The key pillar of the European Data Strategy, the DGA, entered into force on 23 June 2022 and has been applicable since 24 September 2023. Its ultimate aim is to build trust in voluntary data sharing for the benefit of businesses and citizens and to enable the development and exploitation of the economic and societal potential of data.
The DGA is a cross-sectoral instrument with several objectives:
- the re-use of public and/or protected data,
- data sharing by providers of data intermediation services,
- data sharing for public interest purposes through altruistic organisations.
It aims to increase trust in data sharing, strengthen mechanisms to increase data availability and overcome technical barriers to data re-use.
The benefits of the DGA are numerous: it enables new products and services based on new technologies, makes production processes more efficient and accelerates innovation and job creation, in particular for start-ups and SMEs. These benefits manifest themselves in various areas such as health, mobility, agriculture, environmental protection and climate as well as in public administration.
The main elements of the DGA
- Re-use of certain categories of data held by public sector bodies: The DGA allows for the re-use of large amounts of data held by the public sector that cannot be treated as open data because they are protected (e.g. personal data and confidential business data) when they could be re-used under specific EU or Member State legislation. Much information can be extracted from these data without compromising their protected nature and the DGA provides rules and safeguards to facilitate this re-use whenever possible under specific legislation.
- Data intermediation services: Data sharing can result in a loss of competitive advantage for a company and represents a risk of misuse. The DGA defines a set of rules and a notification and labelling system for providers of data intermediation services (so-called data intermediaries, such as data marketplaces) to ensure that they will function as reliable organisers of data sharing or pooling within the common European data spaces. The proposed model is based on the neutrality and transparency of data intermediaries while giving individuals and businesses control over their data to increase trust in data sharing. In this sense, the DGA offers an alternative model to data processing practices by large commercial platforms that have a high degree of market power because they control large amounts of data.
- Data altruism: Individuals and companies who give their consent or permission to make the data they generate available – voluntarily and without reward – for use in the public interest will be able to authorise the sharing of their data by ‘data altruism organisations recognised in the Union’. Altruistic organisations must be non-profit-making and meet transparency requirements, while offering specific safeguards to protect the rights and interests of citizens and businesses sharing their data. They must comply with information, technical, security and interoperability requirements. A label with a specific logo has been designed by the European Commission to recognise these organisations that will be included in the specific register of data altruism organisations recognised at EEA level. Finally, to advance research and develop better products and services, notably in the areas of health, environment and mobility, a common European consent form for data altruism will allow data collection in all Member States in a uniform format, ensuring that those who share their data can easily give and withdraw their consent.
In addition, the DGA introduces a European Data Innovation Board. (EDIB, European Data Innovation Board) to facilitate the sharing of best practices, in European Data Innovation particular in regards to data intermediation, data altruism and the use of public data that cannot be made available as open data, as well as the prioritisation of cross-sectoral interoperability standards.
The EDIB has the power to propose guidelines for common European data spaces (e.g. on the adequate protection of data transfers outside the Union) and includes, inter alia, representatives of Member States’ competent authorities for data intermediation, competent authorities for data altruism, EDPB, EDPS and ENISA. The CNPD could be represented there, according to the powers conferred by draft national law No 8395 implementing in particular certain provisions of the DGA as existing on the date of publication of this article, as the competent authority for data intermediation services and for altruistic organisations.