39 Amendments of Virginie JORON related to 2022/0047(COD)
Amendment 87 #
Proposal for a regulation
Recital 1
Recital 1
(1) In recent years, data-driven technologies have had transformative effects on all sectors of the economy. In recent years, data-driven technologies have had transformative effects on all sectors of the economy. High quality and interoperable data from different domains increase competitiveness and innovation and ensure sustainable economic growth. In the light of those challenges, it is critical that the Commission support the Member States in their digital independence strategies, including in the development of European digital infrastructure, and ensure that European users’ privacy, data security and rights are strongly protected. The same dataset may potentially be used and reused for a variety of purposes and to an unlimited degree, without any loss in its quality or quantity.
Amendment 90 #
Proposal for a regulation
Recital 2
Recital 2
(2) Barriers to data sharing prevent an optimal allocation of data to the benefit of society. These barriers include a lack of incentives for data holders to enter voluntarily into data sharing agreements, uncertainty about rights and obligations in relation to data, abuse of dominant positions by companies from third countries, the EU’s lack of ambition with regard to strategic independence vis-à-vis third countries and their companies, costs of contracting and implementing technical interfaces, the high level of fragmentation of information in data silos, poor metadata management, the absence of standards for semantic and technical interoperability, bottlenecks impeding data access, a lack of common data sharing practices and abuse of contractual imbalances with regards to data access and use.
Amendment 99 #
Proposal for a regulation
Recital 7
Recital 7
(7) The fundamental right to the protection of personal data is safeguarded in particular under Regulation (EU) 2016/679 and Regulation (EU) 2018/1725. Directive 2002/58/EC additionally protects private life and the confidentiality of communications, including providing conditions to any personal and non- personal data storing in and access from terminal equipment. These instruments provide the basis for sustainable and responsible data processing, including where datasets include a mix of personal and non-personal data. This Regulation complements and is without prejudice to Union law on data protection and privacy, in particular Regulation (EU) 2016/679 and Directive 2002/58/EC. No provision of this Regulation should be applied or interpreted in such a way as to diminish or limit the right to the protection of personal data or the right to privacy and confidentiality of communications. In the event of a conflict between this Regulation and Union law on the protection of personal data or national law adopted in accordance with Union law of that kind, the relevant Union or national law on the protection of personal data shall prevail. This Regulation does not create a legal basis for the processing of personal data, nor does it affect any of the rights or obligations set out in Regulations (EU) 2016/679 or (EU) 2018/1725 or Directives 2002/58/EC or (EU) 2016/680.
Amendment 102 #
Proposal for a regulation
Recital 8
Recital 8
(8) The principles of data minimisation and data protection by design and by default are essential when processing involves significant risks to the fundamental rights of individuals. Taking into account the state of the art, all parties to data sharing, including where within scope of this Regulation, should implement technical and organisational measures to protect these rights. Such measures include not only pseudonymisation and encryption, but also the use of increasingly available technology that permits algorithms to be brought to the data and allow valuable insights to be derived without the transmission between parties or unnecessary copying of the raw or structured data themselves. Products should, therefore, be designed in a way that makes it possible for data subjects to use products covered by this Regulation anonymously or with the least possible infringement of their privacy.
Amendment 107 #
Proposal for a regulation
Recital 14
Recital 14
(14) Physical products that obtain, generate or collect, by means of their components, data concerning their performance, use or environment and that are able to communicate that data via a publicly available electronic communications service (often referred to as the Internet of Things) should be covered by this Regulation. Electronic communications services include land- based telephone networks, television cable networks, satellite-based networks and near-field communication networks. Such products may include vehicles, home equipment and consumer goods, medical and health devices or agricultural and industrial machinery. The data represent the digitalisation of user actions and events and should accordingly be accessible to the user, while information derived or inferred from this data, where lawfully held, should not be considered within scope of this Regulation. Such data are potentially valuable to the user and support innovation and the development of digital and other services protecting the environment, health and the circular economy, in particular though facilitating the maintenance and repair of the products in question. The processing, use and sharing of and access to personal and sensitive data, such as health data, by data holders, users and third parties or recipients shall be subject to all the conditions and rules laid down in the EU regulatory framework on data protection and privacy.
