BETA

183 Amendments of Adam JARUBAS related to 2022/0047(COD)

Amendment 101 #
Proposal for a regulation
Recital 7 a (new)
(7a) This Regulation complements and is without prejudice to the Union and national laws providing for the access to and enabling to use data for statistical purposes, in particular regulation 223/2009 on European Statistics and its related legal acts as well as national legal acts related to official statistics.
2022/11/16
Committee: IMCO
Amendment 109 #
Proposal for a regulation
Recital 14
(14) Physical products that obtain, generate or collect, by means of their components or embedded software, data concerning their performance, use or environment and that are able to communicate that data via a publicly available electronic communications service (often referred to as the Internet of Things) should be covered by this Regulation. Electronic communications services include land- based telephone networks, television cable networks, satellite-based networks and near-field communication networks. Such products may include vehicles, home equipment and consumer goods, medical and health devices or agricultural and industrial machinery. The data represent the digitalisation of user actions and events and should accordingly be accessible to the user, while information derived or inferred from this data, where lawfully held, should not be considered within scope of this Regulation. Such data are potentially valuable to the user and support innovation and the development of digital and other services protecting the environment, health and the circular economy, in particular though facilitating the maintenance and repair of the products in question.
2022/11/16
Committee: IMCO
Amendment 112 #
Proposal for a regulation
Recital 6
(6) Data generation is the result of the actions of at least two actors, the designer or manufacturer of a product and the user of that product. It gives rise to questions of fairness in the digital economy, because the data recorded by such products or related services are an important input for aftermarket, ancillary and other services. In order to realise the important economic benefits of data as a non-rival good for the economy and society, a general approach to assigning access and usage rights on data is preferable to awarding exclusive rights of access and use. However, it is also important that data sharing based on voluntary agreements continues to develop in order to facilitate the development of data-driven value growth of European companies.
2022/11/14
Committee: ITRE
Amendment 113 #
Proposal for a regulation
Recital 17
(17) Data generated by the use of a product or related service include data recorded intentionally by the user. Such data include also data generated as a by- product of the user’s action, such as diagnostics data, andsensor-generated data or data captured by embedded applications, and data recorded by a device without any action by the user, such as when the product is in ‘standby mode’, and data recorded during periods when the product is switched off. Such data should include data in the form and format in which they are generated by the product, but not pertain to data resulting from any software process that calculates derivative data from such data as such software process may be subject to intellectual property rights.
2022/11/16
Committee: IMCO
Amendment 113 #
Proposal for a regulation
Recital 7 a (new)
(7 a) This Regulation complements and is without prejudice to the Union and national laws providing for the access to and enabling to use data for statistical purposes, in particular regulation 223/2009 on European Statistics and its related legal acts as well as national legal acts related to official statistics.
2022/11/17
Committee: LIBE
Amendment 118 #
Proposal for a regulation
Recital 7 a (new)
(7 a) This Regulation complements and is without prejudice to the Union and national laws providing for the access to and enabling to use data for statistical purposes, in particular Regulation 223/2009 on European Statistics and its related legal acts as well as national legal acts related to official statistics.
2022/11/14
Committee: ITRE
Amendment 120 #
Proposal for a regulation
Recital 22
(22) Virtual assistants play an increasing role in digitising consumer environments and serve as an easy-to-use interface to play content, obtain information, or activate products including physical objects connected to the Internet of Things. Virtual assistants can act as a single gateway in, for example, a smart home environment and record significant amounts of relevant data on how users interact with products connected to the Internet of Things, including those manufactured by other parties and can replace the use of manufacturer-provided interfaces such as touchscreens or smart phone apps. The user may wish to make available such data with third party manufacturers and enable novel smart home services. Such virtual assistants should be covered by the data access right provided for in this Regulation also regarding data recorded before the virtual assistant’s activation by the wake word and data generated when a user interacts with a product via a virtual assistant provided by an entity other than the manufacturer of the product if such data are collected. However, only the data stemming from the interaction between the user and product through the virtual assistant falls within the scope of this Regulation. Data produced by the virtual assistant unrelated to the use of a product is not the object of this Regulation.
2022/11/16
Committee: IMCO
Amendment 126 #
Proposal for a regulation
Recital 14
(14) Physical products that obtain, generate or collect, by means of their components or embedded software, data concerning their performance, use or environment and that are able to communicate that data via a publicly available electronic communications service (often referred to as the Internet of Things) should be covered by this Regulation. Electronic communications services include land- based telephone networks, television cable networks, satellite-based networks and near-field communication networks. Such products may include vehicles, home equipment and consumer goods, medical and health devices or agricultural and industrial machinery. The data represent the digitalisation of user actions and events and should accordingly be accessible to the user, while information derived or inferred from this data, where lawfully held, should not be considered within scope of this Regulation. Such data are potentially valuable to the user and support innovation and the development of digital and other services protecting the environment, health and the circular economy, in particular though facilitating the maintenance and repair of the products in question.
2022/11/17
Committee: LIBE
Amendment 128 #
Proposal for a regulation
Recital 17
(17) Data generated by the use of a product or related service include data recorded intentionally by the user. Such data include also data generated as a by- product of the user’s action, such as diagnostics data, andsensor-generated data or data captured by embedded applications, and data recorded by a device without any action by the user, such as when the product is in ‘standby mode’, and data recorded during periods when the product is switched off. Such data should include data in the form and format in which they are generated by the product, but not pertain to data resulting from any software process that calculates derivative data from such data as such software process may be subject to intellectual property rights.
2022/11/17
Committee: LIBE
Amendment 132 #
Proposal for a regulation
Recital 14
(14) Physical products that obtain, generate or collect, by means of their components or embedded software, data concerning their performance, use or environment and that are able to communicate that data via a publicly available electronic communications service (often referred to as the Internet of Things) should be covered by this Regulation. Electronic communications services include land- based telephone networks, television cable networks, satellite-based networks and near-field communication networks. Such products may include vehicles, home equipment and consumer goods, medical and health devices or agricultural and industrial machinery. The data represent the digitalisation of user actions and events and should accordingly be accessible to the user, while information derived or inferred from this data, where lawfully held, should not be considered within scope of this Regulation. Such data are potentially valuable to the user and support innovation and the development of digital and other services protecting the environment, health and the circular economy, in particular though facilitating the maintenance and repair of the products in question.
2022/11/14
Committee: ITRE
Amendment 134 #
Proposal for a regulation
Recital 22
(22) Virtual assistants play an increasing role in digitising consumer environments and serve as an easy-to-use interface to play content, obtain information, or activate products including physical objects connected to the Internet of Things. Virtual assistants can act as a single gateway in, for example, a smart home environment and record significant amounts of relevant data on how users interact with products connected to the Internet of Things, including those manufactured by other parties and can replace the use of manufacturer-provided interfaces such as touchscreens or smart phone apps. The user may wish to make available such data with third party manufacturers and enable novel smart home services. Such virtual assistants should be covered by the data access right provided for in this Regulation also regarding data recorded before the virtual assistant’s activation by the wake word and data generated when a user interacts with a product via a virtual assistant provided by an entity other than the manufacturer of the product if such data are collected. However, only the data stemming from the interaction between the user and product through the virtual assistant falls within the scope of this Regulation. Data produced by the virtual assistant unrelated to the use of a product is not the object of this Regulation.
2022/11/17
Committee: LIBE
Amendment 138 #
Proposal for a regulation
Recital 15
(15) In contrast, certain products that are primarily designed to display or play content, or to record and transmit content, amongst others for the use by an online service should not be covered by this Regulation. Such products include, for example, personal computers, servers, tablets and smart phones, cameras, webcams, sound recording systems and text scanners. They require human input to produce various forms of content, such as text documents, sound files, video files, games, digital maps. Likewise defence related products as defined in Article 3(1) of Directive 2009/43 should not be covered by this Regulation.
2022/11/14
Committee: ITRE
Amendment 151 #
Proposal for a regulation
Recital 17
(17) Data generated by the use of a product or related service include data recorded intentionally by the user. Such data include also data generated as a by- product of the user’s action, such as diagnostics data, andsensor-generated data or data captured by embedded applications, and data recorded by a device without any action by the user, such as when the product is in ‘standby mode’, and data recorded during periods when the product is switched off. Such data should include data in the form and format in which they are generated by the product, but not pertain to data resulting from any software process that calculates derivative data from such data as such software process may be subject to intellectual property rights.
2022/11/14
Committee: ITRE
Amendment 156 #
Proposal for a regulation
Recital 18
(18) The user of a product should be understood as the legal or natural person, such as a business or consumer or public sector body, which has purchased, rented or leased the product on other than short- term basis. Depending on the legal title under which he uses it, such a user bears the risks and enjoys the benefits of using the connected product and should enjoy also the access to the data it generates. The user should therefore be entitled to derive benefit from data generated by that product and any related service. An owner, renter or lessee should equally be considered as user, including when several entities can be considered as users. In the context of multiple users, each user may contribute in a different manner to the data generation and can have an interest in several forms of use.
2022/11/14
Committee: ITRE
Amendment 177 #
Proposal for a regulation
Recital 22
(22) Virtual assistants play an increasing role in digitising consumer environments and serve as an easy-to-use interface to play content, obtain information, or activate products including physical objects connected to the Internet of Things. Virtual assistants can act as a single gateway in, for example, a smart home environment and record significant amounts of relevant data on how users interact with products connected to the Internet of Things, including those manufactured by other parties and can replace the use of manufacturer-provided interfaces such as touchscreens or smart phone apps. The user may wish to make available such data with third party manufacturers and enable novel smart home services. Such virtual assistants should be covered by the data access right provided for in this Regulation also regarding data recorded before the virtual assistant’s activation by the wake word and data generated when a user interacts with a product via a virtual assistant provided by an entity other than the manufacturer of the product if such data are collected. However, only the data stemming from the interaction between the user and product through the virtual assistant falls within the scope of this Regulation. Data produced by the virtual assistant unrelated to the use of a product is not the object of this Regulation.
