Activities of Henna VIRKKUNEN related to 2022/0047(COD)
Plenary speeches (1)
Data Act (debate)
Amendments (32)
Amendment 113 #
Proposal for a regulation
Recital 6
Recital 6
(6) Data generation is the result of the actions of at least two actors, the designer or manufacturer of a product and the user of that product. It gives rise to questions of fairness in the digital economy, because the data recorded by such products or related services are an important input for aftermarket, ancillary and other services. In order to realise the important economic benefits of data as a non-rival good for the economy and society, a general approach to assigning access and usage rights on data is preferable to awarding exclusive rights of access and use. However, it is also important that data sharing based on voluntary contracts will continue to develop to facilitate development of data- driven value growth in European companies.
Amendment 115 #
Proposal for a regulation
Recital 6 a (new)
Recital 6 a (new)
(6 a) New statutory obligations on the sharing of data need to be carefully lineated with the Union’s competition framework and maintain companies’ ability to protect their competitive assets and encourage companies to innovate new digital services.
Amendment 152 #
Proposal for a regulation
Recital 17 a (new)
Recital 17 a (new)
(17 a) It is important that the regulation will not hold back the development of edge computing and other efficient technologies needed for e.g. improving energy efficiency. Data generated by the use of a product should be limited in business-to-business relations and products strictly to data that is generated by the interactions of the user and the product, accompanied by relevant metadata. Any derivative data, know-how or analysis should not be regarded as data generated by the use of a product. This is also needed for companies to maintain their competitive assets. This regulation should not in any way limit data holders’ ability to share data falling outside of the scope of this regulation under contractual arrangements.
Amendment 217 #
Proposal for a regulation
Recital 31
Recital 31
(31) Data generated by the use of a product or related service should only be made available to a third party at the request of the user, unless Union or Member State law requires disclosure in the name of public access to official documents. This Regulation accordingly complements the right provided under Article 20 of Regulation (EU) 2016/679. That Article provides for a right of data subjects to receive personal data concerning them in a structured, commonly used and machine-readable format, and to port those data to other controllers, where those data are processed on the basis of Article 6(1), point (a), or Article 9(2), point (a), or of a contract pursuant to Article 6(1), point (b). Data subjects also have the right to have the personal data transmitted directly from one controller to another, but only where technically feasible. Article 20 specifies that it pertains to data provided by the data subject but does not specify whether this necessitates active behaviour on the side of the data subject or whether it also applies to situations where a product or related service by its design observes the behaviour of a data subject or other information in relation to a data subject in a passive manner. The right under this Regulation complements the right to receive and port personal data under Article 20 of Regulation (EU) 2016/679 in several ways. It grants users the right to access and make available to a third party to any data generated by the use of a product or related service, irrespective of its nature as personal data, of the distinction between actively provided or passively observed data, and irrespective of the legal basis of processing. Unlike the technical obligations provided for in Article 20 of Regulation (EU) 2016/679, this Regulation mandates and ensures the technical feasibility of third party access for all types of data coming within its scope, whether personal or non-personal. It also allows the data holder to set reasonable compensation to be met by third parties, but not by the user, for any cost incurred in providing direct access to the data generated by the user’s product. If a data holder and third party are unable to agree terms for such direct access, the data subject should be in no way prevented from exercising the rights contained in Regulation (EU) 2016/679, including the right to data portability, by seeking remedies in accordance with that Regulation. It is to be understood in this context that, in accordance with Regulation (EU) 2016/679, a contractual agreement does not allow for the processing of special categories of personal data by the data holder or the third party.
Amendment 228 #
Proposal for a regulation
Recital 36
Recital 36
(36) Start-ups, small and medium-sized enterprises and companies from traditional sectors with less-developed digital capabilities struggle to obtain access to relevant data. This Regulation aims to facilitate access to data for these entities, while ensuring that the corresponding obligations are scoped as proportionately as possible to avoid overreach. At the same time, a small number of very large companies have emerged with considerable economic power in the digital economy through the accumulation and aggregation of vast volumes of data and the technological infrastructure for monetising them. These companies include undertakings that provide core platform services controlling whole platform ecosystems in the digital economy and whom existing or new market operators are unable to challenge or contest. The [Regulation on contestable and fair markets in the digital sector (Digital Markets Act)] aims to redress these inefficiencies and imbalances by allowing the Commission to designate a provider as a “gatekeeper”, and imposes a number of obligations on such designated gatekeepers, including a prohibition to combine certain data without consent, and an obligation to ensure effective rights to data portability under Article 20 of Regulation (EU) 2016/679. Consistent with the [Regulation on contestable and fair markets in the digital sector (Digital Markets Act)], and given the unrivalled ability of these companies to acquire data, it would not be necessary to achieve the objective of this Regulation, and would thus be disproportionate in relation to data holders made subject to such obligations, to include such gatekeeper undertakings as beneficiaries of the data access right. This means that an undertaking providing core platform services that has been designated as a gatekeeper cannot request or be granted access to users’ data generated by the use of a product or related service or by a virtual assistant based on the provisions of Chapter II of this Regulation. An undertaking providing core platform services designated as a gatekeeper pursuant to Digital Markets Act should be understood to include all legal entities of a group of companies where one legal entity provides a core platform service. Furthermore, third parties to whom data are made available at the request of the user may not make the data available to a designated gatekeeper. For instance, the third party may not sub-contract the service provision to a gatekeeper. However, this does not prevent third parties from using data processing services offered by a designated gatekeeper. This exclusion of designated gatekeepers from the scope of the access right under this Regulation does not prevent these companies from obtaining data through other lawful means.