Amendment 115 #
Proposal for a regulation
Recital 1
Recital 1
(1) In recent years, data-driven technologies have had transformative effects on all sectors of the economy. The proliferation in products connected to the Internet of Things in particular has increased the volume and potential value of data for consumers, businesses and society. High quality and interoperable data from different domains increase competitiveness and innovation and ensure sustainable economic growth. In the light of those challenges, the Commission must support the Member States in their digital independence strategies, in particular in the development of European digital infrastructures, and ensure that European citizens' data is stored and used in Europe and not in third countries. The same dataset may potentially be used and reused for a variety of purposes and to an unlimited degree, without any loss in its quality or quantity.
Amendment 116 #
Proposal for a regulation
Recital 2
Recital 2
(2) Barriers to data sharing prevent an optimal allocation of data to the benefit of society. These barriers include a lack of incentives for data holders to enter voluntarily into data sharing agreements, uncertainty about rights and obligations in relation to data, abuse of dominant positions by third-country Big Tech companies, the EU's lack of ambition with regard to strategic independence from third countries and their companies, costs of contracting and implementing technical interfaces, the high level of fragmentation of information in data silos, poor metadata management, the absence of standards for semantic and technical interoperability, bottlenecks impeding data access, a lack of common data sharing practices and abuse of contractual imbalances with regards to data access and use.
Amendment 117 #
Proposal for a regulation
Recital 4
Recital 4
(4) In order to respond to the needs of the digital economy and to remove barriers to a well-functioning internal market for data, it is necessary to lay down a harmonised framework specifying who, other than the manufacturer or other data holder is entitled to access the data generated by products or related services, under which conditions and on what basis. Accordingly, Member States should notmay adopt or maintain additional national requirements on those matters falling within the scope of this Regulation, unless explicitly provided for in this Regulation, since this would affect the direct and uniform applicatin addition to the express provisions of this Regulation.
Amendment 123 #
Proposal for a regulation
Recital 8
Recital 8
(8) The principles of data minimisation and data protection by design and by default are essential when processing involves significant risks to the fundamental rights of individuals. Taking into account the state of the art, all parties to data sharing, including where within scope of this Regulation, should implement technical and organisational measures to protect these rights. Such measures include not only pseudonymisation and encryption, but also the use of increasingly available technology that permits algorithms to be brought to the data and allow valuable insights to be derived without the transmission between parties or unnecessary copying of the raw or structured data themselves. Products should be designed in a way that makes it possible for data subjects to use products covered by this Regulation anonymously or with the least possible infringement of their privacy.
Amendment 129 #
Proposal for a regulation
Recital 14
Recital 14
(14) Physical products that obtain, generate or collect, by means of their components, data concerning their performance, use or environment and that are able to communicate that data via a publicly available electronic communications service (often referred to as the Internet of Things) should be covered by this Regulation. Electronic communications services include land- based telephone networks, television cable networks, satellite-based networks and near-field communication networks. Such products may include vehicles, home equipment and consumer goods, medical and health devices or agricultural and industrial machinery. The data represent the digitalisation of user actions and events and should accordingly be accessible to the user, while information derived or inferred from this data, where lawfully held, should not be considered within scope of this Regulation. Such data are potentially valuable to the user and support innovation and the development of digital and other services protecting the environment, health and the circular economy, in particular though facilitating the maintenance and repair of the products in question. The processing, use and sharing of and access to personal and sensitive data, such as health data, by data holders, users and third parties or recipients shall be subject to all the conditions and rules laid down in the EU regulatory framework on data protection and privacy.