2022/11/14
Committee: ITRE
Amendment 179 #
Proposal for a regulation
Recital 23
(23) Before concluding a contract for the purchase, rent, or lease of a product or the provision of a related service, clear and sufficient information should be provided to the user on how the data generated may be accessed. This obligation provides transparency over the data generated and enhances the easy access for the user. This obligation to provide information does not affect the obligation for the controller to provide information to the data subject pursuant to Article 12, 13 and 14 of Regulation 2016/679. The data holder cannot be expected to store the data indefinitely in view of the needs of the user of the product, but should however implement a reasonable data retention policy that allows for the effective application of the data access rights under this Regulation
2022/11/14
Committee: ITRE
Amendment 180 #
Proposal for a regulation
Recital 71
(71) Data processing services should cover services that allow on-demand and broad remote access to a scalable and elastic pool of shareable and distributed computing resources. Those computing resources include resources such as networks, servers or other virtual or physical infrastructure, operating systems, software, including software development tools, storage, applications and services. The capability of the customer of the data processing service to unilaterally self- provision computing capabilities, such as server time or network storage, without any human interaction by the service provider could be described as on-demand administration. The term ‘broad remote access’ is used to describe that the computing capabilities are provided over the network and accessed through mechanisms promoting the use of heterogeneous thin or thick client platforms (from web browsers to mobile devices and workstations). The term ‘scalable’ refers to computing resources that are flexibly allocated by the data processing service provider, irrespective of the geographical location of the resources, in order to handle fluctuations in demand. The term ‘elastic pool’ is used to describe those computing resources that are provisioned and released according to demand in order to rapidly increase or decrease resources available depending on workload. The term ‘shareable’ is used to describe those computing resources that are provided to multiple users who share a common access to the service, but where the processing is carried out separately for each user, although the service is provided from the same electronic equipment. The term ‘distributed’ is used to describe those computing resources that are located on different networked computers or devices and which communicate and coordinate among themselves by message passing. The term ‘highly distributed’ is used to describe data processing services that involve data processing closer to where data are being generated or collected, for instance in a connected data processing device. Edge computing, which is a form of such highly distributed data processing, is expected to generate new business models and cloud service delivery models, which should be open and interoperable from the outset. However, in order to avoid imposing overly broad obligations, a service should not be considered data processing service where enabling on- demand administration and broad remote access to a scalable and elastic pool of shareable computing resources of a centralised, distributed or highly distributed nature is merely a minor and purely ancillary feature of another service. For example, this should not apply to online platforms within the meaning of the Digital Services Act where data storing is merely a minor and purely ancillary feature of another service such as social networks or online marketplaces
2022/11/16
Committee: IMCO
Amendment 193 #
Proposal for a regulation
Recital 71
(71) Data processing services should cover services that allow on-demand and broad remote access to a scalable and elastic pool of shareable and distributed computing resources. Those computing resources include resources such as networks, servers or other virtual or physical infrastructure, operating systems, software, including software development tools, storage, applications and services. The capability of the customer of the data processing service to unilaterally self- provision computing capabilities, such as server time or network storage, without any human interaction by the service provider could be described as on-demand administration. The term ‘broad remote access’ is used to describe that the computing capabilities are provided over the network and accessed through mechanisms promoting the use of heterogeneous thin or thick client platforms (from web browsers to mobile devices and workstations). The term ‘scalable’ refers to computing resources that are flexibly allocated by the data processing service provider, irrespective of the geographical location of the resources, in order to handle fluctuations in demand. The term ‘elastic pool’ is used to describe those computing resources that are provisioned and released according to demand in order to rapidly increase or decrease resources available depending on workload. The term ‘shareable’ is used to describe those computing resources that are provided to multiple users who share a common access to the service, but where the processing is carried out separately for each user, although the service is provided from the same electronic equipment. The term ‘distributed’ is used to describe those computing resources that are located on different networked computers or devices and which communicate and coordinate among themselves by message passing. The term ‘highly distributed’ is used to describe data processing services that involve data processing closer to where data are being generated or collected, for instance in a connected data processing device. Edge computing, which is a form of such highly distributed data processing, is expected to generate new business models and cloud service delivery models, which should be open and interoperable from the outset. However, in order to avoid imposing overly broad obligations, a service should not be considered data processing service where enabling on- demand administration and broad remote access to a scalable and elastic pool of shareable computing resources of a centralised, distributed or highly distributed nature is merely a minor and purely ancillary feature of another service. For example, this should not apply to online platforms within the meaning of the Digital Services Act where data storing is merely a minor and purely ancillary feature of another service such as social networks or online marketplaces.
2022/11/17
Committee: LIBE
Amendment 209 #
Proposal for a regulation
Recital 29
(29) A third party to whom data is made available may be an enterprise, a research organisation or a not-for-profit organisation. In making the data available to the third party, the data holder nor the third party should not abuse its position to seek a competitive advantage in markets where the data holder and third party may be in direct competition. TNeither the data holder nor the third party should not therefore use any data generated by the use of the product or related service in order to derive insights about the economic situation of the data holder and third party or its assets or production methods or the use in any other way that could undermine the commercial position of the data holder or third party on the markets it is active on. Data intermediation services [as regulated by Regulation (EU) 2022/868] may support users or third parties in establishing a commercial relation for any lawful purpose on the basis of data of products in scope of this Regulation e.g. by acting on behalf of a user. They could play an instrumental role in aggregating access to data from a large number of individual users so that big data analyses or machine learning can be facilitated, as long as such users remain in full control on whether to contribute their data to such aggregation and the commercial terms under which their data will be used.
2022/11/14
Committee: ITRE
Amendment 213 #
3. Union law on the protection of personal data, privacy and confidentiality of communications and integrity of terminal equipment shall apply to personal data processed in connection with the rights and obligations laid down in this Regulation. This Regulation shall not affect the applicability of Union law on the protection of personal data, in particular Regulation (EU) 2016/679 and Directive 2002/58/EC, including the powers and competences of supervisory authorities. Insofar as the rights laid down in Chapter II of this Regulation are concerned, and where users are the data subjects of personal data subject to the rights and obligations under that Chapter, the provisions of this Regulation shall complement the right of data portability under Article 20 of Regulation (EU) 2016/679. In the event of a conflict between this Regulation and Union law on the protection of personal data or national law adopted in accordance with such Union law, the relevant Union or national law on the protection of personal data shall prevail.
2022/11/17
Committee: LIBE
Amendment 218 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 a (new)
(1a) ‘data generated by the use of a product or a related service’ means any data recorded intentionally by the user or as a by-product of the user’s action, as well as data generated or recorded without any action by the user among others in stand by mode or while the product is switched off. This includes sensor-generated data, data captured by embedded applications and diagnostics data.
2022/11/16
Committee: IMCO
Amendment 222 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 a (new)
(1 a) ‘data generated by the use of a product or a related service’ means any data recorded intentionally by the user or as a by-product of the user’s action, as well as data generated or recorded without any action by the user among others in standby mode or while the product is switched off. This includes sensor-generated data, data captured by embedded applications and diagnostics data;
2022/11/17
Committee: LIBE
Amendment 223 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 b (new)
(1b) Diagnostic data is data that is the product of diagnostics functions or algorithms which provide information on the correct functioning and performance of the product and potential malfunctions
2022/11/16
Committee: IMCO
Amendment 226 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 b (new)
(1 b) 'diagnostic data' is data that is the product of diagnostics functions or algorithms which provide information on the correct functioning and performance of the product and potential malfunctions;
2022/11/17
Committee: LIBE
Amendment 236 #
Proposal for a regulation
Recital 37
(37) GThis Regulation does not prevent micro and small enterprises to participate in the data sharing practices, however given the current state of technology, it is overly burdensome to impose further design obligations in relation to products manufactured or designed and related services provided by micro and small enterprises. That is not the case, however, wWhere a micro or small enterprise is sub- contracted to manufacture or design a product. In such situations, the enterprise, which has sub-contracted to the micro or small enterprise, is able to compensate the sub-contractor appropriately. A micro or small enterprise may nevertheless be subject to the requirements laid down by this Regulation as data holder, where it is not the manufacturer of the product or a provider of related services. In order to increase the participation of micro and small enterprises in the data economy, Member States should provide digital training and guidance to such enterprises.
2022/11/14
Committee: ITRE
Amendment 241 #
Proposal for a regulation
Article 2 – paragraph 1 – point 6
(6) ‘data holder’ means a legal or natural person who: i) has the right or obligation, in accordance with this Regulation, applicable Union law or national legislation implementing Union law, orto make available data generated by products or related services, or ii) in the case of non-personal data and through control of the technical design of the product and related services, has the ability, to make available certain data;
2022/11/16
Committee: IMCO
Amendment 242 #
Proposal for a regulation
Article 2 – paragraph 1 – point 6
(6) ‘data holder’ means a legal or natural person who: (i) has the right or obligation, in accordance with this Regulation, applicable Union law or national legislation implementing Union law, orto make available data generated by products or related services, or (ii) in the case of non-personal data and through control of the technical design of the product and related services, has the ability, to make available certain data;
2022/11/17
Committee: LIBE
Amendment 246 #
Proposal for a regulation
Recital 41
(41) Any agreement concluded in business-to-business relations for making the data available should not discriminate between comparable categories of data recipients, independently whether they are large companies or micro, small or medium-sized enterprises. In order to compensate for the lack of information on the conditions of different contracts, which makes it difficult for the data recipient to assess if the terms for making the data available are non- discriminatory, it should be on the data holder to demonstrate that a contractual term is not discriminatory. It is not unlawful discrimination, where a data holder uses different contractual terms for making data available or different compensation, if those differences are justified by objective reasons. These obligations are without prejudice to Regulation (EU) 2016/679.
2022/11/14
Committee: ITRE
Amendment 253 #
Proposal for a regulation
Recital 42 a (new)
(42 a) Such reasonable compensation may include firstly the costs incurred and investment required for making the data available. These costs can be technical costs, such as the costs necessary for data reproduction, dissemination via electronic means and storage, but not of data collection or production. Such technical costs could include also the costs for processing, necessary to make data available. Costs related to making the data available may also include the costs of organising answers to concrete data sharing requests. They may also vary depending on the arrangements taken for making the data available. Long-term arrangements between data holders and data recipients, for instance via a subscription model or the use of smart contracts, could reduce the costs in regular or repetitive transactions in a business relationship. Costs related to making data available are either specific to a particular request or shared with other requests. In the latter case, a single data recipient should not pay the full costs of making the data available. Reasonable compensation may include secondly a margin. Such margin may vary depending on factors related to the data itself, such as volume, format or nature of the data, or on the supply of and demand for the data. It may consider the costs for collecting the data. The margin may therefore decrease where the data holder has collected the data for its own business without significant investments or may increase where the investments in the data collection for the purposes of the data holder’s business are high. The margin may also depend on the follow-on use of the data by the data recipient. It may be limited or even excluded in situations where the use of the data by the data recipient does not affect the own activities of the data holder. The fact that the data is co-generated by the user could also lower the amount of the compensation in comparison to other situations where the data are generated exclusively by the data holder.
