (APIs) to facilitate access to the data they hold, and these APIs were designed and documented in a way easy to use by third party application developers.
Yes
Sometimes
No
I don't know What impacts (if any, including economic) on competition and innovation would you expect from the solution described in the previous question? 1000 character(s) maximum (1000 characters left)
Would you agree with the following statement: More data would become available for re-use if legislation would define a set of (cross-sector or sector-specific) non-mandatory contract rules for B2B contracts, possibly coupled with an unfairness control in B2B contractual relationships) for allocating rights to access, use and re-use data collected by sensors embedded in machines, tools and/or devices were defined.
Yes
Sometimes
No
I don't know What impacts (if any, including economic) on competition and innovation would you expect from the solution described in the previous question? 1000 character(s) maximum (1000 characters left)
Would you agree with the following statement: More data would become available for re-use if a set of recommended standard contract terms were to be drafted in close collaboration with stakeholders.
Yes
Sometimes
No
I don't know What impacts (if any, including economic) on competition and innovation would you expect from the solution described in the previous question? 1000 character(s) maximum (1000 characters left)
Would you agree with the following statement: More data would become available for re-use if a company holding data which it protects through technical means against illicit misappropriation had civil law remedies against such misappropriation (e.g. the right to seek injunctions, market exclusion, or to claim damages).
Yes
Sometimes
No
I don't know
What impacts (if any, including economic) on competition and innovation would you expect from the solution described in the previous question? 1000 character(s) maximum (1000 characters left)
Would you agree with the following statement: More data collected by sensors embedded in machines, tools and/or devices would become available for re-use if both the owner or user of the machine, tool or device and the manufacturer share the right to license the use of such data.
Yes
Sometimes
No
I don't know
What impacts (if any, including economic) on competition and innovation would you expect from the solution described in the previous question? 1000 character(s) maximum (1000 characters left)
Would you agree with the following statement: More data would become available for re-use if the companies active in the production and market commercialisation of sensor-equipped machines, tools or devices were awarded an exclusive right to license the use of the data collected by the sensors embedded in such machines, tools and/or devices (a sort of sui generis intellectual property right).
Yes
Sometimes
No
I don't know
What impacts (if any, including economic) on competition and innovation would you expect from the solution described in the previous question? 1000 character(s) maximum (1000 characters left)
Would you agree with the following statement: More data would become available for re-use if the persons or entities that operate sensor-equipped machines, tools or devices at their own economic risk ("data producer") were awarded an exclusive right to license the use of the data collected by these machines, tools or devices (a sort of sui generis intellectual property right) to license the use of the data that the machine, tool or device collects as a result of the data producer's operation to any party it wishes (subject to legitimate data usage exceptions for e.g. manufacturers of the machines, tools or devices).
Yes
Sometimes
No
I don't know
Please explain. 1000 character(s) maximum (1000 characters left)
What impacts (if any, including economic) on competition and innovation would you expect from the solution described in the previous question? 1000 character(s) maximum (1000 characters left)
To what extent would you agree to an obligation to license for the re-use of data generated by machines, tools or devices that you have commercialised under fair, reasonable and non-discriminatory (FRAND) terms?
To a large extent
To some extent
To a minor extent
Not at all
To what extent would you agree to an obligation to license for the re-use of data generated in the context of your online platform through its users under fair, reasonable and non-discriminatory (FRAND) terms?
To a large extent
To some extent
To a minor extent
Not at all
3. Liability[edit]
This part of the questionnaire aims to understand the level of awareness, as well as the respondents' experiences and issues related to liability for products and services coming out of Internet of Things (IoT) technologies and autonomous systems. The questions are also meant to gather evidence for a proper assessment of the adequacy of the Product Liability Directive (85/374/CEE) to respond to IoT and robotics liability challenges. The Commission seeks the views of producers and users of IoT technologies and autonomous systems in this section.
3.1. Extra-contractual liabilities: IoT and robotics products and services
Questions for producers/suppliers/manufacturers
As a producer/supplier: please indicate which new IoT and/or robotics technological developments you deal with.
Non-embedded software/mobile apps
Advanced and new sensor equipment
Smart medical devices
Robots, e.g. for care, surgery, industrial robots, other
Automated cars
Smart objects, i.e. thermostats, fridges, watches, cars
Drones
Other
As producer of IoT/robotics devices, did you ever experience problems in not knowing in which category (product/service) to classify the device in order to comply with a specific liability regime on provision of services or manufacturing of products?