Amendment 240 #
Proposal for a regulation
Recital 38 a (new)
Recital 38 a (new)
(38 a) The manufacturer of a product is not always in a position to require access to data that is essential for diagnostics, research and development and quality control. Access to this data is a prerequisite to develop long-lasting and sustainable machinery and maintain Europe’s manufacturing and industrial prowess. This regulation should grant access to data generated by the use of a product in business-to-business relations also to the manufacturer of the product. As this data may reveal details of user’s economic situation, the user should have the right to require aggregation of data, or delay to its provision.
Amendment 330 #
Proposal for a regulation
Recital 72
Recital 72
(72) This Regulation aims to facilitate switching between data processing services, which encompasses all conditions and actions that are necessary for a customer to terminate a contractual agreement of a data processing service, to conclude one or multiple new contracts with different providers of data processing services, to port all its digital assets, including data, to the concerned other providers and to continue to use them in the new environment while benefitting from functional equivalencein a way that does not compromise innovation and competitiveness of European organisations in the global economy. Digital assets refer to elements in digital format for which the customer has the right of use, including data, applications, virtual machines and other manifestations of virtualisation technologies, such as containers. Functional equivalence means the maintenance of a minimum level of functionality of a service after switching, and should be deemed technically feasible whenever both the originating and the destination data processing services cover (in part or in whole) the same service type. Meta-data, generated by the customer’s use of a service, should also be portable pursuant to this Regulation’s provisions on switching.
Amendment 393 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1
Article 2 – paragraph 1 – point 1
(1) ‘data’ means any digital representation of acts, facts or information and any compilation of such acts, facts or information, including in the form of sound, visual or audio-visual recording, and any underlying digital descriptions, or so-called metadata, of those digital representations;
Amendment 405 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 a (new)
Article 2 – paragraph 1 – point 1 a (new)
(1 a) ‘data generated by the use’ means data in the form and format in which they are generated as a result of interaction by the user and the product while using it, including basic context and timestamp to make the data usable, but not covering any derived data, analysis or know-how.
Amendment 452 #
Proposal for a regulation
Article 2 – paragraph 1 – point 10
Article 2 – paragraph 1 – point 10
(10) ‘public emergency’ means an exceptional situation negatively affecting the poppublic health emergencies, emergencies resulation of the Union, a Member State or part of it, with a risk of serious and lasting repercussions on living conditions or economic stability, or the substantial degradation of economic assets in the Unng from environmental degradation and major natural disasters, including those exacerbated by climate change, and major man-made disasters, such as major cybersecurity incidents, that negatively affect the population orf the relevantUnion, a Member State(s); or part of it.
Amendment 493 #
Proposal for a regulation
Article 3 – paragraph 1
Article 3 – paragraph 1
1. Products shall be designed and manufactured, and related services shall be provided, in such a manner that data generated by their use are, by default, easily, securely and, where relevant and appropriate, directly accessible to the user. The user should have unhindered access to data, including relevant processed data, that is essential to the functioning, repairing, or servicing of the connected products and related services. The relevant sets of processed data to which the user is allowed access shall be specified in sector-specific regulation.
Amendment 563 #
Proposal for a regulation
Article 4 – paragraph 1
Article 4 – paragraph 1
1. Where data cannot be directly accessed by the user from the product, the data holder shall make available to the user the data generated by its use of a product or related service without undue delay, free of charge and, where applicable, continuously and in real- time. This shall be done on the basis of a simple request through electronic means where technically feasible. When the user is a natural person, data shall be made available free of charge.
Amendment 572 #
Proposal for a regulation
Article 4 – paragraph 3
Article 4 – paragraph 3
3. Trade secrets shall only be disclosed provided that all specific necessary measures are taken to preserve the confidentiality of trade secrets in particular with respect to third parties. The data holder and the user can agree measures to preserve the confidentiality of the shared data, in particular in relation to third parties. Such measures shall be utilized in a limited manner and only when the shared data includes trade secrets as defined by the EU or national law. The data holder shall prove the existence of trade secrets when it invokes measures to preserve the confidentiality of the shared data.