2022/11/14
Committee: ITRE
Amendment 255 #
Proposal for a regulation
Article 2 – paragraph 1 – point 12
(12) ‘data processing service’ means a digital service other than an online content service as defined in Article 2(5) of Regulation (EU) 2017/1128, provided to a customer, which as its main feature enables on-demand administration and broad remote access to a scalable and elastic pool of shareable computing resources of a centralised, distributed or highly distributed nature;
2022/11/16
Committee: IMCO
Amendment 255 #
Proposal for a regulation
Article 2 – paragraph 1 – point 12
(12) ‘data processing service’ means a digital service other than an online content service as defined in Article 2(5) of Regulation (EU) 2017/1128, provided to a customer, which as its main feature enables on-demand administration and broad remote access to a scalable and elastic pool of shareable computing resources of a centralised, distributed or highly distributed nature;
2022/11/17
Committee: LIBE
Amendment 259 #
Proposal for a regulation
Article 2 – paragraph 1 – point 20 a (new)
(20 a) 'official statistics' means European statistics according to Regulation 223/2009 and statistics considered official according to national legislation;
2022/11/17
Committee: LIBE
Amendment 264 #
Proposal for a regulation
Article 3 – paragraph 1
1. Products shall be designed and manufactured, and related services shall be provided, in such a manner that data generated by their use are, by default, easily, securely and, where relevant and appropriate, directly accessible to the user, including the user with special needs.
2022/11/17
Committee: LIBE
Amendment 266 #
Proposal for a regulation
Article 3 – paragraph 1 a (new)
1 a. The data holder may reject the request for data if access to the data is restricted by Union law or national law.
2022/11/17
Committee: LIBE
Amendment 267 #
Proposal for a regulation
Article 3 – paragraph 1 b (new)
1 b. The user may grant or withdraw at any time consent for the data holder to the use of their data or to the third party nominated by the data holder.
2022/11/17
Committee: LIBE
Amendment 273 #
Proposal for a regulation
Article 2 – paragraph 1 – point 20 a (new)
(20a) 'official statistics' means European statistics according to Regulation 223/2009 and statistics considered official according to national legislation.
2022/11/16
Committee: IMCO
Amendment 274 #
i) The data holder shall provide information on the data structures, data formats, vocabularies, classification schemes, taxonomies and code lists, where available, which shall be described in a publicly available and consistent manner.
2022/11/17
Committee: LIBE
Amendment 275 #
Proposal for a regulation
Article 3 – paragraph 2 – point c – point ii (new)
ii) The technical means to access the data, such as Software Development Kits or application programming interfaces, and their terms of use and quality of service shall be sufficiently described to enable the development of such means of access.
2022/11/17
Committee: LIBE
Amendment 280 #
Proposal for a regulation
Article 3 – paragraph 2 a (new)
2 a. Where on-device access is technically supported, the manufacturer shall make this means of access also available to third-party service providers in a non-discriminatory manner.
2022/11/17
Committee: LIBE
Amendment 281 #
Proposal for a regulation
Recital 56
(56) In situations of exceptional need, it may be necessary for public sector bodies or Union institutions, agencies or bodies to use data held by an enterprise to respond to public emergencies or in other exceptional cases. Exceptional needs are circumstances which are unforeseeable and limited in time. Research-performing organisations and research-funding organisations could also be organised as public sector bodies or bodies governed by public law. To limit the burden on businesses, micro and small enterprises should be exempted from the obligation to provide public sector bodies and Union institutions, agencies or bodies data in situations of exceptional need.
2022/11/14
Committee: ITRE
Amendment 281 #
Proposal for a regulation
Article 4 – paragraph 1
1. Where data cannot be directly accessed by the user from the product, the data holder shall make available to the user the data generated by its use of a product or related service without undue delay, free of charge and, where applicable, continuously and in real-time. This shall be done on the basis of a simple request through electronic means where technically feasible. In case when filing a request via electronic channels is not possible or limited by a disability, the data holder shall enable other forms of request that are appropriate for persons with communication problems.
2022/11/17
Committee: LIBE
Amendment 282 #
Proposal for a regulation
Article 3 – paragraph 1
1. Products shall be designed and manufactured, and related services shall be provided, in such a manner that data generated by their use are, by default, easily, securely and, where relevant and appropriate, directly accessible to the user, including the user with special needs.
2022/11/16
Committee: IMCO
Amendment 285 #
Proposal for a regulation
Article 4 – paragraph 1 a (new)
1 a. The data holder may reject the request for data if access to the data is restricted by Union law or national law.
2022/11/17
Committee: LIBE
Amendment 286 #
Proposal for a regulation
Article 3 – paragraph 1 a (new)
1 a. The data holder may reject the request for data if access to the data is restricted by Union law or national law.
2022/11/16
Committee: IMCO
Amendment 286 #
Proposal for a regulation
Article 4 – paragraph 3
3. Trade secrets shall only be disclosed provided that all specific necessary measures are taken to preserve the confidentiality of trade secrets in particular with respect to third parties. The data holder and the user can agree measures to preserve the confidentiality of the shared data, in particular in relation to third parties. The right to request the data referred to in paragraph 1 shall not adversely affect the rights and freedoms of others, including the rights protected under Directive (EU)2016/943.
2022/11/17
Committee: LIBE
Amendment 290 #
Proposal for a regulation
Article 3 – paragraph 1 b (new)
1b. The user may grant or withdraw at any time consent for the data holder to the use of their data or to the third party nominated by the data holder
2022/11/16
Committee: IMCO
Amendment 299 #
Proposal for a regulation
Article 5 – paragraph 1 a (new)
1 a. The data holder may reject the request for data if access to the data is restricted by Union law or national law.
2022/11/17
Committee: LIBE
Amendment 301 #
Proposal for a regulation
Article 3 – paragraph 2 – point c a (new)
(ca) The data holder shall provide information on the data structures, data formats, vocabularies, classification schemes, taxonomies and code lists, where available, which shall be described in a publicly available and consistent manner.
2022/11/16
Committee: IMCO
Amendment 302 #
Proposal for a regulation
Article 3 – paragraph 2 – point c b (new)
(cb) The technical means to access the data, such as Software Development Kits or application programming interfaces, and their terms of use and quality of service shall be sufficiently described to enable the development of such means of access.
2022/11/16
Committee: IMCO
Amendment 310 #
8. Trade secrets shall only be disclosed to third parties to the extent that they are strictly necessary to fulfil the purpose agreed between the user and the third party and all specific necessary measures agreed between the data holder and the third party are taken by the third party to preserve the confidentiality of the trade secret. In such a case, the nature of the data as trade secrets and the measures for preserving the confidentiality shall be specified in the agreement between the data holder and the third party. The right to request the data referred to in paragraph 1 shall not adversely affect the rights and freedoms of others, including the rights protected under Directive (EU)2016/943.
2022/11/17
Committee: LIBE
Amendment 313 #
Proposal for a regulation
Article 3 – paragraph 2 a (new)
2a. Where on-device access is technically supported, the manufacturer shall make this means of access also available to third-party service providers in a non-discriminatory manner.
2022/11/16
Committee: IMCO
Amendment 315 #
Proposal for a regulation
Recital 64
(64) Where it is strictly necessary to include personal data in the data made available to a public sector body or to a Union institution, agency or body the applicable rules on personal data protection should be complied with and the making available of the data and their subsequent use should and be accompanied by safeguards for the rights and interests of individuals concerned by those data. The body requesting the data should demonstrate the strict necessity and the specific and limited purposes for processing. The data holder should take reasonable efforts to anonymise the data or, where such anonymisation proves impossible, the data holder should apply technological means such as pseudonymisation and aggregation, prior to making the data available.deleted
2022/11/14
Committee: ITRE
Amendment 317 #
Proposal for a regulation
Article 4 – paragraph 1
1. Where data cannot be directly accessed by the user from the product, the data holder shall make available to the user the data generated by its use of a product or related service without undue delay, free of charge and, where applicable, continuously and in real-time. This shall be done on the basis of a simple request through electronic means where technically feasible. In case when filing a request via electronic channels is not possible or limited by a disability, the data holder shall enable other forms of request that are appropriate for persons with communication problems.
2022/11/16
Committee: IMCO
Amendment 320 #
Proposal for a regulation
Article 4 – paragraph 1 a (new)
1a. The data holder may reject the request for data if access to the data is restricted by Union law or national law.
2022/11/16
Committee: IMCO
Amendment 327 #
Proposal for a regulation
Article 5 – paragraph 1 a (new)
1a. The data holder may reject the request for data if access to the data is restricted by Union law or national law.
