BETA

32 Amendments of Henna VIRKKUNEN related to 2022/0047(COD)

Amendment 113 #
Proposal for a regulation
Recital 6
(6) Data generation is the result of the actions of at least two actors, the designer or manufacturer of a product and the user of that product. It gives rise to questions of fairness in the digital economy, because the data recorded by such products or related services are an important input for aftermarket, ancillary and other services. In order to realise the important economic benefits of data as a non-rival good for the economy and society, a general approach to assigning access and usage rights on data is preferable to awarding exclusive rights of access and use. However, it is also important that data sharing based on voluntary contracts will continue to develop to facilitate development of data- driven value growth in European companies.
2022/11/14
Committee: ITRE
Amendment 115 #
Proposal for a regulation
Recital 6 a (new)
(6 a) New statutory obligations on the sharing of data need to be carefully lineated with the Union’s competition framework and maintain companies’ ability to protect their competitive assets and encourage companies to innovate new digital services.
2022/11/14
Committee: ITRE
Amendment 152 #
Proposal for a regulation
Recital 17 a (new)
(17 a) It is important that the regulation will not hold back the development of edge computing and other efficient technologies needed for e.g. improving energy efficiency. Data generated by the use of a product should be limited in business-to-business relations and products strictly to data that is generated by the interactions of the user and the product, accompanied by relevant metadata. Any derivative data, know-how or analysis should not be regarded as data generated by the use of a product. This is also needed for companies to maintain their competitive assets. This regulation should not in any way limit data holders’ ability to share data falling outside of the scope of this regulation under contractual arrangements.
2022/11/14
Committee: ITRE
Amendment 217 #
Proposal for a regulation
Recital 31
(31) Data generated by the use of a product or related service should only be made available to a third party at the request of the user, unless Union or Member State law requires disclosure in the name of public access to official documents. This Regulation accordingly complements the right provided under Article 20 of Regulation (EU) 2016/679. That Article provides for a right of data subjects to receive personal data concerning them in a structured, commonly used and machine-readable format, and to port those data to other controllers, where those data are processed on the basis of Article 6(1), point (a), or Article 9(2), point (a), or of a contract pursuant to Article 6(1), point (b). Data subjects also have the right to have the personal data transmitted directly from one controller to another, but only where technically feasible. Article 20 specifies that it pertains to data provided by the data subject but does not specify whether this necessitates active behaviour on the side of the data subject or whether it also applies to situations where a product or related service by its design observes the behaviour of a data subject or other information in relation to a data subject in a passive manner. The right under this Regulation complements the right to receive and port personal data under Article 20 of Regulation (EU) 2016/679 in several ways. It grants users the right to access and make available to a third party to any data generated by the use of a product or related service, irrespective of its nature as personal data, of the distinction between actively provided or passively observed data, and irrespective of the legal basis of processing. Unlike the technical obligations provided for in Article 20 of Regulation (EU) 2016/679, this Regulation mandates and ensures the technical feasibility of third party access for all types of data coming within its scope, whether personal or non-personal. It also allows the data holder to set reasonable compensation to be met by third parties, but not by the user, for any cost incurred in providing direct access to the data generated by the user’s product. If a data holder and third party are unable to agree terms for such direct access, the data subject should be in no way prevented from exercising the rights contained in Regulation (EU) 2016/679, including the right to data portability, by seeking remedies in accordance with that Regulation. It is to be understood in this context that, in accordance with Regulation (EU) 2016/679, a contractual agreement does not allow for the processing of special categories of personal data by the data holder or the third party.
