BETA

Activities of Carlos ZORRINHO related to 2022/0047(COD)

Plenary speeches (1)

Data Act (debate)
2023/03/14
Dossiers: 2022/0047(COD)

Amendments (103)

Amendment 103 #
Proposal for a regulation
Recital 4
(4) In order to respond to the needs of the digital economycontribute to the digital transition of the Union, a comprehensive harmonisation at Union level is needed to ensure fairness in the allocation of value from data among all actors in the data economy as well asto avoid fragmentation resulting from national legislation, and therefore to create trust in the data sharing environment. Moreover, to foster access to and use of data. and to remove barriers to a well-functioning internal market for data, it is necessary to lay down a harmonised framework specifying who, other than the manufacturer or other data holder is entitled to access the data generated by products or related services, under which conditions and on what basis. Accordingly, Member States should not adopt or maintain additional national requirements on those matters falling within the scope of this Regulation, unless explicitly provided for in this Regulation, since this would affect the direct and uniform application of this Regulation.
2022/11/14
Committee: ITRE
Amendment 130 #
Proposal for a regulation
Recital 14
(14) Physical products that obtain, generate or collect, by means of their components or operating systems or embedded software, data concerning their performance, use or environment and that are able to communicate that data via a publicly available electronic communications service (often referred to as the Internet of Things) should be covered by this Regulation with the exception of prototypes. Electronic communications services include land- based telephone networks, television cable networks, satellite-based networks and near-field communication networks. Such products may include vehicles, home equipment and consumer goods, medical and health devices or agricultural and industrial machinery. The data represent the digitalisation of user actions and events and should accordingly be accessible to the user, while information derived or inferred from this data, where lawfully held, should not be considered within scope of this Regulation. Such data are potentially valuable to the user and support innovation and the development of digital and other services protecting the environment, health and the circular economy, in particular though facilitating the maintenance and repair of the products in question.This Regulation applies to products placed on the marketin the Union and thus does not apply to products in development stage such as prototypes.
2022/11/14
Committee: ITRE
Amendment 136 #
Proposal for a regulation
Recital 15
(15) In contrast, certain products that are primarily designed to display or play content, or to record and transmit content, amongst others for the use by an online service should not be covered by this Regulation. Such products include, for example, personal computers, servers, tablets and smart phones, cameras, webcams, sound recording systems and text scanners. They require human input to produce various forms of content, such as text documents, sound files, video files, games, digital maps.
2022/11/14
Committee: ITRE
Amendment 140 #
Proposal for a regulation
Recital 15 a (new)
(15 a) The use and access to sensitive data generated by a product regulated by a specific sectoral rules is without prejudice to those rules.
2022/11/14
Committee: ITRE
Amendment 148 #
(17) Data generated by the use of a product or related service include data recorded intentionally by the user. Such data include also data generated as a by- product of the user’s action, such as diagnostics data, and without any action by the user, such as when the product is in ‘standby mode’, and data recorded during periods when the product is switched off. Such data should include data in the form and format in which they are generated by the product, but not pertain to data resulting from any softwaincluding data pre -process that calculates derivative data from such data as such software process may be subject to intellectual property rights.ed using the product’s own computing capacity
2022/11/14
Committee: ITRE
Amendment 158 #
Proposal for a regulation
Recital 18
(18) The user of a product should be understood as the legal or natural person, such as a business or, consumer or public sector body , which has purchased, rented or leased the product. Depending on the legal title under which he uses it, such a user bears the risks and enjoys the benefits of using the connected product and should enjoy also the access to the data it generates. The user should therefore be entitled to derive benefit from data generated by that product and any related service.
2022/11/14
Committee: ITRE
Amendment 170 #
Proposal for a regulation
Recital 21
(21) Products may be designed to make certain data directly available from an on- device data storage or from a remote server to which the data are communicated. Where on-device access is technically supported, the manufacturer shall make this means of access also available to third-party service providers or the user. Access to the on-device data storage may be enabled via cable-based or wireless local area networks connected to a publicly available electronic communications service or a mobile network. The server may be the manufacturer’s own local server capacity or that of a third party or a cloud service provider who functions as data holder. TheyProducts may be designed to permit the user or a third party to process the data on the product or on a computing instance of the manufacturer or in an environment chosen by the user or the authorised. Where either option is available, the user or third party shall choose their preferred method.
2022/11/14
Committee: ITRE
Amendment 188 #
Proposal for a regulation
Recital 25
(25) In sectors characterised by the concentration of a small number of manufacturers supplying end users, there are only limited options available to users with regard to sharing data with those manufacturers. In such circumstances, cContractual agreements may be insufficient to achieve the objective of user empowerment. The data tends to remain under the control of the manufacturers or other data holders, making it difficult for users to obtain value from the data generated by the equipment they purchase or lease. Consequently, there is limited potential for innovative smaller businesses to offer data-based solutions in a competitive manner and for a diverse data economy in Europe. This Regulation should therefore build on recent developments in specific sectors, such as the Code of Conduct on agricultural data sharing by contractual agreement. Sectoral legislation may be brought forward to address sector-specific needs and objectives. Furthermore, the data holder should not use any data generated by the use of the product or related service in order to derive insights about the economic situation of the user or its assets or production methods or the use in any other way that could undermine the commercial position of the user on the markets it is active on. This would, for instance, involve using knowledge about the overall performance of a business or a farm in contractual negotiations with the user on potential acquisition of the user’s products or agricultural produce to the user’s detriment, or for instance, using such information to feed in larger databases on certain markets in the aggregate (,e.g. databases on crop yields for the upcoming harvesting season) as such use could affect the user negatively in an indirect manner. The user should be given the necessary technical interface to manage permissions, preferably with granular permission options (such as “allow once” or “allow while using this app or service”), including the option to withdraw permission.