Yes, to a significant extent
Yes, to a moderate extent
No, I never experienced this problem
I don't know
Do you, as a producer, take into account the possibility of being held liable for potential damages when pricing IoT/robotics devices?
Yes
No
Have you ever been held liable for damage caused by your IoT/robotics defective device?
Yes
No
I don't know
As a producer, do you have a specific insurance for IoT/robotics products to cover your liability in case of compensation?
Yes
No
I don't know
Questions for consumers/end-users
As a consumer, have you suffered damage due to a defective IoT/robotics device?
Yes
No
As a consumer/user have you ever experienced a software security problem (e.g. failure of the software, cyber-attack) when using your IoT/robotics product?
Yes
Yes, but I do not know the exactly problem or cause.
No
As a consumer/user of an IoT/robotics device, how easy it is to update the software of your device?
Easy
I can manage
It is too inconvenient, complex, difficult
My device is automatically updated/patched by the manufacturer or developer
I do not have to update it
Other
As a consumer, what (if anything) makes you reluctant to buy IoT/robotics products or services?
They are technologically too complicated to use
Price
I am not interested
Privacy risks
Software security problems, Cyber security risks
Legal uncertainty: I didn't know whether I would receive a compensation in case of damage
In case of damage, it is difficult to understand where the cause of damage lies
No reluctance at all
Other
Do you think IoT/robotics products and services should be equipped with an event data recorder to track what the device was doing when the damage occurred?
Yes
No
I don't know
In the EU country where you live, are there specific rules on liability for damage caused by the new technological developments, such as IoT/robotics products? If you are aware of such rules, please indicate them. 1500 character(s) maximum (1500 characters left)
In your opinion, who should bear the liability in case of damages caused by defects or malfunctioning of a smart device which combines tangible goods (a car), digital goods (an app) and services (e.g data services)?
The producer of the physical device
The provider of the digital good (software and/or app)
The producer of the physical device jointly with the provider of the digital good (software and/or app)
The attribution of liability is better dealt through contracts on a case-by-case basis
To be established on a case-by-case basis based on the best positioned to avoid risks
To be established on a case-by-case basis based on the entity generating the highest risks
Other
As end-user (consumer/company) active in the data economy, have you directly experienced/entered into agreements, or are you aware of contracts that reduce substantially the liability of providers of IoT products/services/robots? 1000 character(s) maximum (1000 characters left)
What type of contractual liability limitations have you faced (e.g. on errors, accuracy and reliability of data, defects, functionality and availability of service, risk of interception of information, cyber-attacks)? 1000 character(s) maximum (1000 characters left)
Which exclusions (damage to property, financial loss) or limitations of damages (e.g. caps) connected in any way with the use of IoT products/services/robots have you experienced or are you aware of? 1000 character(s) maximum (1000 characters left)
Do you think the attribution of liability in the context of IoT/Autonomous systems products and services can adequately be dealt with through contracts?
Yes
Partially
No
3.2. Possible options and a way forward (both for consumers/end users and producers of IoT/Robotics devices)
Do you think a risk management approach in which the party that is best placed to minimise or avoid the realisation of the risk (e.g. the manufacturer of the IoT device, or the software designer) could be a way forward?
Yes
No
I don't have information about what a risk management approach would entail and would thus prefer not to answer
I don't know
In your opinion, who should bear the liability in case of damages caused by defects or malfunctioning of a smart device which combines tangible products, digital products and services? 1000 character(s) maximum (1000 characters left)
What type of liability, contractual or extra-contractual, is, in your opinion, the most consumer-friendly way to deal with damages caused by defects or malfunctioning in smart devices, which combine tangible products, digital products and services?
Contractual
Extra-contractual
None of them
I do not know
Do you think that the liability in relation to smart devices combining products and services require an ad hoc approach at EU level? 1000 character(s) maximum (1000 characters left)
Independently of who is considered liable, should there be a liability cap, i.e. an upper bound to the compensation of damages?
Yes, for all IoT products
Yes, but only for specific products in the experimentation/testing phase
Yes, but only for specific products abiding by strict safety standards
No
I do not know
What is your opinion on the idea of best practices guidelines and/or expected care and safety standards that, if fulfilled, would automatically exclude/limit liability?