2022/11/16
Committee: IMCO
Amendment 331 #
Proposal for a regulation
Recital 71
(71) Data processing services should cover services that allow on-demand and broad remote access to a scalable and elastic pool of shareable and distributed computing resources. Those computing resources include resources such as networks, servers or other virtual or physical infrastructure, operating systems, software, including software development tools, storage, applications and services. The capability of the customer of the data processing service to unilaterally self- provision computing capabilities, such as server time or network storage, without any human interaction by the service provider could be described as on-demand administration. The term ‘broad remote access’ is used to describe that the computing capabilities are provided over the network and accessed through mechanisms promoting the use of heterogeneous thin or thick client platforms (from web browsers to mobile devices and workstations). The term ‘scalable’ refers to computing resources that are flexibly allocated by the data processing service provider, irrespective of the geographical location of the resources, in order to handle fluctuations in demand. The term ‘elastic pool’ is used to describe those computing resources that are provisioned and released according to demand in order to rapidly increase or decrease resources available depending on workload. The term ‘shareable’ is used to describe those computing resources that are provided to multiple users who share a common access to the service, but where the processing is carried out separately for each user, although the service is provided from the same electronic equipment. The term ‘distributed’ is used to describe those computing resources that are located on different networked computers or devices and which communicate and coordinate among themselves by message passing. The term ‘highly distributed’ is used to describe data processing services that involve data processing closer to where data are being generated or collected, for instance in a connected data processing device. Edge computing, which is a form of such highly distributed data processing, is expected to generate new business models and cloud service delivery models, which should be open and interoperable from the outset. However, in order to avoid imposing overly broad obligations, a service should not be considered data processing service where enabling on- demand administration and broad remote access to a scalable and elastic pool of shareable computing resources of a centralised, distributed or highly distributed nature is merely a minor and purely ancillary feature of another service. For example, this should not apply to online platforms within the meaning of the Digital Services Act where data storing is merely a minor and purely ancillary feature of another service such as social networks or online marketplaces
2022/11/14
Committee: ITRE
Amendment 338 #
Proposal for a regulation
Article 8 – paragraph 6
6. Unless otherwise provided by Union law, including Article 6 of this Regulation, or by national legislation implementing Union law, an obligation to make data available to a data recipient shall not oblige the disclosureWhile the obligation to make data available as provided by Union law, including Articles 4(3), 5(8), Article 6 and Article 19(2) of this Regulation, or by national legislation implementing Union law, shall be effective, this Regulationshall not question the protection of trade secrets as such and that the access is only granted under measures that warrant for the protection of trade secrets within the meaning of Directive (EU) 2016/943.
2022/11/17
Committee: LIBE
Amendment 341 #
Proposal for a regulation
Recital 80
(80) To promote the interoperability of smart contracts in data sharing applications, it is necessary to lay down essential requirements for smart contracts for professionals who create smart contracts for others or integrate such smart contracts in applications that support the implementation of agreements for sharing data. Specific training programmes on smart contracts for businesses, in particular SMEs, In order to facilitate the conformity of such smart contracts with those essential requirements, it is necessary to provide for a presumption of conformity for smart contracts that meet harmonised standards or parts thereof in accordance with Regulation (EU) No 1025/2012 of the European Parliament and of the Council.
2022/11/14
Committee: ITRE
Amendment 343 #
Proposal for a regulation
Article 9 – paragraph 2
2. Where the data recipient is a micro, small or medium enterprise, as defined in Article 2 of the Annex to Recommendation 2003/361/EC, anyAny reasonable compensation agreed shall not exceed the costs directly related to making the data available to the data recipient and which are attributable to the request. These costs include the costs necessary for data reproduction, dissemination via electronic means and storage, but not of data collection or production. Article 8(3) shall apply accordingly.
2022/11/17
Committee: LIBE
Amendment 350 #
Proposal for a regulation
Article 11 – paragraph 1
1. The data holder may apply appropriate technical protection measures, including smart contracts, to prevent unauthorised access to the data and to ensure compliance with Articles 5, 6, 9 and 10, as well as with the agreed contractual terms for making data available. Such technical protection measures shall not be used as a means to discriminate or hinder the user’s right to effectively provide data to third parties pursuant to Article 5 or any right of a third party under Union law or national legislation implementing Union law as referred to in Article 8(1).
2022/11/17
Committee: LIBE
Amendment 360 #
Proposal for a regulation
Article 13 – paragraph 1
1. A contractual term, concerning the access to and use of data or the liability and remedies for the breach or the termination of data related obligations which has been unilaterally imposed by an enterprise on a micro, small or medium-sized enterprise as defined in Article 2 of the Annex to Recommendation 2003/361/EC or which has been unilaterally imposed by an enterprise which is the source of the data they hold shall not be binding on the latter enterprise, the data recipient or user, respectively, if it is unfair.
2022/11/17
Committee: LIBE
Amendment 372 #
Proposal for a regulation
Article 9 – paragraph 2
2. Where the data recipient is a micro, small or medium enterprise, as defined in Article 2 of the Annex to Recommendation 2003/361/EC, anyAny reasonable compensation agreed shall not exceed the costs directly related to making the data available to the data recipient and which are attributable to the request. These costs include the costs necessary for data reproduction, dissemination via electronic means and storage, but not of data collection or production. Article 8(3) shall apply accordingly.
2022/11/16
Committee: IMCO
Amendment 380 #
Proposal for a regulation
Article 1 – paragraph 3
3. Union law on the protection of personal data, privacy and confidentiality of communications and integrity of terminal equipment shall apply to personal data processed in connection with the rights and obligations laid down in this Regulation. This Regulation shall not affect the applicability of Union law on the protection of personal data, in particular Regulation (EU) 2016/679 and Directive 2002/58/EC, including the powers and competences of supervisory authorities. Insofar as the rights laid down in Chapter II of this Regulation are concerned, and where users are the data subjects of personal data subject to the rights and obligations under that Chapter, the provisions of this Regulation shall complement the right of data portability under Article 20 of Regulation (EU) 2016/679. In the event of a conflict between this Regulation and Union law on the protection of personal data or national law adopted in accordance with such Union law, the relevant Union or national law on the protection of personal data shall prevail.
2022/11/14
Committee: ITRE
Amendment 381 #
Proposal for a regulation
Article 15 – paragraph 1 – point c – point 2
(2) obtaining the data in line with the procedure laid down in this Chapter would substantively reduce the administrative burden for data holders or other enterprises.; or
2022/11/17
Committee: LIBE
Amendment 382 #
Proposal for a regulation
Article 15 – paragraph 1 – point c – point 2 a (new)
(2 a) obtaining data is necessary for official statistics purposes;
2022/11/17
Committee: LIBE
Amendment 386 #
Proposal for a regulation
Article 11 – paragraph 1
1. The data holder may apply appropriate technical protection measures, including smart contracts, to prevent unauthorised access to the data and to ensure compliance with Articles 5, 6, 9 and 10, as well as with the agreed contractual terms for making data available. Such technical protection measures shall not be used as a means to discriminate or hinder the user’s right to effectively provide data to third parties pursuant to Article 5 or any right of a third party under Union law or national legislation implementing Union law as referred to in Article 8(1).
2022/11/16
Committee: IMCO
Amendment 386 #
Proposal for a regulation
Article 16 – paragraph 1
1. This Chapter shall not affect obligations laid down in Union or national law for the purposes of reporting, complying with information requests or demonstrating or verifying compliance with legal obligations including official statistics purposes.
2022/11/17
Committee: LIBE
Amendment 393 #
Proposal for a regulation
Article 13 – paragraph 1
1. A contractual term, concerning the access to and use of data or the liability and remedies for the breach or the termination of data related obligations which has been unilaterally imposed by an enterprise on a micro, small or medium-sized enterprise as defined in Article 2 of the Annex to Recommendation 2003/361/EC or which has been unilaterally imposed by an enterprise which is the source of the data they hold shall not be binding on the latter enterprise, the data recipient or user, respectively, if it is unfair.
2022/11/16
Committee: IMCO
Amendment 404 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 a (new)
(1 a) ‘data generated by the use of a product or a related service’ means any data recorded intentionally by the user or as a by-product of the user’s action, as well as data generated or recorded without any action by the user among others in standby mode or while the product is switched off. This includes sensor-generated data, data captured by embedded applications and diagnostics data.
2022/11/14
Committee: ITRE
Amendment 407 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 b (new)
(1 b) ‘diagnostic data’ means data that is the product of diagnostics functions or algorithms which provide information on the correct functioning and performance of the product and potential malfunctions;
2022/11/14
Committee: ITRE
Amendment 409 #
Proposal for a regulation
Article 18 – paragraph 5
5. Where compliance with the request to make data available to a public sector body or a Union institution, agency or body requires the disclosure of personal data, the data holder shall take reasonable efforts to pseudonymise the data, insofar as the request can be fulfilled with pseudonymised data.
2022/11/17
Committee: LIBE
Amendment 419 #
Proposal for a regulation
Article 19 – paragraph 1 – point c
(c) destroy the data as soon as they are no longer necessary for the stated purpose and inform the data holder that the data have been destroyed. Official statistics authorities are exempted from the latter obligation.
2022/11/17
Committee: LIBE
Amendment 425 #
Proposal for a regulation
Article 15 – paragraph 1 – point c – point 2
(2) obtaining the data in line with the procedure laid down in this Chapter would substantively reduce the administrative burden for data holders or other enterprises.; or
2022/11/16
Committee: IMCO
Amendment 426 #
Proposal for a regulation
Article 15 – paragraph 1 – point c – point 2 a (new)
(2a) obtaining data is necessary for official statistics purposes;
2022/11/16
Committee: IMCO
Amendment 428 #
Proposal for a regulation
Article 16 – paragraph 1
1. This Chapter shall not affect obligations laid down in Union or national law for the purposes of reporting, complying with information requests or demonstrating or verifying compliance with legal obligations including official statistics purposes..
2022/11/16
Committee: IMCO
Amendment 431 #
Proposal for a regulation
Article 21 – paragraph 4
4. Where a public sector body or a Union institution, agency or body transmits or makes data available under paragraph 1, it shall notify the data holder from whom the data was received. The notification should include the identity and the contact details of individuals or organisations receiving the data pursuant to paragraph 1, the purposes of data processing and the period for which the data will be stored.
2022/11/17
Committee: LIBE
Amendment 432 #
Proposal for a regulation
Article 21 – paragraph 4 a (new)
4 a. After receiving a notification based on art. 21 par. 4, the data holder has the right to object to transmitting or making available data that was received from him or her within 10 days.