2022/11/14
Committee: ITRE
Amendment 190 #
Proposal for a regulation
Recital 25 a (new)
(25 a) Data users should have the priority on benefitting from the value created by the use of the product. Data holders should ensure that non-personal they receive from the connected product are primarily used for the fulfilment of their contractual obligations to the user. This is without the prejudice of the data holders capability to use the non-personal data generated to improve the functioning of the connected product or related service, to develop new products or services or to enrich, manipulate or aggregate it with other data.
2022/11/14
Committee: ITRE
Amendment 202 #
Proposal for a regulation
Recital 28
(28) The user should be free to use the data for any lawful purpose. This includes providing the data the user has received exercising the right under this Regulation to a third party offering an aftermarket service that may be in competition with a service provided by the data holder, or to instruct the data holder to do so. The request should also be valid regardless of whether the request is put forward by the user or an authorised third party acting on users behalf, such as authorised data intermediation service in the meaning of the Regulation (EU) 2022/868. The data holder should ensure that the data made available to the third party is as accurate, complete, reliable, relevant and up-to-date as the data the data holder itself may be able or entitled to access from the use of the product or related service. Any trade secrets or intellectual property rights should be respected in handling the data. It is important to preserve incentives to invest in products with functionalities based on the use of data from sensors built into that product. The aim of this Regulation should accordingly be understood as to foster the development of new, innovative products or related services, stimulate innovation on aftermarkets, but also stimulate the development of entirely novel services making use of the data, including based on data from a variety of products or related services. At the same time, it aims to avoid undermining the investment incentives for the type of product from which the data are obtained, for instance, by the use of data to develop a competing product.
2022/11/14
Committee: ITRE
Amendment 215 #
Proposal for a regulation
Recital 31
(31) Data generated by the use of a product or related service should only be made available to a third party such as authorised data intermediation service in the meaning of the Regulation (EU) 2022/868 at the request of the user. This Regulation accordingly complements the right provided under Article 20 of Regulation (EU) 2016/679. That Article provides for a right of data subjects to receive personal data concerning them in a structured, commonly used and machine- readable format, and to port those data to other controllers, where those data are processed on the basis of Article 6(1), point (a), or Article 9(2), point (a), or of a contract pursuant to Article 6(1), point (b). Data subjects also have the right to have the personal data transmitted directly from one controller to another, but only where technically feasible. Article 20 specifies that it pertains to data provided by the data subject but does not specify whether this necessitates active behaviour on the side of the data subject or whether it also applies to situations where a product or related service by its design observes the behaviour of a data subject or other information in relation to a data subject in a passive manner. The right under this Regulation complements the right to receive and port personal data under Article 20 of Regulation (EU) 2016/679 in several ways. It grants users the right to access and make available to a third party to any data generated by the use of a product or related service, irrespective of its nature as personal data, of the distinction between actively provided or passively observed data, and irrespective of the legal basis of processing. Unlike the technical obligations provided for in Article 20 of Regulation (EU) 2016/679, this Regulation mandates and ensures the technical feasibility of third party access for all types of data coming within its scope, whether personal or non-personal. This Regulation also allows direct data sharing from users to third parties. This Regulation precludes the data holder or the third party from directly or indirectly charging consumers or data subjects a fee, compensation or costs for sharing data or for accessing it. This Regulation does not directly or indirectly incentivise the commercialisation or trade of personal data It also allows the data holder to set reasonable compensation to be met by third parties, but not by the user, for any cost incurred in providing direct access to the data generated by the user’s product. If a data holder and third party are unable to agree terms for such direct access, the data subject should be in no way prevented from exercising the rights contained in Regulation (EU) 2016/679, including the right to data portability, by seeking remedies in accordance with that Regulation. It is to be understood in this context that, in accordance with Regulation (EU) 2016/679, a contractual agreement does not allow for the processing of special categories of personal data by the data holder or the third party.
2022/11/14
Committee: ITRE
Amendment 278 #
Proposal for a regulation
Recital 56
(56) In situations of exceptional need, it may be necessary for public sector bodies or Union institutions, agencies or bodies to use data held by an enterprise to respond to public emergencies or in other exceptional casesPublic sector bodies are faced with several interrelated challenges spanning from pandemics and climate change to urban planning and mobility. Privately held data has a high potential to help solving these problems in the public interest. By informing decision making, providing for new scientific insights and resolving policy issues, private held data enablse more targeted interventions and improvement of public service delivery, bringing about significant savings for the public budget. This is why situations it may be necessary for public sector bodies or Union institutions, agencies or bodies to use data held by an enterprise to respond to public emergencies such as public health or climate emergencies, in other exceptional cases such as purposes of legitimate public interest explicitly provided by under Union or national law. Research-performing organisations and research-funding organisations could also be organised as public sector bodies or bodies governed by public law. To limit the burden on businesses, micro and small enterprises should be exempted from the obligation to provide public sector bodies and Union institutions, agencies or bodies data in situations of exceptional need.
2022/11/14
Committee: ITRE
Amendment 283 #
Proposal for a regulation
Recital 56 a (new)
(56 a) The business-to-government data sharing should be driven by the over- arching principles outlined in the High Level Expert Group on Business-to- Government. These principles are: proportionality of the use of private-sector data, data use limitation, “do no harm”, compensation, non-discrimination, limitation mitigation, transparency and societal participation, accountability and fair and ethical data use.
2022/11/14
Committee: ITRE
Amendment 289 #
Proposal for a regulation
Recital 57
(57) In case of public emergencies, such as public health emergencies, emergencies resulting from environmental degradation and major natural disasters including those aggravated by climate change, as well as human-induced major disasters, such as major cybersecurity incidents, the public interest resulting from the use of the data will outweigh the interests of the data holders to dispose freely of the data they hold. In such a case, data holders should be placed under an obligation to make the data available to public sector bodies or to Union institutions, agencies or bodies upon their request. The existence of a public emergency ishould be determined according to the respective procedures in the Member States or of relevant international organisations.
