The legal anatomy of a data space
Addressing the legal challenges arising in connection with the sharing and reuse of data is fraught with various challenges.
First and foremost is the patchwork of laws which give partial entitlements on data. In this fragmented regulatory landscape data do not have a clear overall legal status. Second, there is an intense legislative agenda laid out by the European Commission aiming to foster data sharing and the deployment of data spaces. Third, the legal challenges have a dynamic and complex nature depending on the purpose, data types, tools of processing and so on. Fourth, there is the problem of overgeneralisation of concepts and the resulting terminological inconsistency encountered in the policy documents, research output and even the legislative texts. We often witness the interchangeable use of the terms such as data/information, data use/reuse/sharing, data transaction/contract to cover a variety of concepts which are significantly different in their legal nature. Fifth, the difficulties in translating legal rules into design choices or technical specifications stand as an impediment for the deployment of efficient technologies for data sharing and reuse.
As seen, on the legal front, challenges are multifarious. The process of operationalisation of data spaces requires a robust methodology both to navigate through the existing regulatory patchwork (scattered in various legal instruments) and also to properly address and implement the intense legislative agenda. Providing guidance for concrete problems in a future-proof manner requires an assessment and combination of various regulatory tools, contractual models, design principles, and organisational structures.
To this end, data governance and further operationalisation of data spaces could be systemised in a four-pillar framework serving as a theoretical and conceptual scaffold for a comprehensive and overarching legal analysis.
The four-pillar framework which draws up the “legal anatomy” of a data space consists of:
- The substantive rights and obligations pertinent to data contracts/transactions;
- the contractual dimension;
- the organizational aspects; and
- the technical implementation.
Such conceptualisation may be seen as a primer to weave the threads among various legal dimensions—paving the way for a comprehensive mapping of the ever-expanding regulatory corpus of the EU. The envisaged methodology supplies the necessary methodological and conceptual arsenal which enables:
- a holistic interpretation of the regulatory corpus (EU acquis) to foster data sharing and reuse;
- the flexibility and adaptivity necessary to properly implement the upcoming legislation on data sharing and reuse both in B2B (and B2G contexts (Data Act, 2021 Q4);
- building up the interface between law, and technical and organisational infrastructure;
- conceptual and terminological consistency to interlink various rules, policies, guidelines, contractual terms, best practices and etc. in a data governance setting;
- a mapping of the legal frameworks in relation to data types, data uses, processing purposes and business models;
- the development of contractual modularites together with an analytical and thematic catalogue of contractual terms and templates.