2022/11/17
Committee: LIBE
Amendment 435 #
Proposal for a regulation
Article 23 – paragraph 1 – introductory part
1. Providers of a data processing service shall take the measures provided for in Articles 24, 25 and 26 to ensure, in terms of factors on their service side, that customers of their service can switch to another data processing service, covering the same service type, which is provided by a different service provider. In particular, providers of data processing service shall remove commercial, technical, contractual and organisational obstacles, which inhibit customers from:
2022/11/17
Committee: LIBE
Amendment 436 #
Proposal for a regulation
Article 23 – paragraph 1 – point a
(a) terminating, after a maximum notice period of 30 calendar days, the contractual agreement of the service, without prejudice to any financial commitments made by the customer regarding the service;
2022/11/17
Committee: LIBE
Amendment 437 #
Proposal for a regulation
Article 2 – paragraph 1 – point 6
(6) ‘data holder’ means a legal or natural person who has the right or obligation, in accordance with this Regulation, applicable Union law or national legislation implementing Union law, or in the case of non-personalto make available certain data or can enable access to the data and through control of the technical design of the product and related services, the ability, to make available certainr means of access, in the case of non-personal data;.
2022/11/14
Committee: ITRE
Amendment 438 #
Proposal for a regulation
Article 24 – paragraph 1 – introductory part
1. The rights of the customer and the obligations of the provider of a data processing service in relation to switching between providers of such services shall be clearly set out in a written contractand made available to the customer in advance of that customer accepting terms and conditions of the service priori to signing up to the service of the provider. Without prejudice to Directive (EU) 2019/770, that contracte information to be provided to the customer and the terms and conditions of the service shall include at least the following:
2022/11/17
Committee: LIBE
Amendment 440 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – introductory part
(a) clauses allowing the customer, upon request, to switch to a data processing service offered by another provider of data processing service or to port all data, applications and digital assets generated directly or indirectly byby the customer or which is uniquely relate to theat customers own usage of the service, to an on-premise system, in particular the establishment of a mandatory maximum transition period of 360 calendar days, during which the data processing service provider shall execute and provide clear information concerning:
2022/11/17
Committee: LIBE
Amendment 441 #
Proposal for a regulation
Article 2 – paragraph 1 – point 6
(6) ‘data holder’ means a legal or natural person who: (i) has the right or obligation, in accordance with this Regulation, applicable Union law or national legislation implementing Union law, orto make available data generated by products or related services, or (ii) in the case of non-personal data and through control of the technical design of the product and related services, has the ability, to make available certain data;
2022/11/14
Committee: ITRE
Amendment 442 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – point -1 (new)
(-1) the estimated, fastest possible in terms of factors on the side of the provider of the data processing service from which the switching is to take place, duration of the process for the customer to transition from the data processing service,including any operational, technical or organisational steps necessary for both the service provider and the customer to undertake, in order to complete the switching process;
2022/11/17
Committee: LIBE
Amendment 443 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – point 1
(1) assist andance with the switching process that the provider can supply including, where technically feasible, completeion of the switching process from the provider’s side;
2022/11/17
Committee: LIBE
Amendment 444 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – point 2
(2) any risks to continuity in the provision of the respective functions or services from the provider’s side during the switching process and commitment to make every effort on provider’s side to ensure full continuity in the provision of the respective functions or services.
2022/11/17
Committee: LIBE
Amendment 445 #
Proposal for a regulation
Article 24 – paragraph 1 – point b
(b) an exhaustive detailed specification of all data and application categories exportable during the switching process, including, at minimum, all data imported by the customer at the inception of the service agreement and all data and metadata created by the customer and by the use of the service during the period the service was provided, including, but not limited to, configuration parameters, security settings, access rights and access logs to the service;
2022/11/17
Committee: LIBE
Amendment 447 #
Proposal for a regulation
Article 2 – paragraph 1 – point 7 a (new)
(7 a) ‘readily available data’ means data generated by the use of a product that the data holder obtains or can obtain without disproportionate effort, going beyond a simple operation;
2022/11/14
Committee: ITRE
Amendment 447 #
Proposal for a regulation
Article 24 – paragraph 2
2. Where the mandatoryprovider of the data processing service becomes aware that the estimated transition period as defined in paragraph 1, points (a) and (c) of this Article is technically unfeasible for the provider, the provider of data processing services shall notify the customer within 714 working days after the switching request has been made, duly motivating the technical unfeasibility with a detailed report justifying and indicating an alternative shortest possible transition period, which may not exceed 6 months. In accordance with paragraph 1 of this Article, full service continuity shall be ensured, where technically feasible, continue throughout the alternative transition period against reduced charges, referred to in Article 25(2) if the delay is due to factors on the side of the provider of a data processing service from which the switching is to take place.
2022/11/17
Committee: LIBE
Amendment 448 #
Proposal for a regulation
Article 25 – paragraph 1
1. From [date X+3yrs] onwards, providers of data processing services shall not impose any charges on the customer for the switching process., unless the process is prolonged due to factors outside of the control of the provider of data processing service. If the switching process prolongs due to factors outside of the control of the provider of data processing service, the provider of data processing service may charge the party responsible;
2022/11/17
Committee: LIBE
Amendment 449 #
Proposal for a regulation
Article 25 – paragraph 1 a (new)
1 a. From [date X]onwards, providers of data processing services shall, before the customer signs up to the service, provide clear information in the terms and conditions of the service, about the costing parameters for mandatory operations that the provider of data processing services must perform in relation to porting and switching.
2022/11/17
Committee: LIBE
Amendment 450 #
Proposal for a regulation
Article 25 – paragraph 3
3. The charges referred to in paragraph 2 shall not exceed the costs incurred by the provider of data processing services that are directly linked to the switching process concerned., unless the process is prolonged due to factors outside of the control of the provider of data processing service. If the switching process prolongs due to factors outside of the control of the provider of data processing service, the provider of data processing service may charge the party responsible;
2022/11/17
Committee: LIBE
Amendment 452 #
Proposal for a regulation
Article 19 – paragraph 1 – point c
(c) destroy the data as soon as they are no longer necessary for the stated purpose and inform the data holder that the data have been destroyed. Official statistics authorities are exempted from the latter obligation.
2022/11/16
Committee: IMCO
Amendment 452 #
Proposal for a regulation
Article 26 – paragraph 1
1. Providers of data processing services that concern scalable and elastic computing resources limited to infrastructural elements such as servers, networks and the virtual resources necessary for operating the infrastructure, but that do not provide access to the operating services, software and applications that are stored, otherwise processed, or deployed on those infrastructural elements, shall ensure that the customer, after switching to aprovide capabilities, adequate information, documentation, technical support and, where appropriate, tools, to perform porting and switching, allowing for functional equivalence in the use of the new service coveringof the same service type offered by a different provider of data processing services, enjoys functional equivalence in the use of the new service.
2022/11/17
Committee: LIBE
Amendment 453 #
Proposal for a regulation
Article 2 – paragraph 1 – point 10
(10) ‘public emergency’ means an exceptional situation negativeto which normal measures for the maintenance of public safety, health and order, are plainly inadequate. such as public health emergencies, emergencies resulting from natural disasters, as well as human- induced major disasters, such as major cybersecurity incidents, negatively and suddenly affecting the population of the Union, a Member State or part of it, with a risk of serious and lasting repercussions on living conditions or economic stability, or the substantial and immediate degradation of economic assets in the Union or the relevant Member State(s) and which is determined and officially declared according to the respective procedures under Union or national law;
2022/11/14
Committee: ITRE
Amendment 453 #
Proposal for a regulation
Article 26 – paragraph 4
4. Where the open interoperability specifications or European standards referred to in paragraph 3 do not exist for the service type concerned, the provider of data processing services shall, at the request of the customer, export all data generated or co-generated and where technically feasible, export all data generated directly by the customer or which is uniquely related to that customers own usage of the service, including the relevant data formats and data structures, in a structured, commonly used and machine- readable format for the relevant service type.
2022/11/17
Committee: LIBE
Amendment 459 #
Proposal for a regulation
Article 29 – paragraph 5 a (new)
5 a. All switching, porting and interoperability standards or specifications, as well as implementation of all measures of this regulation, shall ensure compliance with applicable law, in particular Regulation (EU) 2016/679, Directive 2002/58/EC,legislation on cyber security, consumer protection, product safety, trade secrets or intellectual property rights, as well as with the accessibility requirements.
2022/11/17
Committee: LIBE
Amendment 463 #
Proposal for a regulation
Article 2 – paragraph 1 – point 12
(12) ‘data processing service’ means a digital service other than an online content service as defined in Article 2(5) of Regulation (EU) 2017/1128, provided to a customer, which as its main feature enables on-demand administration and broad remote access to a scalable and elastic pool of shareable computing resources of a centralised, distributed or highly distributed nature;
2022/11/14
Committee: ITRE
Amendment 464 #
Proposal for a regulation
Article 21 – paragraph 4
4. Where a public sector body or a Union institution, agency or body transmits or makes data available under paragraph 1, it shall notify the data holder from whom the data was received. The notification should include the identity and the contact details of individuals or organisations receiving the data pursuant to paragraph 1, the purposes of data processing and the period for which the data will be stored.
2022/11/16
Committee: IMCO
Amendment 466 #
Proposal for a regulation
Article 21 – paragraph 4 a (new)
4a. After receiving a notification based on art. 21 par. 4, the data holder has the right to object to transmitting or making available data that was received from him or her within 10 days.
2022/11/16
Committee: IMCO
Amendment 469 #
Proposal for a regulation
Article 23 – paragraph 1 – introductory part
1. Providers of a data processing service shall take the measures provided for in Articles 24, 25 and 26 to ensure, in terms of factors on their service side, that customers of their service can switch to another data processing service, covering the same service type, which is provided by a different service provider. In particular, providers of data processing service shall remove commercial, technical, contractual and organisational obstacles, which inhibit customers from:
2022/11/16
Committee: IMCO
Amendment 472 #
Proposal for a regulation
Article 31 – paragraph 2 – point b
(b) for specific sectoral data exchange issues related to the implementation of this Regulation, the competence of sectoral authorities shall be respected; it refers particularly to the official statistics authorities and the activity and decisions of the competent authorities designated according to paragraph 1 shall not affect their professional independence.
2022/11/17
Committee: LIBE
Amendment 475 #
Proposal for a regulation
Article 23 – paragraph 1 – point a
(a) terminating, after a maximum notice period of 30 calendar days, the contractual agreement of the service, without prejudice to any financial commitments made by the customer regarding the service;
2022/11/16
Committee: IMCO
Amendment 479 #
Proposal for a regulation
Article 2 – paragraph 1 – point 20 a (new)
(20 a) official statistics means European statistics according to Regulation 223/2009 and statistics considered official according to national legislation.