2022/11/14
Committee: ITRE
Amendment 298 #
Proposal for a regulation
Recital 58
(58) An exceptional need may also arise when a public sector body can demonstrate that the data are necessary either to prevent a public emergency, or to assist recovery from a public emergency, in circumstances that are reasonably proximate to the public emergency in question. Where the exceptional need is not justified by the need to respond to, prevent or assist recovery from a public emergency, the public sector body or the Union institution, agency or body should demonstrate that the lack of timely access to and the use of the data requested prevents it from effectively fulfilling a specificor exercising a task in the legitimate public interest that has been explicitly provided in lawas provided for in national law. The tasks, aimed at improving the efficient provision of public services and evidence-based public policymaking as well as gaining enforcement of existing laws or regulations, can include but should not be limited to, improving traffic and mobility, environmental sustainability, affordable housing, city planning as well as facilitating the development, production and dissemination of official statistics. Such exceptional need may also occur in other situations, for example in relation to the timely compilation of official statistics when data is not otherwise available or when the burden on statistical respondents will be considerably reduced. At the same time, the public sector body or the Union institution, agency or body should, outside the case of responding to, preventing or assisting recovery from a public emergency, demonstrate that no alternative means for obtaining the data requested exists and that the data cannot be obtained in a timely manner through the laying down of the necessary data provision obligations in new legislation. This covers situations where the existence of a reporting obligation fort the provision of the data in scope of the request exists but is in itself insufficient to guarantee the availability of data of the necessary quality, granularity, and timeliness or where the said obligation is otherwise not fit for the specific use purpose sought.
2022/11/14
Committee: ITRE
Amendment 311 #
Proposal for a regulation
Recital 62 a (new)
(62 a) The data made available to the public sector bodies should be in a structured and commonly used format, accompanied with a relevant metadata that facilitates the use of the data with only minimal adaptations necessary to make them useable by the public sector or Union institution body.
2022/11/14
Committee: ITRE
Amendment 320 #
Proposal for a regulation
Recital 66
(66) When reusing data provided by data holders, public sector bodies and Union institutions, agencies or bodies should respect both existing applicable legislation and contractual obligations to which the data holder is subject. . Public administration authorities should coordinate their requests for data and pursue best efforts to ensure that businesses are obliged to supply the same data only once. Where the disclosure of trade secrets of the data holder to public sector bodies or to Union institutions, agencies or bodies is strictly necessary to fulfil the purpose for which the data has been requested, confidentiality of such disclosure should be ensured to the data holder.
2022/11/14
Committee: ITRE
Amendment 328 #
Proposal for a regulation
Recital 69 a (new)
(69 a) Unnecessarily high “data egress fees”, or data transfer costs have the potential to restrict competition and cause lock-in effects for the customers of data processing services, by reducing incentives to choose a different or additional service provider. Therefore, the gradual withdrawal of the charges associated with switching data processing services should specifically include withdrawing any “egress fees” charged by the data processing services to a customer.
2022/11/14
Committee: ITRE
Amendment 339 #
Proposal for a regulation
Recital 79
(79) Standardisation and semantic interoperability should play a key role to provide technical solutions to ensure interoperability. In order to facilitate the conformity with the requirements for interoperability, it is necessary to provide for a presumption of conformity for interoperability solutions that meet harmonised standards or parts thereof in accordance with Regulation (EU) No 1025/2012 of the European Parliament and of the Council. These standards should be developed in open, technology neutral and inclusive way line with Chapter II of the Regulation (EU) No 1025/2012. The Commission should adopt common specifications in areas where no harmonised standards exist or where they are insufficient in order to further enhance interoperability for the common European data spaces, application programming interfaces, cloud switching as well as smart contracts. Additionally, common specifications in the different sectors could remain to be adopted, in accordance with Union or national sectoral law, based on the specific needs of those sectors. Reusable data structures and models (in form of core vocabularies), ontologies, metadata application profile, reference data in the form of core vocabulary, taxonomies, code lists, authority tables, thesauri should also be part of the technical specifications for semantic interoperability. Furthermore, the Commission should be enabled to mandate the development of harmonised standards for the interoperability of data processing services in consultation with the European Data Innovation Board as outlined in the Article 30 of the Regulation (EU) No 2022/868.
2022/11/14
Committee: ITRE
Amendment 345 #
Proposal for a regulation
Recital 81 a (new)
(81 a) In order to further enhance coordination in thee nforcement of this Regulation, the European Data Innovation Board should foster the mutual exchange of information amongst competent authorities as well as advise and assist the Commission in matters falling under this Regulation that fall within the competences of Article 30 of Regulation (EU) 2022/868. A subgroup for stakeholder involvement referred to in Article 29(2)(c) of that Regulation should participate in the consultation on a continual basis.
2022/11/14
Committee: ITRE
Amendment 359 #
Proposal for a regulation
Article 1 – paragraph 1 a (new)
1 a. This Regulation covers personal and non-personal data, including the following types of data or in the following contexts: (a) Chapter II applies to data concerning the performance, use and environment of products and relatedservices. (b) Chapter III applies to anyprivate sector data subject to statutory data sharing obligations. (c) Chapter IV applies to any private sector data accessed and used on the basis of contractual agreements between businesses. (d) Chapter V applies to any privatesector data with a focus on non-personal data. (e) Chapter VI applies to any dataprocessed by data processing services. (f) Chapter VII applies to any non- personal data held in the Union by providers of data processing services.