Amendment 192 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 a (new)
Article 2 – paragraph 1 – point 1 a (new)
(1a) 'personal data' means any information relating to an identified or identifiable natural person; shall be considered an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to an online identifier or to one or more factors specific to his/her physical, physiological, genetic, mental, economic, cultural or social identity;
Amendment 208 #
Proposal for a regulation
Article premier – paragraph 2 – point a
Article premier – paragraph 2 – point a
(a) manufacturers of products and suppliers of related services placed on the market in the Union, regardless of their place of establishment, and the users of such products or services;
Amendment 217 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 a (new)
Article 2 – paragraph 1 – point 1 a (new)
(1a) ‘personal data’ means any information relating to an identified or identifiable natural person; an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
Amendment 224 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 b (new)
Article 2 – paragraph 1 – point 1 b (new)
(1b) ‘non-personal data’ means data other than personal data as defined in point (1) of Article 4 of Regulation (EU) 2016/679;
Amendment 274 #
Proposal for a regulation
Article 4 – paragraph 4
Article 4 – paragraph 4
4. The user and/or third party shall not use the data obtained pursuant to a request referred to in paragraph 1 to develop a product that competes with the product from which the data originate.
Amendment 322 #
Proposal for a regulation
Article 4 – paragraph 4
Article 4 – paragraph 4
4. The user and/or third party shall not use the data obtained pursuant to a request referred to in paragraph 1 to develop a product that competes with the product from which the data originate.
Amendment 343 #
Proposal for a regulation
Article 6 – paragraph 2 – point a
Article 6 – paragraph 2 – point a
(a) coerce, deceive or manipulate the user in any way, whether that person is the person concerned or not, by subverting or impairing the autonomy, decision-making or choices of the user, including by means of a digital interface with the user;
Amendment 359 #
Proposal for a regulation
Article 8 – paragraph 1
Article 8 – paragraph 1
1. Where a data holder is obliged to make data available to a data recipient under Article 5 or under other Union law or national legislation implementing Union law, it shall do so under fair, reasonable and non-discriminatory terms and in a transparent manner in accordance with the provisions of this Chapter and Chapter IV and without prejudice to Regulation (EU) 2016/679.
Amendment 364 #
Proposal for a regulation
Article 15 – paragraph 1 – introductory part
Article 15 – paragraph 1 – introductory part
An exceptional need to use data within the meaning of this Chapter shall be strictly limited in time and scope and only deemed to exist in any of the following circumstances:
Amendment 391 #
Proposal for a regulation
Article 13 – title
Article 13 – title
Unfair contractual terms unilaterally imposed on a micro, small or medium- sized enterprise
Amendment 395 #
Proposal for a regulation
Article 13 – paragraph 1
Article 13 – paragraph 1
1. A contractual term, concerning the access to and use of data or the liability and remedies for the breach or the termination of data related obligations which has been unilaterally imposed by an enterprise on a micro, small or medium-sizednother enterprise as defined in Article 2 of the Annex to Recommendation 2003/361/EC shall not be binding on the latter enterprise if it is unfair.
Amendment 406 #
Proposal for a regulation
Article 15 – paragraph 1 – introductory part
Article 15 – paragraph 1 – introductory part
An exceptional need to use data within the meaning of this Chapter shall be strictly limited in time and scope and only deemed to exist in any of the following circumstances:
Amendment 421 #
Proposal for a regulation
Article 15 – paragraph 1 – point c – point 2
Article 15 – paragraph 1 – point c – point 2
Amendment 427 #
Proposal for a regulation
Article 23 – paragraph 1 – point a
Article 23 – paragraph 1 – point a
(a) terminating, after a maximum notice period of 3015 calendar days, the contractual agreement of the service;
Amendment 434 #
Proposal for a regulation
Article 25 – paragraph 1
Article 25 – paragraph 1
1. From [date X+3yr + 3 months] onwards, providers of data processing services shall not impose any charges on the customer for the switching process.
Amendment 436 #
Proposal for a regulation
Article 25 – paragraph 2
Article 25 – paragraph 2
2. From [date X, the date of entry into force of the Data Act] until [date X+3yr + 3 months], providers of data processing services may impose reduced charges on the customer for the switching process.
Amendment 439 #
Proposal for a regulation
Article 27 – paragraph 1
Article 27 – paragraph 1
1. Providers of data processing services shall take all reasonable technical, legal and organisational measures, including contractual arrangements, in order to prevent international transfer or governmental access to non-personal data held in the Union where such transfer or access would create a conflict with Union law or the national law of the relevant Member State, without prejudice to paragraph 2 or 3.