2022/11/14
Committee: ITRE
Amendment 490 #
Proposal for a regulation
Article 41 – paragraph 1 – point b a (new)
(b a) the exclusion of trade secrets in Article 4 (3) and Article 5 (8);
2022/11/17
Committee: LIBE
Amendment 495 #
Proposal for a regulation
Article 24 – paragraph 1 – introductory part
1. The rights of the customer and the obligations of the provider of a data processing service in relation to switching between providers of such services shall be clearly set out in a written contract. Without prejudice to Directive (EU) 2019/770, that contractand made available to the customer in advance of that customer accepting terms and conditions of the service priori to signing up to the service of the provider. Without prejudice to Directive (EU) 2019/770, the information to be provided to the customer and the terms and conditions of the service shall include at least the following:
2022/11/11
Committee: IMCO
Amendment 498 #
Proposal for a regulation
Article 3 – paragraph 1
1. Products shall be designed and manufactured, and related services shall be provided, in such a manner that data generated by their use are, by default, easily, securely and, where relevant and appropriate, directly accessible to the user, including the user with special needs.
2022/11/14
Committee: ITRE
Amendment 500 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – introductory part
(a) clauses allowing the customer, upon request, to switch to a data processing service offered by another provider of data processing service or to port all data, applications and digital assets generated directly or indirectly byby the customer or which is uniquely relate to theat customers own usage of the service, to an on-premise system, in particular the establishment of a mandatory maximum transition period of 360 calendar days, during which the data processing service provider shall execute and provide clear information concerning:
2022/11/11
Committee: IMCO
Amendment 505 #
Proposal for a regulation
Article 3 – paragraph 1 a (new)
1 a. The data holder may reject the request for data if access to the data is restricted by Union law or national law.
2022/11/14
Committee: ITRE
Amendment 507 #
Proposal for a regulation
Article 3 – paragraph 1 b (new)
1 b. The user may grant or withdraw at any time consent for the data holder to the use of their data or to the third party nominated by the data holder
2022/11/14
Committee: ITRE
Amendment 507 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – point -1 (new)
(-1) the estimated, fastest possible in terms of factors on the side of the provider of the data processing service from which the switching is to take place, duration of the process for the customer to transition from the data processing service,including any operational, technical or organisational steps necessary for both the service provider and the customer to undertake, in order to complete the switching process;
2022/11/11
Committee: IMCO
Amendment 510 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – point 1
(1) assist andance with the switching process that the provider can supply including, where technically feasible, complete the switching process from the provider’s side;
2022/11/11
Committee: IMCO
Amendment 515 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – point 2
(2) any risks to continuity in the provision of the respective functions or services from the provider’s side during the switching process and commitment to make every effort on provider’s side to ensure full continuity in the provision of the respective functions or services.
2022/11/11
Committee: IMCO
Amendment 526 #
Proposal for a regulation
Article 3 – paragraph 2 – point c – point i (new)
i) The data holder shall provide information on the data structures, data formats, vocabularies, classification schemes, taxonomies and code lists, where available, which shall be described in a publicly available and consistent manner.
2022/11/14
Committee: ITRE
Amendment 527 #
Proposal for a regulation
Article 3 – paragraph 2 – point c – point ii (new)
ii) The technical means to access the data, such as Software Development Kits or application programming interfaces, and their terms of use and quality of service shall be sufficiently described to enable the development of such means of access.
2022/11/14
Committee: ITRE
Amendment 531 #
Proposal for a regulation
Article 24 – paragraph 1 – point b
(b) an exhaustive detailed specification of all data and application categories exportable during the switching process, including, at minimum, all data imported by the customer at the inception of the service agreement and all data and metadata created by the customer and by the use of the service during the period the service was provided, including, but not limited to, configuration parameters, security settings, access rights and access logs to the service;
2022/11/11
Committee: IMCO
Amendment 542 #
Proposal for a regulation
Article 24 – paragraph 2
2. Where the mandatoryprovider of the data processing service becomes aware that the estimated transition period as defined in paragraph 1, points (a) and (c) of this Article is technically unfeasible for the provider, the provider of data processing services shall notify the customer within 714 working days after the switching request has been made, duly motivating the technical unfeasibility with a detailed report justifying and indicating an alternative shortest possible transition period, which may not exceed 6 months. In accordance with paragraph 1 of this Article, full service continuity shall be ensured, where technically feasible, continue throughout the alternative transition period against reduced charges, referred to in Article 25(2). if the delay is due to factors on the side of the provider of a data processing service from which the switching is to take place.
2022/11/11
Committee: IMCO
Amendment 549 #
Proposal for a regulation
Article 25 – paragraph 1
1. From [date X+3yrs] onwards, providers of data processing services shall not impose any additional charges on the customer for the switching process. unless the process prolongs due to factors outside of the control of the provider of data processing service. If the switching process prolongs due to factors outside of the control of the provider of data processing service, the provider of data processing service may charge the party responsible;
2022/11/11
Committee: IMCO
Amendment 555 #
Proposal for a regulation
Article 3 – paragraph 2 a (new)
2 a. Where on-device access is technically supported, the manufacturer shall make this means of access also available to third-party service providers in a non-discriminatory manner.
2022/11/14
Committee: ITRE
Amendment 556 #
Proposal for a regulation
Article 25 – paragraph 1 a (new)
1 a. From [date X]onwards, providers of data processing services shall, before the customer signs up to the service, provide clear information in the terms and conditions of the service, about the costing parameters for mandatory operations that the provider of data processing services must perform in relation to porting and switching.
2022/11/11
Committee: IMCO
Amendment 564 #
Proposal for a regulation
Article 4 – paragraph 1
1. Where data cannot be directly accessed by the user from the product, the data holder shall make available to the user the data generated by its use of a product or related service without undue delay, free of charge and, where applicable, continuously and in real-time. This shall be done on the basis of a simple request through electronic means where technically feasible. In case when filing a request via electronic channels is not possible or limited by a disability, the data holder shall enable other forms of request that are appropriate for persons with communication problems.
2022/11/14
Committee: ITRE
Amendment 566 #
Proposal for a regulation
Article 4 – paragraph 1 a (new)
1 a. The data holder may reject the request for data if access to the data is restricted by Union law or national law.
2022/11/14
Committee: ITRE
Amendment 568 #
Proposal for a regulation
Article 25 – paragraph 3
3. The charges referred to in paragraph 2 shall not exceed the costs incurred by the provider of data processing services that are directly linked to the switching process concerned. unless the process prolongs due to factors outside of the control of the provider of data processing service. If the switching process prolongs due to factors outside of the control of the provider of data processing service, the provider of data processing service may charge the party responsible;
2022/11/11
Committee: IMCO
Amendment 575 #
Proposal for a regulation
Article 4 – paragraph 3
3. Trade secrets shall only be disclosed provided that all specific necessary measures are taken in advance to preserve the confidentiality of trade secrets in particular with respect to third parties. The data holder and the user can agree measures to preserve the confidentiality of the shared data, in particular in relation to third parties. The right to request the data referred to in paragraph 1 shall not adversely affect the rights and freedoms of others, including the rights protected under Directive (EU) 2016/943.
2022/11/14
Committee: ITRE
Amendment 578 #
Proposal for a regulation
Article 26 – paragraph 1
1. Providers of data processing services that concern scalable and elastic computing resources limited to infrastructural elements such as servers, networks and the virtual resources necessary for operating the infrastructure, but that do not provide access to the operating services, software and applications that are stored, otherwise processed, or deployed on those infrastructural elements, shall ensure that the customer, after switching to aprovide capabilities, adequate information, documentation, technical support and, where appropriate, tools, to perform porting and switching allowing for functional equivalence in the use of the new service coveringof the same service type offered by a different provider of data processing services, enjoys functional equivalence in the use of the new service.
2022/11/11
Committee: IMCO
Amendment 588 #
Proposal for a regulation
Article 4 – paragraph 4
4. The user shall not use the data obtained pursuant to a request referred to in paragraph 1 to develop a product that competes with the product, or any part of it, from which the data originate and shall not use such data to derive insights about the economic situation, assets and production methods that could undermine the security of the product in a manner which is detrimental to the legitimate interests of the data holder.
2022/11/14
Committee: ITRE
Amendment 590 #
Proposal for a regulation
Article 26 – paragraph 4
4. Where the open interoperability specifications or European standards referred to in paragraph 3 do not exist for the service type concerned, the provider of data processing services shall, at the request of the customer, export all data generated or co-generatedand where technically feasible, export all data generated directly by the customer or which is uniquely relate to that customers own usage of the service, including the relevant data formats and data structures, in a structured, commonly used and machine- readable format. for the relevant service type.
2022/11/11
Committee: IMCO
Amendment 604 #
Proposal for a regulation
Article 5 – paragraph 1
1. Upon request by a user, or by a party acting on behalf of a user, the data holder shall make available the data generated by the use of a product or related service to a third party, without undue delayhat are readily available to the data holder to a third party, without undue delay, easily, securely in machine- readable format, free of charge to the user, of the same quality as is available to the data holder and, where applicable, continuously and in real-time. subject to compliance with applicable laws to the outsourcing of data driven services. Data shall be provided in the form in which they have been generated by the product, with only the minimal adaptations necessary to make them useable by a third party, including related metadata necessary to interpret and use the data.
2022/11/14
Committee: ITRE
Amendment 615 #
Proposal for a regulation
Article 5 – paragraph 1 a (new)
1 a. The data holder may reject the request for data if access to the data is restricted by Union law or national law.
2022/11/14
Committee: ITRE
Amendment 624 #
Proposal for a regulation
Article 5 – paragraph 3
3. The user or third party shall not be required to provide any information beyond what is necessary to verify the quality as user or as third party pursuant to paragraph 1. The data holder shall not keep any information on the third party’s access to the data requested beyond what is necessary for the sound execution of the third party’s access request and for the security and the maintenance of the data infrastructure. When giving access to trade secrets, the identity of the data recipient and the scope of data must be disclosed to the data holder for an evaluation of trade secret related risk.