2022/11/14
Committee: ITRE
Amendment 362 #
Proposal for a regulation
Article 1 – paragraph 2 – point a
(a) manufacturers of products and suppliers of related services placed on the market in the Union and the Union based users of such products or services;
2022/11/14
Committee: ITRE
Amendment 388 #
Proposal for a regulation
Article 1 – paragraph 4 a (new)
4 a. Dataholders shall not be obliged to provide access to data to any natural or legal person, entity or body outside the Union, unless otherwise provided by the Union law or the implementing national legislations.
2022/11/14
Committee: ITRE
Amendment 395 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 a (new)
(1 a) ‘personal data’ means personal data as defined in Article 4, point(1), of Regulation (EU) 2016/679;
2022/11/14
Committee: ITRE
Amendment 398 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 b (new)
(1 b) 'non-personal data' means data other than personal data;
2022/11/14
Committee: ITRE
Amendment 417 #
Proposal for a regulation
Article 2 – paragraph 1 – point 2
(2) ‘product’ means a tangible, movable item, including where incorporated in an immovable item, that obtains, generates or collects, data concerning its use or environment, and that is able to communicate data via a publicly availablen electronic communications service and whose primary function is not the storing and, processing of datar transmission of data nor is it primarily designed to display or play content, or to record and transmit content;
2022/11/14
Committee: ITRE
Amendment 443 #
Proposal for a regulation
Article 2 – paragraph 1 – point 6 a (new)
(6 a) 'data subject' means data subject as referred to in Article 4, point (1), of Regulation (EU) 2016/679;
2022/11/14
Committee: ITRE
Amendment 455 #
Proposal for a regulation
Article 2 – paragraph 1 – point 10
(10) ‘public emergency’ means an exceptional situation such as public health emergencies, emergencies resulting from environmental degradation and major natural disasters, including those exacerbated by climate change, and major man-made disasters, such as major cybersecurity incidents, negatively affecting the population of the Union, a Member State or part of it, with a risk of serious and lasting repercussions on living conditions or economic and financial stability, or the substantial degradation of economic assets in the Union or the relevant Member State(s); and which is determined according to the respective procedures under Union or national law.
2022/11/14
Committee: ITRE
Amendment 459 #
Proposal for a regulation
Article 2 – paragraph 1 – point 10 a (new)
(10 a) ‘official statistics’ means statistics within the meaning of ‘European statistics’ under Regulation (EC) No 223/2009’.
2022/11/14
Committee: ITRE
Amendment 465 #
Proposal for a regulation
Article 2 – paragraph 1 – point 15
(15) 'open interoperability specificationstandards’ mean ICT technical specifications, as defined in Regulation (EU) No 1025/2012, which are performance oriented towards achieving interoperability between data processing servicesfor repeated or continuous application, publicly available for implementation and use on reasonable terms (including for a reasonable fee or free of charge), adopted through an inclusive, collaborative, consensus-based and transparent process from which materially affected and interested parties cannot be excluded;
2022/11/14
Committee: ITRE
Amendment 469 #
Proposal for a regulation
Article 2 – paragraph 1 – point 16
(16) ‘smart contract’ means a computer program stored in an electronic ledger system wherein the outcome of the execution of the program is recorded on the electronic ledger;deleted
2022/11/14
Committee: ITRE
Amendment 472 #
Proposal for a regulation
Article 2 – paragraph 1 – point 17
(17) ‘electronic ledger’ means an electronic ledger within the meaning of Article 3, point (53), of Regulation (EU) No 910/2014;deleted
2022/11/14
Committee: ITRE
Amendment 478 #
Proposal for a regulation
Article 2 – paragraph 1 – point 20 a (new)
(20 a) ‘common European data spaces’ mean purpose- or sector-specific or cross -sectoral interoperable frameworks of common standards and practices to share or jointly process data for, inter alia, development and provision of new products and services, scientific research or civil society initiatives.
2022/11/14
Committee: ITRE
Amendment 483 #
Proposal for a regulation
Article 2 – paragraph 1 – point 20 b (new)
(20 b) ‘data intermediation service’ means data intermediation service as referred to in Article 2, point (8), of Regulation(EU) 2022/868;
2022/11/14
Committee: ITRE
Amendment 485 #
Proposal for a regulation
Article 2 – paragraph 1 – point 20 c (new)
(20 c) 'operator within data spaces' mean legal persons, such as data holders, data users, and data intermediation service providers, that facilitate or engage in data sharing within and across the common European data spaces;
2022/11/14
Committee: ITRE
Amendment 492 #
Proposal for a regulation
Article 3 – paragraph 1
1. Products shall be designed and manufactured, and related services shall be provided, in such a manner that data generated by their use that are accessible to the data holder are free of charge and, are, by default, easily, securely and, where relevant and appropriate, directly accessible to the user in a structured, commonly used and machine-readable format. Data shall be provided in the form in which they have been generated by the product, with only the minimal adaptations necessary to make them useable by a third party, including related metadata necessary to interpret and use the data.
2022/11/14
Committee: ITRE
Amendment 503 #
Proposal for a regulation
Article 3 – paragraph 1 a (new)
1 a. Where on-device access is technically supported, the manufacturer shall make this means of access also available to third-party service providers in a non-discriminatory manner.
2022/11/14
Committee: ITRE
Amendment 516 #
Proposal for a regulation
Article 3 – paragraph 2 – point a a (new)
(a a) the categories of data transmitted to the data holder by the use of a product or a related service
2022/11/14
Committee: ITRE
Amendment 521 #
Proposal for a regulation
Article 3 – paragraph 2 – point c
(c) how the user may access those data delivered in a usable format and in a simple, clear and free manner for the user ;;
2022/11/14
Committee: ITRE
Amendment 528 #
Proposal for a regulation
Article 3 – paragraph 2 – point c b (new)
(c b) (cb) The technical means to access the data, such as Software Development Kits or application programming interfaces , and their terms of use and quality of service shall be sufficiently described to enable the development of such means of access
2022/11/14
Committee: ITRE
Amendment 529 #
Proposal for a regulation
Article 3 – paragraph 2 – point c a (new)
(c a) the data holder shall provide information on the data structures, data formats, vocabularies, classification schemes, taxonomies and code lists, where available, which shall be described in a publicly available and consistent manner.