2022/11/14
Committee: ITRE
Amendment 228 #
Proposal for a regulation
Recital 36
(36) Start-ups, small and medium-sized enterprises and companies from traditional sectors with less-developed digital capabilities struggle to obtain access to relevant data. This Regulation aims to facilitate access to data for these entities, while ensuring that the corresponding obligations are scoped as proportionately as possible to avoid overreach. At the same time, a small number of very large companies have emerged with considerable economic power in the digital economy through the accumulation and aggregation of vast volumes of data and the technological infrastructure for monetising them. These companies include undertakings that provide core platform services controlling whole platform ecosystems in the digital economy and whom existing or new market operators are unable to challenge or contest. The [Regulation on contestable and fair markets in the digital sector (Digital Markets Act)] aims to redress these inefficiencies and imbalances by allowing the Commission to designate a provider as a “gatekeeper”, and imposes a number of obligations on such designated gatekeepers, including a prohibition to combine certain data without consent, and an obligation to ensure effective rights to data portability under Article 20 of Regulation (EU) 2016/679. Consistent with the [Regulation on contestable and fair markets in the digital sector (Digital Markets Act)], and given the unrivalled ability of these companies to acquire data, it would not be necessary to achieve the objective of this Regulation, and would thus be disproportionate in relation to data holders made subject to such obligations, to include such gatekeeper undertakings as beneficiaries of the data access right. This means that an undertaking providing core platform services that has been designated as a gatekeeper cannot request or be granted access to users’ data generated by the use of a product or related service or by a virtual assistant based on the provisions of Chapter II of this Regulation. An undertaking providing core platform services designated as a gatekeeper pursuant to Digital Markets Act should be understood to include all legal entities of a group of companies where one legal entity provides a core platform service. Furthermore, third parties to whom data are made available at the request of the user may not make the data available to a designated gatekeeper. For instance, the third party may not sub-contract the service provision to a gatekeeper. However, this does not prevent third parties from using data processing services offered by a designated gatekeeper. This exclusion of designated gatekeepers from the scope of the access right under this Regulation does not prevent these companies from obtaining data through other lawful means.
2022/11/14
Committee: ITRE
Amendment 240 #
Proposal for a regulation
Recital 38 a (new)
(38 a) The manufacturer of a product is not always in a position to require access to data that is essential for diagnostics, research and development and quality control. Access to this data is a prerequisite to develop long-lasting and sustainable machinery and maintain Europe’s manufacturing and industrial prowess. This regulation should grant access to data generated by the use of a product in business-to-business relations also to the manufacturer of the product. As this data may reveal details of user’s economic situation, the user should have the right to require aggregation of data, or delay to its provision.
2022/11/14
Committee: ITRE
Amendment 330 #
Proposal for a regulation
Recital 72
(72) This Regulation aims to facilitate switching between data processing services, which encompasses all conditions and actions that are necessary for a customer to terminate a contractual agreement of a data processing service, to conclude one or multiple new contracts with different providers of data processing services, to port all its digital assets, including data, to the concerned other providers and to continue to use them in the new environment while benefitting from functional equivalencein a way that does not compromise innovation and competitiveness of European organisations in the global economy. Digital assets refer to elements in digital format for which the customer has the right of use, including data, applications, virtual machines and other manifestations of virtualisation technologies, such as containers. Functional equivalence means the maintenance of a minimum level of functionality of a service after switching, and should be deemed technically feasible whenever both the originating and the destination data processing services cover (in part or in whole) the same service type. Meta-data, generated by the customer’s use of a service, should also be portable pursuant to this Regulation’s provisions on switching.
2022/11/14
Committee: ITRE
Amendment 393 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1
(1) ‘data’ means any digital representation of acts, facts or information and any compilation of such acts, facts or information, including in the form of sound, visual or audio-visual recording, and any underlying digital descriptions, or so-called metadata, of those digital representations;
2022/11/14
Committee: ITRE
Amendment 405 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 a (new)
(1 a) ‘data generated by the use’ means data in the form and format in which they are generated as a result of interaction by the user and the product while using it, including basic context and timestamp to make the data usable, but not covering any derived data, analysis or know-how.
2022/11/14
Committee: ITRE
Amendment 452 #
Proposal for a regulation
Article 2 – paragraph 1 – point 10
(10) ‘public emergency’ means an exceptional situation negatively affecting the poppublic health emergencies, emergencies resulation of the Union, a Member State or part of it, with a risk of serious and lasting repercussions on living conditions or economic stability, or the substantial degradation of economic assets in the Unng from environmental degradation and major natural disasters, including those exacerbated by climate change, and major man-made disasters, such as major cybersecurity incidents, that negatively affect the population orf the relevantUnion, a Member State(s); or part of it.