Amendment 443 #
Proposal for a regulation
Article 27 – paragraph 3 – subparagraph 1 – introductory part
Article 27 – paragraph 3 – subparagraph 1 – introductory part
Amendment 464 #
Proposal for a regulation
Article 31 – paragraph 7 a (new)
Article 31 – paragraph 7 a (new)
7a. The competent authorities shall cooperate with the competent authorities of all Member States to ensure this Regulation is implemented coherently and efficiently. Such mutual assistance shall include the exchange of all relevant information by secure electronic means without undue delay, in particular for the purpose of carrying out the tasks referred to in paragraph 3(b), (c) and (d).
Amendment 477 #
Proposal for a regulation
Article 23 – paragraph 1 – point a
Article 23 – paragraph 1 – point a
(a) terminating, after a maximum notice period of 3015 calendar days, the contractual agreement of the service;
Amendment 545 #
Proposal for a regulation
Article 24 – paragraph 2
Article 24 – paragraph 2
2. Where the mandatory transition period as defined in paragraph 1, points (a) and (c) of this Article is technically unfeasible, the provider of data processing services shall notify the customer within 7 working days after the switching request has been made, duly motivating the technical unfeasibility with a detailed report and indicating an alternative transition period, which may not exceed 63 months. In accordance with paragraph 1 of this Article, full service continuity shall be ensured throughout the alternative transition period against reduced charges, referred to in Article 25(2).
Amendment 555 #
Proposal for a regulation
Article 25 – paragraph 1
Article 25 – paragraph 1
1. From [date X+3yr + 3 months] onwards, providers of data processing services shall not impose any charges on the customer for the switching process.
Amendment 564 #
Proposal for a regulation
Article 25 – paragraph 2
Article 25 – paragraph 2
2. From [date X, the date of entry into force of the Data Act] until [date X+3yr + 3 months], providers of data processing services may impose reduced charges on the customer for the switching process.
Amendment 601 #
Proposal for a regulation
Article 27 – paragraph 1
Article 27 – paragraph 1
1. Providers of data processing services shall take all reasonablethe necessary technical, legal and organisational measures, including contractual arrangements, in order to prevent international transfer or governmental access to non-personal data held in the Union where such transfer or access would create a conflict with Union law or the national law of the relevant Member State, without prejudice to paragraph 2 or 3.
Amendment 603 #
Proposal for a regulation
Article 27 – paragraph 2
Article 27 – paragraph 2
2. Any decision or judgment of a court or tribunal, in accordance with Article 47 of the Charter of Fundamental Rights of the European Union, and any decision of an administrative authority of a third country requiring a provider of data processing services to transfer from or give access to non-personal data within the scope of this Regulation held in the Union may only be recognised or enforceable in any manner if based on an international agreement, such as a mutual legal assistance treaty, in force between the requesting third country and the Union or any such agreement between the requesting third country and a Member State.
Amendment 606 #
Proposal for a regulation
Article 27 – paragraph 3 – subparagraph 1 – introductory part
Article 27 – paragraph 3 – subparagraph 1 – introductory part
Amendment 607 #
Proposal for a regulation
Article 27 – paragraph 3 – subparagraph 1 – point b
Article 27 – paragraph 3 – subparagraph 1 – point b
(b) the reasoned objection of the addressee is subject to a review by a competent court or tribunal in the third- country, in accordance with Article 47 of the Charter of Fundamental Rights of the European Union; and
Amendment 659 #
Proposal for a regulation
Article 31 – paragraph 7 a (new)
Article 31 – paragraph 7 a (new)
Amendment 660 #
Proposal for a regulation
Article 31 – paragraph 7 b (new)
Article 31 – paragraph 7 b (new)
7b. Entities falling within the scope of this Regulation shall be subject to the jurisdiction of the Member State where the entity is established. In the event that the entity is established in more than one Member State, it shall be deemed to fall under the territorial jurisdiction of all Member States if the entity is a gatekeeper designated pursuant to Article 3 of Regulation (EU) 2022/1925 on fair and competitive markets in the digital sector and amending Directives (EU) 2019/1937 and (EU) 2020/1828.