2022/11/14
Committee: ITRE
Amendment 558 #
Proposal for a regulation
Article 4 – paragraph 1
1. Where data cannot be directly accessed by the user from the product, the data holder shall make available to the user the data generated by itsthe use of a product or related service without undue delay easily, in a structured, commonly used and machine-readable format, free of charge and, where applicable, continuously and in real-time. accompanied with relevant metadata. Data shall be provided in the form in which they have been generated by the product including data generated by the use of a product, with only the minimal adaptations necessary to make them useable by a third party, including related metadata and support tools necessary to interpret and use the data in order to achieve the intended purpose- This shall be done on the basis of a simple request through electronic means where This shall be done on the basis of a simple request through electronic means where technically feasible.
2022/11/14
Committee: ITRE
Amendment 573 #
Proposal for a regulation
Article 4 – paragraph 3
3. Trade secrets shall only be disclosed provided that all specific necessary measures are taken to preserve the confidentiality of trade secrets in particular with respect to third parties. The data holder and the user can agree measures to preserve the confidentiality of the shared data, in particular in relation to third parties. Such measures shall be utilized in a limited manner and only when theshared data includes trade secrets as defined by the EU or national law. The data holder shall prove the existence of trade secrets when it invokes measures to preserve the confidentiality of the shared data.
2022/11/14
Committee: ITRE
Amendment 608 #
Proposal for a regulation
Article 5 – paragraph 1
1. Upon request by a user, or by a party acting on behalf of a user such as authorised data intermediation service in the meaning of the Regulation (EU) 2022/868, the data holder shall make available the data generated by the use of a product or related service to a third party, without undue delay, free of charge to the user, of the same quality as is available to the data holder, free of charge to the user via a well-formed application programming interface and, where applicable, continuously and in real- time.
2022/11/14
Committee: ITRE
Amendment 650 #
Proposal for a regulation
Article 6 – paragraph 2 – point a
(a) make the exercise of the rights or choices of users unduly difficult including by offering choices to the end-users in a non-neutral manner, or coerce, deceive or manipulate the user in any way, by subverting or impairing the autonomy, decision-making or choices of the user, including by means of a digital interface with the user or a part thereof, including its structure, design, function or manner of operation;
2022/11/14
Committee: ITRE
Amendment 678 #
Proposal for a regulation
Article 7 – paragraph 1
1. The obligations of this Chapter related to business-to-business data sharing shall not apply to data generated by the use of products manufactured or related services provided by enterprises that qualify as micro or small enterprises, as defined in Article 2 of the Annex to Recommendation 2003/361/EC, provided those enterprises do not have partner enterprises or linked enterprises as defined in Article 3 of the Annex to Recommendation 2003/361/EC which do not qualify as a micro or small enterprise.
2022/11/14
Committee: ITRE
Amendment 699 #
Proposal for a regulation
Article 9 – paragraph 1
1. Any compensation agreed between a data holder and a data recipient for making data available shall be reasonable and shall not exceed the costs directly related to making the data available.
2022/11/14
Committee: ITRE
Amendment 704 #
Proposal for a regulation
Article 9 – paragraph 2
2. Where the data recipient is a micro, small or medium enterprise, as defined in Article 2 of the Annex to Recommendation 2003/361/EC, aAny compensation agreed shall not exceed the costs directly related to making the data available to the data recipient and which are attributable to the request. Article 8(3) shall apply accordingly.
2022/11/14
Committee: ITRE
Amendment 740 #
Proposal for a regulation
Article 13 – paragraph 1
1. A contractual term, concerning the access to and use of data or the liability and remedies for the breach or the termination of data related obligations which has been unilaterally imposed by an enterprise on a micro, small or medium-sized enterprise as defined in Article 2 of the Annex to Recommendation 2003/361/EC or which has been unilaterally imposed by an enterprise which is the sole source of crucial data they hold in some ecosystem shall not be binding on the latterrecipient enterprise if it is unfair.
2022/11/14
Committee: ITRE
Amendment 753 #
Proposal for a regulation
Article 13 – paragraph 8 a (new)
8 a. The Commission shall conduct a regular market investigation to review and, if necessary, revise the unfair contractual terms listed in paragraphs 3 and 4 of this Article.
2022/11/14
Committee: ITRE
Amendment 756 #
Proposal for a regulation
Chapter V – title
V MAKING DATA AVAILABLE TO PUBLIC SECTOR BODIES AND UNION INSTITUTIONS, AGENCIES OR BODIES BASED ON EXCEPTIONAL NEED
2022/11/14
Committee: ITRE
Amendment 758 #
Proposal for a regulation
Article 14 – title
Obligation to make data available based on exceptional need
2022/11/14
Committee: ITRE
Amendment 761 #
Proposal for a regulation
Article 14 – paragraph 1
1. Upon request, a data holder shall make data, including relevant metadata, available to a public sector body or to a Union institution, agency or body demonstrating an exceptional need or a legitimate public interest to use the data requested.