2022/11/14
Committee: ITRE
Amendment 493 #
Proposal for a regulation
Article 3 – paragraph 1
1. Products shall be designed and manufactured, and related services shall be provided, in such a manner that data generated by their use are, by default, easily, securely and, where relevant and appropriate, directly accessible to the user. The user should have unhindered access to data, including relevant processed data, that is essential to the functioning, repairing, or servicing of the connected products and related services. The relevant sets of processed data to which the user is allowed access shall be specified in sector-specific regulation.
2022/11/14
Committee: ITRE
Amendment 563 #
Proposal for a regulation
Article 4 – paragraph 1
1. Where data cannot be directly accessed by the user from the product, the data holder shall make available to the user the data generated by its use of a product or related service without undue delay, free of charge and, where applicable, continuously and in real- time. This shall be done on the basis of a simple request through electronic means where technically feasible. When the user is a natural person, data shall be made available free of charge.
2022/11/14
Committee: ITRE
Amendment 572 #
Proposal for a regulation
Article 4 – paragraph 3
3. Trade secrets shall only be disclosed provided that all specific necessary measures are taken to preserve the confidentiality of trade secrets in particular with respect to third parties. The data holder and the user can agree measures to preserve the confidentiality of the shared data, in particular in relation to third parties. Such measures shall be utilized in a limited manner and only when the shared data includes trade secrets as defined by the EU or national law. The data holder shall prove the existence of trade secrets when it invokes measures to preserve the confidentiality of the shared data.
2022/11/14
Committee: ITRE
Amendment 681 #
Proposal for a regulation
Article 7 – paragraph 1
1. The obligations of this Chapter shall not apply to data generated by the use of products manufactured or related services provided by enterprises that qualify as micro or, small or medium-sized enterprises, as defined in Article 2 of the Annex to Recommendation 2003/361/EC, provided those enterprises do not have partner enterprises or linked enterprises as defined in Article 3 of the Annex to Recommendation 2003/361/EC which do not qualify as a micro or, small or medium- sized enterprise.
2022/11/14
Committee: ITRE
Amendment 700 #
Proposal for a regulation
Article 9 – paragraph 1
1. Any compensation agreed between a data holder and a data recipient for making data available shall be reasonable and shall not exceed the costs directly related to making the data available.
2022/11/14
Committee: ITRE
Amendment 709 #
Proposal for a regulation
Article 9 – paragraph 2
2. Where the data recipient is a micro, small or medium enterprise, as defined in Article 2 of the Annex to Recommendation 2003/361/EC, and the data holder is not, any compensation agreed shall not exceed the costs directly related to making the data available to the data recipient and which are attributable to the request. Article 8(3) shall apply accordingly.
2022/11/14
Committee: ITRE
Amendment 754 #
Proposal for a regulation
Article 13 – paragraph 8 a (new)
8 a. The Commission shall conduct a regular market investigation to review and, if necessary, revise the unfair contractual terms listed in paragraphs 3 and 4 of this Article.
2022/11/14
Committee: ITRE
Amendment 766 #
Proposal for a regulation
Article 14 – paragraph 2
2. This Chapter shall not apply to medium-sized, small and micro enterprises as defined in Article 2 of the Annex to Recommendation 2003/361/EC.
2022/11/14
Committee: ITRE
Amendment 977 #
Proposal for a regulation
Article 24 – paragraph 1 – point c
(c) a minimum period for data retrieval of at least 360 calendar days, starting after the termination of the transition period that was agreed between the customer and the service provider, in accordance with paragraph 1, point (a) and paragraph 2.
2022/11/14
Committee: ITRE
Amendment 980 #
Proposal for a regulation
Article 24 – paragraph 1 – point c a (new)
(c a) an estimation of costs concerning switching data processing services.