Amendment 681 #
Proposal for a regulation
Article 7 – paragraph 1
Article 7 – paragraph 1
1. The obligations of this Chapter shall not apply to data generated by the use of products manufactured or related services provided by enterprises that qualify as micro or, small or medium-sized enterprises, as defined in Article 2 of the Annex to Recommendation 2003/361/EC, provided those enterprises do not have partner enterprises or linked enterprises as defined in Article 3 of the Annex to Recommendation 2003/361/EC which do not qualify as a micro or, small or medium- sized enterprise.
Amendment 700 #
Proposal for a regulation
Article 9 – paragraph 1
Article 9 – paragraph 1
1. Any compensation agreed between a data holder and a data recipient for making data available shall be reasonable and shall not exceed the costs directly related to making the data available.
Amendment 709 #
Proposal for a regulation
Article 9 – paragraph 2
Article 9 – paragraph 2
2. Where the data recipient is a micro, small or medium enterprise, as defined in Article 2 of the Annex to Recommendation 2003/361/EC, and the data holder is not, any compensation agreed shall not exceed the costs directly related to making the data available to the data recipient and which are attributable to the request. Article 8(3) shall apply accordingly.
Amendment 754 #
Proposal for a regulation
Article 13 – paragraph 8 a (new)
Article 13 – paragraph 8 a (new)
8 a. The Commission shall conduct a regular market investigation to review and, if necessary, revise the unfair contractual terms listed in paragraphs 3 and 4 of this Article.
Amendment 766 #
Proposal for a regulation
Article 14 – paragraph 2
Article 14 – paragraph 2
2. This Chapter shall not apply to medium-sized, small and micro enterprises as defined in Article 2 of the Annex to Recommendation 2003/361/EC.
Amendment 977 #
Proposal for a regulation
Article 24 – paragraph 1 – point c
Article 24 – paragraph 1 – point c
(c) a minimum period for data retrieval of at least 360 calendar days, starting after the termination of the transition period that was agreed between the customer and the service provider, in accordance with paragraph 1, point (a) and paragraph 2.
Amendment 980 #
Proposal for a regulation
Article 24 – paragraph 1 – point c a (new)
Article 24 – paragraph 1 – point c a (new)
(c a) an estimation of costs concerning switching data processing services.
Amendment 1018 #
Proposal for a regulation
Article 28 – paragraph 1 – subparagraph 1 – introductory part
Article 28 – paragraph 1 – subparagraph 1 – introductory part
Operators ofwithin data spaces shall comply with, the following essential requirements, applicable to the services offered by the operator, to facilitate interoperability of data, data sharing mechanisms and services:
Amendment 1028 #
Proposal for a regulation
Article 28 – paragraph 1 – subparagraph 1 – point d
Article 28 – paragraph 1 – subparagraph 1 – point d
(d) the means to enable the interoperability of smart contracts for data sharing within their services and activities shall be provided.
Amendment 1038 #
Proposal for a regulation
Article 28 – paragraph 3 a (new)
Article 28 – paragraph 3 a (new)
3 a. The operators within a particular data space shall agree on the rules by which the accountabilities regarding these requirements are defined between the operators.
Amendment 1042 #
Proposal for a regulation
Article 28 – paragraph 4
Article 28 – paragraph 4
4. The Commission may, in accordance with Article 10 of Regulation (EU) No 1025/2012, request one or more European standardisation organisations to draft harmonised standards that satisfy the essential requirements under paragraph 1 of this Article. The standardisation shall take into account the needs of small and medium enterprises.
Amendment 1061 #
Proposal for a regulation
Article 29 – paragraph 4
Article 29 – paragraph 4
4. The Commission may, in accordance with Article 10 of Regulation (EU) No 1025/2012, request one or more European standardisation organisations to draft European standards applicable to specific service types of data processing services. The standardisation shall take into account the needs of small and medium-sized enterprises.
Amendment 1070 #
Proposal for a regulation
Article 30 – paragraph 1 – point a
Article 30 – paragraph 1 – point a
(a) robustness and access control: ensure that the smart contract has been designed to offer rigorous access control mechanisms and a very high degree of robustness to avoid functional errors and to withstand manipulation by third parties;
Amendment 1073 #
Proposal for a regulation
Article 30 – paragraph 1 – point c
Article 30 – paragraph 1 – point c
Amendment 1076 #
Proposal for a regulation
Article 30 – paragraph 1 – point d
Article 30 – paragraph 1 – point d
Amendment 1081 #
Proposal for a regulation
Article 30 – paragraph 2
Article 30 – paragraph 2
Amendment 1086 #
Proposal for a regulation
Article 30 – paragraph 4
Article 30 – paragraph 4
Amendment 1088 #
Proposal for a regulation
Article 30 – paragraph 5
Article 30 – paragraph 5
5. The Commission may, in accordance with Article 10 of Regulation (EU) No 1025/2012, request one or more European standardisation organisations to draft harmonised standards that satisfy the essential the requirements under paragraph 1 of this Article. The standardisation shall take into account the needs of small and medium enterprises.
Amendment 1090 #
Proposal for a regulation
Article 30 – paragraph 6
Article 30 – paragraph 6