2022/11/14
Committee: ITRE
Amendment 769 #
Proposal for a regulation
Article 15 – title
Exceptional needConditions to use data
2022/11/14
Committee: ITRE
Amendment 776 #
Proposal for a regulation
Article 15 – paragraph 1 – point a
(a) where the data requested is necessary to respond toprevent or respond to or recover from a public emergency;
2022/11/14
Committee: ITRE
Amendment 780 #
Proposal for a regulation
Article 15 – paragraph 1 – point b
(b) where the data request is limited in time and scope and necessary to prevent a public emergency or to assist the recovery from a public emergency;deleted
2022/11/14
Committee: ITRE
Amendment 789 #
Proposal for a regulation
Article 15 – paragraph 1 – point c – introductory part
(c) where the lack of available data prevents the public sector body or Union institution, agency or body from fulfilling a specificor exercising tasks in the public interest that hasve been explicitly provided by law; and
2022/11/14
Committee: ITRE
Amendment 791 #
Proposal for a regulation
Article 15 – paragraph 1 – point c – point 1
(1) the public sector body or Union institution, agency or body has been unable to obtain such data by alternative means, including by purchasing the data on the market at market raton reasonable prices or by relying on existing obligations to make data available, and the adoption of new legislative measures cannot ensure the timely availability of the data; or
2022/11/14
Committee: ITRE
Amendment 802 #
Proposal for a regulation
Article 16 – paragraph 1 a (new)
1 a. This Chapter shall be without prejudice to further specific sectoral rules pertaining to the types of data for which rules have been laid down in Union or national law.
2022/11/14
Committee: ITRE
Amendment 803 #
Proposal for a regulation
Article 16 – paragraph 2
2. The rights from this Chapter shall not be exercised to obtain information or take decisions concerning identifiable individuals. The rights from this Chapter shall not be exercised by public sector bodies and Union institutions, agencies and bodies in order to carry out activities for the prevention, investigation, detection or prosecution of criminal or administrative offences or the execution of criminal penalties, or for customs or taxation administration. This Chapter does not affect the applicable Union and national law on the prevention, investigation, detection or prosecution of criminal or administrative offences or the execution of criminal or administrative penalties, or for customs or taxation administration.
2022/11/14
Committee: ITRE
Amendment 845 #
Proposal for a regulation
Article 17 – paragraph 2 – point d
(d) in case of requests made pursuant to Article 15, point (a), concern, insofar as possible, non- personal data;
2022/11/14
Committee: ITRE
Amendment 849 #
Proposal for a regulation
Article 17 – paragraph 2 – point d a (new)
(d a) in case of requests made pursuant to Article 15, point (b), concern personal data only in case the dataprocessing has a specific basis in Union or Member State law;
2022/11/14
Committee: ITRE
Amendment 864 #
Proposal for a regulation
Article 17 – paragraph 4 – subparagraph 2 a (new)
The third party shall not use the data it receives from a public sector body or a Union institution, agency or body as a result of the outsourcing of technical inspections or other functions pursuant to paragraph 4, to develop a product or a service that competes with the product or service from which the accessed data originate or share the data with another third party for that purpose
2022/11/14
Committee: ITRE
Amendment 887 #
Proposal for a regulation
Article 18 – paragraph 5
5. Where compliance with the request to make data available to a public sector body or a Union institution, agency or body requires the disclosure of personal data, the data holder shall take reasonable efforts to anonymise or pseudonymise the data, insofar as the request can be fulfilled with pseudonymised data.
2022/11/14
Committee: ITRE
Amendment 891 #
Proposal for a regulation
Article 19 – paragraph 1 – introductory part
1. A public sector body or a Union institution, agency or body having received data pursuant to a request made under Article 14 or statistical or research organisation receiving data pursuant to a request made under Article 21(1) shall:
2022/11/14
Committee: ITRE
Amendment 923 #
Proposal for a regulation
Article 20 – paragraph 2
2. Where the data holder claims compensation for making data available in compliance with a request made pursuant to Article 15, points (b) or (c), such compensation shall not exceedcover the technical and organisational costs incurred to comply with the request including, where necessary, the costs of anonymisation and of technical adaptation, plus a reasonable margin. Upon request of the public sector body or the Union institution, agency or body requesting the data, the data holder shall provide information on the basis for the calculation of the costs and the reasonable margin.
2022/11/14
Committee: ITRE
Amendment 931 #
Proposal for a regulation
Article 20 – paragraph 2 a (new)
2 a. Where the public sector body or the Union institution, agency or body wishes to challenge the level of compensation requested by the data holder, the matter shall be brought to the competent authority referred to in Article 31 of the Member State where the data holder is established.
2022/11/14
Committee: ITRE
Amendment 934 #
Proposal for a regulation
Article 21 – paragraph 1
1. A public sector body or a Union institution, agency or body shall be entitled to share data received under this Chapter with individuals or organisations in view of carrying out scientific research or analytics compatible with the purpose for which the data was requested, or to national statistical institutes, the members of the European System of Central Banks, and Eurostat for the compilation of official statistics.
2022/11/14
Committee: ITRE
Amendment 952 #
Proposal for a regulation
Article 22 – paragraph 4 a (new)
4 a. Where a public sector body intends to request data under Article 15 (b) of this Chapter from a data holder established in another Member State the request shall be evaluated in line by the competent authority of the Member State where the data holder is established.
2022/11/14
Committee: ITRE
Amendment 1006 #
Proposal for a regulation
Article 27 – paragraph 1
1. Providers of data processing services shall take all reasonable technical, legal and organisational measures, including contractual arrangements, in order to prevent international transfer orand governmental access to such non-personal data held in the Union where such transfer or access would create a conflict with Union law or the national law of the relevant Member State, without prejudice to paragraph 2 or 3.
2022/11/14
Committee: ITRE
Amendment 1011 #
Proposal for a regulation
Article 27 – paragraph 3 – subparagraph 3
The European Data Innovation Board established under Regulation [xxx – DGA](EU) 2022/868 shall advise and assist the Commission in developing guidelines on the assessment of whether these conditions are met.