2022/11/14
Committee: ITRE
Amendment 1018 #
Proposal for a regulation
Article 28 – paragraph 1 – subparagraph 1 – introductory part
Operators ofwithin data spaces shall comply with, the following essential requirements, applicable to the services offered by the operator, to facilitate interoperability of data, data sharing mechanisms and services:
2022/11/14
Committee: ITRE
Amendment 1028 #
Proposal for a regulation
Article 28 – paragraph 1 – subparagraph 1 – point d
(d) the means to enable the interoperability of smart contracts for data sharing within their services and activities shall be provided.
2022/11/14
Committee: ITRE
Amendment 1038 #
Proposal for a regulation
Article 28 – paragraph 3 a (new)
3 a. The operators within a particular data space shall agree on the rules by which the accountabilities regarding these requirements are defined between the operators.
2022/11/14
Committee: ITRE
Amendment 1042 #
Proposal for a regulation
Article 28 – paragraph 4
4. The Commission may, in accordance with Article 10 of Regulation (EU) No 1025/2012, request one or more European standardisation organisations to draft harmonised standards that satisfy the essential requirements under paragraph 1 of this Article. The standardisation shall take into account the needs of small and medium enterprises.
2022/11/14
Committee: ITRE
Amendment 1061 #
Proposal for a regulation
Article 29 – paragraph 4
4. The Commission may, in accordance with Article 10 of Regulation (EU) No 1025/2012, request one or more European standardisation organisations to draft European standards applicable to specific service types of data processing services. The standardisation shall take into account the needs of small and medium-sized enterprises.
2022/11/14
Committee: ITRE
Amendment 1070 #
Proposal for a regulation
Article 30 – paragraph 1 – point a
(a) robustness and access control: ensure that the smart contract has been designed to offer rigorous access control mechanisms and a very high degree of robustness to avoid functional errors and to withstand manipulation by third parties;
2022/11/14
Committee: ITRE
Amendment 1073 #
Proposal for a regulation
Article 30 – paragraph 1 – point c
(c) data archiving and continuity: foresee, if a smart contract must be terminated or deactivated, a possibility to archive transactional data, the smart contract logic and code to keep the record of the operations performed on the data in the past (auditability); andeleted
2022/11/14
Committee: ITRE
Amendment 1076 #
Proposal for a regulation
Article 30 – paragraph 1 – point d
(d) access control: a smart contract shall be protected through rigorous access control mechanisms at the governance and smart contract layers.deleted
2022/11/14
Committee: ITRE
Amendment 1081 #
Proposal for a regulation
Article 30 – paragraph 2
2. The vendor of a smart contract or, in the absence thereof, the person whose trade, business or profession involves the deployment of smart contracts for others in the context of an agreement to make data available shall perform a conformity assessment with a view to fulfilling the essential requirements under paragraph 1 and, on the fulfilment of the requirements, issue an EU declaration of conformity.deleted
2022/11/14
Committee: ITRE
Amendment 1086 #
Proposal for a regulation
Article 30 – paragraph 4
4. A smart contract that meets the harmonised standards or the relevant parts thereof drawn up and published in the Official Journal of the European Union shall be presumed to be in conformity with the essential requirements under paragraph 1 of this Article to the extent those standards cover those requirements.deleted
2022/11/14
Committee: ITRE
Amendment 1088 #
Proposal for a regulation
Article 30 – paragraph 5
5. The Commission may, in accordance with Article 10 of Regulation (EU) No 1025/2012, request one or more European standardisation organisations to draft harmonised standards that satisfy the essential the requirements under paragraph 1 of this Article. The standardisation shall take into account the needs of small and medium enterprises.
2022/11/14
Committee: ITRE
Amendment 1090 #
Proposal for a regulation
Article 30 – paragraph 6
6. Where harmonised standards referred to in paragraph 4 of this Article do not exist or where the Commission considers that the relevant harmonised standards are insufficient to ensure conformity with the essential requirements in paragraph 1 of this Article in a cross-border context, the Commission may, by way of implementing acts, adopt common specifications in respect of the essential requirements set out in paragraph 1 of this Article. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 39(2).deleted
2022/11/14
Committee: ITRE