2022/11/14
Committee: ITRE
Amendment 641 #
Proposal for a regulation
Article 5 – paragraph 8
8. Trade secrets shall only be disclosed to third parties to the extent that they are strictly necessary to fulfil the purpose agreed between the user and the third party and all specific necessary measures agreed between the data holder and the third party are taken by the third party to preserve the confidentiality of the trade secret. In such a case, the nature of the data as trade secrets and the measures for preserving the confidentiality shall be specified in the agreement between the data holder and the third party. The data holder shall therefore be entitled to implement technical or organizational measures, such as strict access protocols, to preserve the confidentiality of the shared data. The trade secret holder should have the possibility to refuse this sharing, when these guarantees are not ensured or respected ex-ante.
2022/11/14
Committee: ITRE
Amendment 643 #
Proposal for a regulation
Article 5 – paragraph 8
8. Trade secrets shall only be disclosed to third parties to the extent that they are strictly necessary to fulfil the purpose agreed between the user and the third party and all specific necessary measures agreed between the data holder and the third party are taken by the third party to preserve the confidentiality of the trade secret. In such a case, the nature of the data as trade secrets and the measures for preserving the confidentiality shall be specified in the agreement between the data holder and the third party. The right to request the data referred to in paragraph 1 shall not adversely affect the rights and freedoms of others, including the rights protected under Directive (EU) 2016/943.
2022/11/14
Committee: ITRE
Amendment 648 #
Proposal for a regulation
Article 29 – paragraph 5 a (new)
5 a. All switching, porting and interoperability standards or specifications, as well as implementation of all measures of this regulation, shall ensure compliance with applicable law, in particular Regulation (EU) 2016/679, Directive 2002/58/EC,legislation on cyber security, consumer protection, product safety, trade secrets or intellectual property rights, as well as with the accessibility requirements.
2022/11/11
Committee: IMCO
Amendment 651 #
Proposal for a regulation
Article 31 – paragraph 2 – point b
(b) for specific sectoral data exchange issues related to the implementation of this Regulation, the competence of sectoral authorities shall be respected;. It refers particularly to the official statistics authorities and the activity and decisions of the competent authorities designated according to paragraph 1shall not affect their professional independence.
2022/11/11
Committee: IMCO
Amendment 654 #
Proposal for a regulation
Article 6 – paragraph 2 – point b
(b) use the data it receives for the profiling of natural persons within the meaning of Article 4(4) of Regulation (EU) 2016/679, unless it is necessary to provide the service requested by the user or the user agreed to it;
2022/11/14
Committee: ITRE
Amendment 669 #
Proposal for a regulation
Article 6 – paragraph 2 – point f a (new)
(f a) use the data it receives to undermine the commercial and industrial position of the data holder on the primary market of the product;
2022/11/14
Committee: ITRE
Amendment 670 #
Proposal for a regulation
Article 6 – paragraph 2 – point f b (new)
(f b) use the data it receives in a manner that adversely impacts the security of the product or related service(s)
2022/11/14
Committee: ITRE
Amendment 674 #
Proposal for a regulation
Article 6 – paragraph 2 a (new)
2 a. The third party shall bear the responsibility to ensure the security and protection of the data it receives from the data holder.
2022/11/14
Committee: ITRE
Amendment 692 #
Proposal for a regulation
Article 8 – paragraph 6
6. Unless otherwise provided by Union law, including Article 6 of this Regulation, or by national legislation implementing Union law, an obligation to make data available to a data recipient shall not oblige the disclosureWhile the obligation to make data available as provided by Union law, including Articles 4(3), 5(8), Article 6 and Article 19(2) of this Regulation, or by national legislation implementing Union law, shall be effective, this Regulation shall not question the protection of trade secrets as such and that the access is only granted under measures that warrant for the protection of trade secrets within the meaning of Directive (EU) 2016/943.
2022/11/14
Committee: ITRE
Amendment 706 #
Proposal for a regulation
Article 9 – paragraph 2
2. Where the data recipient is a micro, small or medium enterprise, as defined in Article 2 of the Annex to Recommendation 2003/361/EC, anyAny reasonable compensation agreed shall not exceed the costs directly related to making the data available to the data recipient and which are attributable to the request. These costs include the costs necessary for data reproduction, dissemination via electronic means and storage, but not of data collection or production. Article 8(3) shall apply accordingly.
2022/11/14
Committee: ITRE
Amendment 708 #
Proposal for a regulation
Article 9 – paragraph 2
2. Where the data recipient is a micro, small or medium enterprise, as defined in Article 2 of the Annex to Recommendation 2003/361/EC, and the data holder is not, any compensation agreed shall not exceed the costs directly related to making the data available to the data recipient and which are attributable to the request. Article 8(3) shall apply accordingly.
2022/11/14
Committee: ITRE
Amendment 720 #
Proposal for a regulation
Article 11 – paragraph 1
1. The data holder may apply appropriate technical protection measures, including smart contracts, to prevent unauthorised access to the data and to ensure compliance with Articles 5, 6, 9 and 10, as well as with the agreed contractual terms for making data available. Such technical protection measures shall not be used as a means to hinder the user’s right to effectively provide data to third parties pursuant to Article 5 or any right of a third party under Union law or national legislation implementing Union law as referred to in Article 8(1). The third party shall upon the request of the user or the data holder provide with information on how the data has been used when there is a reasonable doubt for unlawful use or onward sharing of the received data.
2022/11/14
Committee: ITRE
Amendment 725 #
Proposal for a regulation
Article 11 – paragraph 1
1. The data holder may apply appropriate technical protection measures, including smart contracts, to prevent unauthorised access to the data and to ensure compliance with Articles 5, 6, 9 and 10, as well as with the agreed contractual terms for making data available. Such technical protection measures shall not be used as a means to discriminate or hinder the user’s right to effectively provide data to third parties pursuant to Article 5 or any right of a third party under Union law or national legislation implementing Union law as referred to in Article 8(1).
2022/11/14
Committee: ITRE
Amendment 727 #
Proposal for a regulation
Article 11 – paragraph 2 – introductory part
2. AWhere a data recipient that has, for the purposes of obtaining data, provided inaccurate, incomplete or false information to the data holder, deployed deceptive or coercive means or abused evident gaps in the technical infrastructure of the data holder designed to protect the data, has used the data made available for unauthorised purposes or has disclosed those data to another party without the data holder’s authorisation, shall without undue delay, unless the data holder or the user instruct otherwise, including the development of a competing product within the meaning of Article 6(2)(e) or has disclosed those data to another party without the data holder’s authorisation, the data recipient shall be liable for the damages to the party suffering from the misuse or disclosure of such data and shall comply without undue delay with the requests of the data holder to:
2022/11/14
Committee: ITRE
Amendment 733 #
Proposal for a regulation
Article 12 – paragraph 1 a (new)
1 a. The obligations set out in this Regulation do not preclude a reciprocity of data sharing between a data recipient, user and data holder agreed in contracts.
2022/11/14
Committee: ITRE
Amendment 739 #
Proposal for a regulation
Article 13 – paragraph 1
1. A contractual term, concerning the access to and use of data or the liability and remedies for the breach or the termination of data related obligations which has been unilaterally imposed by an enterprise on a micro, small or medium-sized enterprise as defined in Article 2 of the Annex to Recommendation 2003/361/EC or which has been unilaterally imposed by an enterprise which is the source of the data they hold shall not be binding on the latter enterprise, the data recipient or user, respectively, if it is unfair.
2022/11/14
Committee: ITRE
Amendment 752 #
Proposal for a regulation
Article 13 – paragraph 8 a (new)
8 a. Given the rapidity in which innovations occur on the markets, the list of unfair contractual terms within article 13 shall be reviewed regularly by the European Commission and be adapted to new business practices if necessary
2022/11/14
Committee: ITRE
Amendment 794 #
Proposal for a regulation
Article 15 – paragraph 1 – point c – point 2
(2) obtaining the data in line with the procedure laid down in this Chapter would substantively reduce the administrative burden for data holders or other enterprises.; or
2022/11/14
Committee: ITRE
Amendment 795 #
Proposal for a regulation
Article 15 – paragraph 1 – point c – point 2 a (new)
(2 a) obtaining data is necessary for official statistics purposes;
2022/11/14
Committee: ITRE
Amendment 801 #
Proposal for a regulation
Article 16 – paragraph 1
1. This Chapter shall not affect obligations laid down in Union or national law for the purposes of reporting, complying with information requests or demonstrating or verifying compliance with legal obligations including official statistics purposes.
2022/11/14
Committee: ITRE
Amendment 825 #
Proposal for a regulation
Article 17 – paragraph 1 – point e a (new)
(e a) ensure that making the data available would not put the data holder in a situation to violate a national under Union law or national law. Or, assume liability for violations or damages resulting from the access it has requested while making the data available was prohibited under Union law or national law;
2022/11/14
Committee: ITRE
Amendment 832 #
Proposal for a regulation
Article 17 – paragraph 1 – point e b (new)
(e b) commits that confidentiality of trade secrets disclosure will be ensured.
2022/11/14
Committee: ITRE
Amendment 841 #
Proposal for a regulation
Article 17 – paragraph 2 – point c
(c) respect the legitimate aims of the data holder, taking into account the protection of trade secrets and the, privacy, commercial sensitive information, intellectual property and the duration, cost and effort required to make the data available;
2022/11/14
Committee: ITRE
Amendment 847 #
Proposal for a regulation
Article 17 – paragraph 2 – point d
(d) concern, insofar as possible, non- personal data;
2022/11/14
Committee: ITRE
Amendment 876 #
Proposal for a regulation
Article 18 – paragraph 2 – introductory part
2. Without prejudice to specific needs regarding the availability of data defined in sectoral legislation, the data holder may decline or seek the modification of the request within 15 working days following the receipt of a request for the data necessary to respond to a public emergency and within 145 working days in other cases of exceptional need, on either of the following grounds:
2022/11/14
Committee: ITRE
Amendment 878 #
Proposal for a regulation
Article 18 – paragraph 2 – point a
(a) the data is unavailable; or the data holder does not have control over the data
2022/11/14
Committee: ITRE
Amendment 879 #
Proposal for a regulation
Article 18 – paragraph 2 – point a a (new)
(a a) provided security measures concerning transfer, storing and maintaining data confidentiality are insufficient.