2022/11/14
Committee: ITRE
Amendment 1017 #
Proposal for a regulation
Article 28 – paragraph 1 – subparagraph 1 – introductory part
Operators ofwithin data spaces shall comply with, the following essential requirements applicable to the services offered by the operator, to facilitate interoperability of data, data sharing mechanisms and services:
2022/11/14
Committee: ITRE
Amendment 1027 #
Proposal for a regulation
Article 28 – paragraph 1 – subparagraph 1 – point d
(d) the means to enable the interoperability of smart contracts for data sharing within their services and activities shall be provided.
2022/11/14
Committee: ITRE
Amendment 1033 #
Proposal for a regulation
Article 28 – paragraph 2
2. The Commission, in consultation with the European Data Innovation Board in line with the Articles 29and 30 (f)and 30(h) of the Regulation (EU)No 2022/868 is empowered to adopt delegated acts, in accordance with Article 38 to supplement this Regulation by further specifying the essential requirements referred to in paragraph 1.
2022/11/14
Committee: ITRE
Amendment 1037 #
Proposal for a regulation
Article 28 – paragraph 3 a (new)
3 a. The operators within a particular data space shall agree on the rules by which the accountabilities regarding these requirements are defined between the operators.
2022/11/14
Committee: ITRE
Amendment 1041 #
Proposal for a regulation
Article 28 – paragraph 4
4. The Commission may, in accordance with Article 10 of Regulation (EU) No 1025/2012, request one or more European standardisation organisations to draft harmonised standards that satisfy the essential requirements under paragraph 1 of this Article and are developed inan and are developed in an open, transparent, technology-neutral, and inclusive manner in accordance with the Chapter II of Regulation (EU) No 1025/2012.
2022/11/14
Committee: ITRE
Amendment 1045 #
Proposal for a regulation
Article 28 – paragraph 6
6. The Commission, in consultation with the European Data Innovation Board in line with the Articles 29 and 30(f)and 30(h) of the Regulation (EU) 2022/868 may adopt guidelines laying down interoperability specifications for the functioning of common European data spaces, such as architectural models and technical standards implementing legal rules and arrangements between parties that foster data sharing, such as regarding rights to access and technical translation of consent or permission.
2022/11/14
Committee: ITRE
Amendment 1063 #
Proposal for a regulation
Article 29 – paragraph 5
5. For the purposes of Article 26(3) of this Regulation, the Commission in consultation with the European Data Innovation Board in line with the Articles 29 and 30(f) and 30(h) of Regulation (EU) 2022/868 shall be empowered to adopt delegated acts, in accordance with Article 38, to publish the reference of open interoperability specifications and European standards for the interoperability of data processing services in central Union standards repository for the interoperability of data processing services, where these satisfy the criteria specified in paragraph 1 and 2 of this Article.
2022/11/14
Committee: ITRE
Amendment 1067 #
Proposal for a regulation
Article 30 – title
30 Essential requirements regarding smart contracts for data sharing
2022/11/14
Committee: ITRE
Amendment 1069 #
Proposal for a regulation
Article 30 – paragraph 1 – point a
(a) robustness and access control: ensure that the smart contract has been designed to offer rigorous access control mechanisms and a very high degree of robustness to avoid functional errors and to withstand manipulation by third parties;
2022/11/14
Committee: ITRE
Amendment 1072 #
Proposal for a regulation
Article 30 – paragraph 1 – point c
(c) data archiving and continuity: foresee, if a smart contract must be terminated or deactivated, a possibility to archive transactional data, the smart contract logic and code to keep the record of the operations performed on the data in the past (auditability); andeleted
2022/11/14
Committee: ITRE
Amendment 1075 #
Proposal for a regulation
Article 30 – paragraph 1 – point d
(d) access control: a smart contract shall be protected through rigorous access control mechanisms at the governance and smart contract layers.deleted
2022/11/14
Committee: ITRE
Amendment 1082 #
Proposal for a regulation
Article 30 – paragraph 2
2. The vendor of a smart contract or, in the absence thereof, the person whose trade, business or profession involves the deployment of smart contracts for others in the context of an agreement to make data available shall perform a conformity assessment with a view to fulfilling the essential requirements under paragraph 1 and, on the fulfilment of the requirements, issue an EU declaration of conformity.deleted
2022/11/14
Committee: ITRE
Amendment 1085 #
Proposal for a regulation
Article 30 – paragraph 4
4. A smart contract that meets the harmonised standards or the relevant parts thereof drawn up and published in the Official Journal of the European Union shall be presumed to be in conformity with the essential requirements under paragraph 1 of this Article to the extent those standards cover those requirements.deleted
2022/11/14
Committee: ITRE
Amendment 1087 #
Proposal for a regulation
Article 30 – paragraph 5
5. The Commission may, in accordance with Article 10 of Regulation (EU) No 1025/2012, request one or more European standardisation organisations to draft harmonised standards that satisfy the essential the requirements under paragraph 1 of this Article.deleted
2022/11/14
Committee: ITRE
Amendment 1089 #
Proposal for a regulation
Article 30 – paragraph 6
6. Where harmonised standards referred to in paragraph 4 of this Article do not exist or where the Commission considers that the relevant harmonised standards are insufficient to ensure conformity with the essential requirements in paragraph 1 of this Article in a cross-border context, the Commission may, by way of implementing acts, adopt common specifications in respect of the essential requirements set out in paragraph 1 of this Article. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 39(2).deleted
2022/11/14
Committee: ITRE
Amendment 1095 #
Proposal for a regulation
Article 31 – paragraph 1
1. Each Member State shall designate one or more competent authorities as responsible for the application and enforcement of this Regulation, with designated responsible competent authority coordinating the work of the competent authorities. Member States may establish one or more new authorities or rely on existing authorities.