I agree, for all IoT products
I agree, but only for specific products in the experimentation/testing phase
I agree, but only for product performing automated actions or taking independent decisions
I do not agree
I do not know
Is there a need for mandatory cyber insurance?
Yes, for all IoT products
Yes, but only for specific products in the experimentation/testing phase
Yes, but only for product performing automated actions or taking independent decisions
No
I do not know
Do you feel protected by the current legal framework (both Business-to-Business and Business-to-Consumer) for algorithms, e.g. in case it can be proven that an accident has been caused by a bug in the algorithm?
Yes
No
I don't know
Should some sorts of standard certification or testbedding be envisaged for algorithm based services?
Yes
No
I don't know
Who should be liable for defects or accidents caused by products embedding open algorithms, i.e. algorithms developed through cooperative platforms?
The producer
The user
The participants to the cooperative platform jointly
Nobody
Other
4. Portability of non-personal data, interoperability and standards[edit]
4.1. Portability of non-personal data
This section is directed towards all respondents, including consumers, organisations and businesses. The objective of this section is to explore business situations where portability of non-personal data can unlock opportunities and/or eliminate blockages in the data economy, as well as the effects of such conditions on all the concerned actors.
Are you using or have you used services which allow you to port or retrieve non-personal data that you had previously provided?
Yes
No
I don't know
What advantages does/would portability of non-personal data bring to you/your business?
Build value deriving from these data
Trade data on data trading platforms
Give access to third parties to the data
Switch easily service provider without losing these data
Other
Is your business offering portability of non-personal data to its business or individual clients?
Yes
No
Are you aware of other good examples of services offering data portability? Please specify. 1000 character(s) maximum (1000 characters left)
If you are a business user of cloud services or online platforms: Have you experienced difficulties in switching providers?
Yes
No
I was not interested in switching providers
Do you see a specific need for businesses to receive non-personal data in a machine-readable format, as well as the right to licence the use of such data to any third party (i.e. the right of data portability under article 20 GDPR extended to any user and to non-personal data)?
Yes
No
I don't know
If you have further comments on portability rights, please insert them below. 1000 character(s) maximum (1000 characters left)
What are the possible effects of introducing a portability right for non-personal data regarding cloud services? Please consider positive and possible adverse effects, and consequences for your business and, more generally, for the user of the cloud service as well as the service provider and other concerned actors. 1500 character(s) maximum (1500 characters left)
What are the possible effects of introducing a portability right regarding non-personal data generated by sensor-equipped machines, tools and/or devices? Please consider positive and possible adverse effects, and consequences for your business and, more generally, for the user of the services as well as manufactures, service providers and other concerned actors. 1500 character(s) maximum (1500 characters left)
What are the possible effects of introducing a portability right for non-personal data regarding online platforms? Please consider positive and possible adverse effects, and consequences for your business and, more generally, for the business user of the platform, consumers, intermediary (data) services, the online platform and other concerned actors. 1500 character(s) maximum (1500 characters left)
4.2. Interoperability and standards
This section is primarily directed towards businesses and organisations. The objective of this section is to get the stakeholders' opinions on the best approaches to technically support data portability and access to data.
As a provider of cloud services, do you provide “standard-compliant” solutions?
Yes
No
As a user of cloud services, do you give preference to “standard-compliant” solutions?
Yes
No
For which reasons would/do you use a “standard-compliant” cloud solution
Data portability of non-personal data
Service interoperability
Privacy, data protection compliance & Security
Cloud management
Service Level Agreement
Other
What do you consider as a priority for facilitating access to data and to improve its technical and semantic discoverability and interoperability?
Common metadata schemes (including differentiated access, data provenance, quality)
Data catalogues
Use of controlled (multilingual) vocabularies
Common identifiers
Other
What technical instruments should be used for promoting/implementing your priorities suggested in the previous question?
Definition of new standards
Improvement of existing standards
Recommendations
What legal instruments should be used for promoting/implementing your priorities suggested in the same question?
EU regulation
Guidelines
Support actions
Other
Do you see the need for the definition of a reference architecture recommending a standardised high-level framework identifying interoperability interfaces and specific technical standards for facilitating seamless exchanges across data platforms?
Yes
No
Additional contribution
Please feel free to upload a concise document, such as a position paper. The maximal file size is 1MB.
Please note that the uploaded document will be published alongside your response to the questionnaire which is the essential input to this open public consultation. The document is an optional complement and serves as additional background reading to better understand your position.