2022/11/14
Committee: ITRE
Amendment 884 #
Proposal for a regulation
Article 18 – paragraph 5
5. Where compliance with the request to make data available to a public sector body or a Union institution, agency or body requires the disclosure of personal data, the data holder shall take reasonable efforts to pseudonymise the data, insofar as the request can be fulfilled with pseudonymised data.
2022/11/14
Committee: ITRE
Amendment 894 #
Proposal for a regulation
Article 19 – paragraph 1 – point a
(a) not use the data in a manner incompatible with the purpose for which they were requested, nor use the date to develop products or related services that compete against the data holder;
2022/11/14
Committee: ITRE
Amendment 896 #
Proposal for a regulation
Article 19 – paragraph 1 – point b
(b) implement, insofar as the processing of personal data is necessary, technical and organisational measures that safeguard the rights and freedoms of data subjects;deleted
2022/11/14
Committee: ITRE
Amendment 901 #
Proposal for a regulation
Article 19 – paragraph 1 – point b a (new)
(b a) have in place the appropriate and proportionate technical and organisational measures to manage cyber risk to that data;
2022/11/14
Committee: ITRE
Amendment 905 #
Proposal for a regulation
Article 19 – paragraph 1 – point c
(c) destroy the data as soon as they are no longer necessary for the stated purpose and inform the data holder that the data have been destroyed. Official statistics authorities are exempted from the latter obligation.
2022/11/14
Committee: ITRE
Amendment 909 #
Proposal for a regulation
Article 19 – paragraph 2
2. Disclosure of data constitutive of trade secrets or alleged trade secrets to a public sector body or to a Union institution, agency or body shall only be required to the extent that it is strictly necessary to achieve the purpose of the request. In such a case, provided that all specific necessary measures required by the trade secret holder are taken to preserve the confidentiality of trade secrets, in particular with respect to the third parties. The trade secret holder, the data holder and the public sector body, or the Union institution, agency or body shall take appropriatecan contractually agree on measures to preserve the confidentiality of those trade secretse shared data, in particular in relation to third parties. The trade secret holder should have the possibility to refuse this sharing, when these guarantees are not ensured or respected ex-ante.
2022/11/14
Committee: ITRE
Amendment 945 #
Proposal for a regulation
Article 21 – paragraph 4
4. Where a public sector body or a Union institution, agency or body transmits or makes data available under paragraph 1, it shall notify the data holder from whom the data was received. The notification should include the identity and the contact details of individuals or organisations receiving the data pursuant to paragraph 1, the purposes of data processing and the period for which the data will be stored.
2022/11/14
Committee: ITRE
Amendment 946 #
Proposal for a regulation
Article 21 – paragraph 4 a (new)
4 a. After receiving a notification based on Article 21(4), the data holder has the right to object to transmitting or making available data that was received from him or her within 10 days.
2022/11/14
Committee: ITRE
Amendment 953 #
Proposal for a regulation
Article 23 – paragraph 1 – introductory part
1. Providers of a data processing service shall take the measures provided for in Articles 24, 25 and 26 to ensure, in terms of factors on their service side, that customers of their service can switch to another data processing service, covering the same service type, which is provided by a different service provider. In particular, providers of data processing service shall remove commercial, technical, contractual and organisational obstacles, which inhibit customers from:
2022/11/14
Committee: ITRE
Amendment 958 #
Proposal for a regulation
Article 23 – paragraph 1 – point a
(a) terminating, after a maximum notice period of 30 calendar days, the contractual agreement of the service, without prejudice to any financial commitments made by the customer regarding the service;
2022/11/14
Committee: ITRE
Amendment 962 #
Proposal for a regulation
Article 24 – paragraph 1 – introductory part
1. The rights of the customer and the obligations of the provider of a data processing service in relation to switching between providers of such services shall be clearly set out in a written contractand made available to the customer in advance of that customer accepting terms and conditions of the service priori to signing up to the service of the provider. Without prejudice to Directive (EU) 2019/770, that contracte information to be provided to the customer and the terms and conditions of the service shall include at least the following:
2022/11/14
Committee: ITRE
Amendment 963 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – introductory part
(a) clauses allowing the customer, upon request, to switch to a data processing service offered by another provider of data processing service or to port all data, applications and digital assets generated directly or indirectly byby the customer or which is uniquely relate to theat customers own usage of the service, to an on-premise system, in particular the establishment of a mandatory maximum transition period of 360 calendar days, during which the data processing service provider shall execute and provide clear information concerning:
2022/11/14
Committee: ITRE
Amendment 966 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – point -1 (new)
(-1) the estimated, fastest possible in terms of factors on the side of the provider of the data processing service from which the switching is to take place, duration of the process for the customer to transition from the data processing service, including any operational, technical or organisational steps necessary for both the service provider and the customer to undertake, in order to complete the switching process;
2022/11/14
Committee: ITRE
Amendment 968 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – point 1
(1) assist andance with the switching process that the provider can supply including, where technically feasible, completeion of the switching process from the provider’s side;
2022/11/14
Committee: ITRE
Amendment 970 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – point 2
(2) any risks to continuity in the provision of the respective functions or services from the provider’s side during the switching process and commitment to make every effort on provider’s side to ensure full continuity in the provision of the respective functions or services.
2022/11/14
Committee: ITRE
Amendment 975 #
Proposal for a regulation
Article 24 – paragraph 1 – point b
(b) an exhaustive detailed specification of all data and application categories exportable during the switching process, including, at minimum, all data imported by the customer at the inception of the service agreement and all data and metadata created by the customer and by the use of the service during the period the service was provided, including, but not limited to, configuration parameters, security settings, access rights and access logs to the service;
2022/11/14
Committee: ITRE
Amendment 981 #
Proposal for a regulation
Article 24 – paragraph 2
2. Where the mandatoryprovider of the data processing service becomes aware that the estimated transition period as defined in paragraph 1, points (a) and (c) of this Article is technically unfeasible for the provider, the provider of data processing services shall notify the customer within 714 working days after the switching request has been made, duly motivating the technical unfeasibility with a detailed report justifying and indicating an alternative shortest possible transition period, which may not exceed 6 months. In accordance with paragraph 1 of this Article, full service continuity shall be ensured, where technically feasible, continue throughout the alternative transition period against reduced charges, referred to in Article 25(2) if the delay is due to factors on the side of the provider of a data processing service from which the switching is to take place.
2022/11/14
Committee: ITRE
Amendment 982 #
Proposal for a regulation
Article 25 – paragraph 1
1. From [date X+3yrs] onwards, providers of data processing services shall not impose any additional charges on the customer for the switching process., unless the process prolongs due to factors outside of the control of the provider of data processing service. If the switching process prolongs due to factors outside of the control of the provider of data processing service, the provider of data processing service may charge the party responsible;
2022/11/14
Committee: ITRE
Amendment 984 #
Proposal for a regulation
Article 25 – paragraph 1 a (new)
1 a. From [date X] onwards, providers of data processing services shall, before the customer signs up to the service, provide clear information in the terms and conditions of the service, about the costing parameters for mandatory operations that the provider of data processing services must perform in relation to porting and switching.
2022/11/14
Committee: ITRE
Amendment 988 #
Proposal for a regulation
Article 25 – paragraph 3
3. The charges referred to in paragraph 2 shall not exceed the costs incurred by the provider of data processing services that are directly linked to the switching process concerned. unless the process prolongs due to factors outside of the control of the provider of data processing service. If the switching process prolongs due to factors outside of the control of the provider of data processing service, the provider of data processing service may charge the party responsible;
2022/11/14
Committee: ITRE
Amendment 992 #
Proposal for a regulation
Article 26 – paragraph 1
1. Providers of data processing services that concern scalable and elastic computing resources limited to infrastructural elements such as servers, networks and the virtual resources necessary for operating the infrastructure, but that do not provide access to the operating services, software and applications that are stored, otherwise processed, or deployed on those infrastructural elements, shall ensure that the customer, after switching to aprovide capabilities, adequate information, documentation, technical support and, where appropriate, tools, to perform porting and switching, allowing for functional equivalence in the use of the new service coveringof the same service type offered by a different provider of data processing services, enjoys functional equivalence in the use of the new service.
2022/11/14
Committee: ITRE
Amendment 998 #
Proposal for a regulation
Article 26 – paragraph 4
4. Where the open interoperability specifications or European standards referred to in paragraph 3 do not exist for the service type concerned, the provider of data processing services shall, at the request of the customer, export all data generated or co-generated and where technically feasible, export all data generated directly by the customer or which is uniquely relate to that customers own usage of the service, including the relevant data formats and data structures, in a structured, commonly used and machine- readable format for the relevant service type.
2022/11/14
Committee: ITRE
Amendment 1039 #
Proposal for a regulation
Article 28 – paragraph 4
4. The Commission may, in accordance with Article 10 of Regulation (EU) No 1025/2012, request one or more European standardisation organisations to draft harmonised standards that satisfy the essential requirements under paragraph 1 of this Article. To address the fragmentation of the internal market and the data economy in the internal market, as requested by the regulation (EU) 2022/868, the European Data Innovation Board should also assist the Commission enhancing cross-border, cross- sector interoperability of data as well as data sharing services between different sectors and domains.
2022/11/14
Committee: ITRE
Amendment 1066 #
Proposal for a regulation
Article 29 – paragraph 5 a (new)
5 a. All switching, porting and interoperability standards or specifications, as well as implementation of all measures of this regulation, shall ensure compliance with applicable law, in particular Regulation (EU) 2016/679, Directive 2002/58/EC, legislation on cyber security, consumer protection, product safety, trade secrets or intellectual property rights, as well as with the accessibility requirements.
2022/11/14
Committee: ITRE
Amendment 1099 #
Proposal for a regulation
Article 31 – paragraph 2 – point b
(b) for specific sectoral data exchange issues related to the implementation of this Regulation, the competence of sectoral authorities shall be respected; It refers particularly to the official statistics authorities and the activity and decisions of the competent authorities designated according to paragraph 1 shall not affect their professional independence.
2022/11/14
Committee: ITRE
Amendment 1151 #
Proposal for a regulation
Article 41 – paragraph 1 – point b a (new)
(b a) the exclusion of trade secrets in Article 4(3) and Article 5(8);
2022/11/14
Committee: ITRE