2022/11/14
Committee: ITRE
Amendment 1104 #
Proposal for a regulation
Article 31 – paragraph 2 – point c
(c) the national competent authority responsible for the application and enforcement of Chapter VI of this Regulation shall have technical and human resources and experience in the field of data and electronic communications services.
2022/11/14
Committee: ITRE
Amendment 1105 #
Proposal for a regulation
Article 31 – paragraph 3 – introductory part
3. Member States shall ensure that the respective tasks and powers of the competent authorities designated pursuant to paragraph 1 of this Article are clearly defined and shall at least include:
2022/11/14
Committee: ITRE
Amendment 1107 #
Proposal for a regulation
Article 31 – paragraph 3 – point b
(b) handling complaints arising from alleged violations of this Regulation, and investigating, to the extent appropriate, the subject matter of the complaint and regularly and meaningfully informing the complainant of the progress and the outcome of the investigation swiftly within a reasonable period, in particular if further investigation or coordination with another competent authority is necessary;
2022/11/14
Committee: ITRE
Amendment 1110 #
Proposal for a regulation
Article 31 – paragraph 3 – point d
(d) imposing, through administrative or juridical procedures, dissuasive financial penalties which may include periodic penalties and penalties with retroactive effect, or initiating legal proceedings for the imposition of fines;
2022/11/14
Committee: ITRE
Amendment 1111 #
Proposal for a regulation
Article 31 – paragraph 3 – point e
(e) monitoring technological developments of relevance for the making available and use of data with a view of better enforcing this Regulation; ;
2022/11/14
Committee: ITRE
Amendment 1114 #
Proposal for a regulation
Article 31 – paragraph 3 – point f
(f) cooperating with competent authorities of other Member States to ensure the consistent swift and effective application of this Regulation, including the exchange of all relevant information by electronic means, in a timely manner without undue delay;
2022/11/14
Committee: ITRE
Amendment 1117 #
Proposal for a regulation
Article 31 – paragraph 3 – point h
(h) cooperating with all relevant competent authorities and the European Data the European Data Innovation Board to ensure that the obligations of Chapter VIthis Regulation are enforced consistently with other Union legislation and self-regulation applicable to providers of data processing service;ctor specific data governance rules and regulations
2022/11/14
Committee: ITRE
Amendment 1120 #
Proposal for a regulation
Article 31 – paragraph 4
4. Where a Member State designates more than one competent authority, the competent authorities shall, in the exercise of the tasks and powers assigned to them under paragraph 3 of this Article, cooperate with each other, including, as appropriate, with the supervisory authority responsible for monitoring the application of Regulation (EU) 2016/679, to ensure the consistent application of this Regulation. In such cases, relevant Member States shall designate a coordinating, responsible competent authority.
2022/11/14
Committee: ITRE
Amendment 1126 #
Proposal for a regulation
Article 31 a (new)
Article 31 a Role of the European Data Innovation Board The European Data Innovation Board should foster the mutual exchange of information amongst competent authorities as well as advise and assist the Commission in matters of this Regulation falling under the competences of the Board in line with Article 30 of Regulation (EU) 2022/868
2022/11/14
Committee: ITRE
Amendment 1127 #
Proposal for a regulation
Article 32 – paragraph 1
1. Without prejudice to any other administrative or judicial remedy, natural and legal persons shall have the right to lodge a complaint, individually or, where relevant , collectively, with the relevant competent authority in the Member State of their habitual residence, place of work or establishment if they consider that their rights or the obligations under this Regulation have been infringed.
2022/11/14
Committee: ITRE
Amendment 1129 #
Proposal for a regulation
Article 32 – paragraph 3
3. Competent authorities shall cooperate early in the process to handle and resolve complaints, including by effectively and in a timely manner, including by setting reasonable deadlines for adopting formal decisions, ensuring equality of the parties, ensuring the right to be heard from complainants and access to the file throughout the process, exchanging all relevant information by electronic means, without undue delay. This cooperation shall not affect the specific cooperation mechanism provided for by Chapters VI and VII of Regulation (EU) 2016/679.
2022/11/14
Committee: ITRE
Amendment 1135 #
Proposal for a regulation
Article 33 – paragraph 1
1. Member States shall lay down the rules on penalties applicable to infringements of this Regulation and shall take all measures necessary to ensure that they are implemented. The penalties provided for shall be effective, proportionate and dissuasive, including administrative fines against enterprises of a minimum of 20 000 000EUR or 4 % of the total worldwide annual turnover of the preceding financial year, whichever is higher.
2022/11/14
Committee: ITRE
Amendment 1139 #
Proposal for a regulation
Article 33 – paragraph 2
2. Member States shall by [date of application of the Regulation] notify the Commission , the European Data Protection Board and the European Data Innovation Boardof those rules and measures and shall notify it them without delay of any subsequent amendment affecting them. The Commission shall regularly update and maintain an easily accessible public register of those measures.
2022/11/14
Committee: ITRE
Amendment 1143 #
The Commission shall develop and recommend non-binding model contractual terms on data access and use to assist parties in drafting and negotiating contracts with balanced contractual rights and obligations. These non-binding contractual terms shall be openly freely available in easily usable electronic format.
2022/11/14
Committee: ITRE
Amendment 1147 #
Proposal for a regulation
Article 35 – paragraph 1 a (new)
The right of the maker of a databaseas provided for in Article 7(1) of Directive 96/9/EC shall not be exercised by data holders in such away that it prevents them from making data available to public sector bodies, or Union institutions, agencies or bodies, subsequent to a request made under Article 14 of this Regulation.
2022/11/14
Committee: ITRE
Amendment 1153 #
Proposal for a regulation
Article 41 – paragraph 1 – point e a (new)
(e a) evaluation of the impacts of this Regulation to the development of business practices and monetisation practices of the European data economy and possible needs for reviewing the Regulation.
2022/11/14
Committee: ITRE