72 Amendments of Andreas SCHWAB related to 2022/0047(COD)
Amendment 126 #
Proposal for a regulation
Recital 25
Recital 25
(25) In sectors characterised by the concentration of a small number of manufacturers supplying end users, there are only limited options available to users with regard to sharing data with those manufacturers. In such circumstances, contractual agreements may be insufficient to achieve the objective of user empowerment. The data tends to remain under the control of the manufacturers, making it difficult for users to obtain value from the data generated by the equipment they purchase or lease. Consequently, there is limited potential for innovative smaller businesses to offer data-based solutions in a competitive manner and for a diverse data economy in Europe. This Regulation should therefore build on recent developments in specific sectors, such as the Code of Conduct on agricultural data sharing by contractual agreement. Sectoral legislation mayshould be brought forward to address sector-specific needs and objectives, such as for vehicles and access to in-vehicle data and functions and resources thereof. Such sectoral legislation should address sectoral complexities where a small number of manufacturers deploys components from a large number of suppliers who would benefit from access to data generated by their components for quality monitoring, product development, or improving safety or sustainability aspects. Provisions of sectoral legislation should prevail over this regulation. Furthermore, the data holder should not use any data generated by the use of the product or related service in order to derive insights about the economic situation of the user or its assets or production methods or the use in any other way that could undermine the commercial position of the user on the markets it is active on. This would, for instance, involve using knowledge about the overall performance of a business or a farm in contractual negotiations with the user on potential acquisition of the user’s products or agricultural produce to the user’s detriment, or for instance, using such information to feed in larger databases on certain markets in the aggregate (,e.g. databases on crop yields for the upcoming harvesting season) as such use could affect the user negatively in an indirect manner. The user should be given the necessary technical interface to manage permissions, preferably with granular permission options (such as “allow once” or “allow while using this app or service”), including the option to withdraw permission.
Amendment 133 #
Proposal for a regulation
Recital 27 a (new)
Recital 27 a (new)
(27a) In view of a better protection of trade secrets, this regulation should not be interpreted as giving a right to providers of related services or providers of cloud services to share data generated by the use of products and that are considered trade secrets, to data recipients without informing the manufacturer of such products. Such data holders should agree with the manufacturers the terms for making available that type of data.
Amendment 146 #
Proposal for a regulation
Recital 36
Recital 36
(36) Start-ups, small and medium-sized enterprises and companies from traditional sectors with less-developed digital capabilities struggle to obtain access to relevant data. This Regulation aims to facilitate access to data for these entities, while ensuring that the corresponding obligations are scoped as proportionately as possible to avoid overreach. At the same time, a small number of very large companies have emerged with considerable economic power in the digital economy through the accumulation and aggregation of vast volumes of data and the technological infrastructure for monetising them. These companies include undertakings that provide core platform services controlling whole platform ecosystems in the digital economy and whom existing or new market operators are unable to challenge or contest. The [Regulation (EU) 2022/1925 on contestable and fair markets in the digital sector (Digital Markets Act)] aims to redress these inefficiencies and imbalances by allowing the Commission to designate a provider as a “gatekeeper”, and imposes a number of obligations on such designated gatekeepers, including a prohibition to combine certain data without consent, and an obligation to ensure effective rights to data portability under Article 20 of Regulation (EU) 2016/679. Consistent with the [Regulation on contestable and fair markets in the digital sector (Digital Markets Act)], and given the unrivalled ability of these companies to acquire data, it would not be necessary to achieve the objective of this Regulation, and would thus be disproportionate in relation to data holders made subject to such obligations, to include such gatekeeper undertakings as beneficiaries of the data access right. This means that an undertaking providing core platform services that has been designated as a gatekeeper cannot request or be granted access to users’ data generated by the use of a product or related service or by a virtual assistant based on the provisions of Chapter II of this Regulation. An undertaking providing core platform services designated as a gatekeeper pursuant to Digital Markets Act should be understood to include all legal entities of a group of companies where one legal entity provides a core platform service. Furthermore, third parties to whom data are made available at the request of the user may not make the data available to a designated gatekeeper. For instance, the third party may not sub-contract the service provision to a gatekeeper. However, this does not prevent third parties from using data processing services offered by a designated gatekeeper. This exclusion of designated gatekeepers from the scope of the access right under this Regulation does not prevent these companies from obtaining data through other lawful meansmeans that they cannot receive data from the users and from third parties, but it should not prevent these companies from obtaining data through other lawful means, notably, through contractual agreements with manufacturers allowing that data from products they manufacture can be used by a gatekeeper company service , including when desired by a user of such products. The limitation on granting access to gatekeepers would not exclude them from the market and prevent them from offering its services, as voluntary agreements between them and the data holders remain unaffected.
Amendment 151 #
Proposal for a regulation
Recital 37
Recital 37
(37) GThis Regulation does not prevent micro and small enterprises to participate in the data sharing practices, however given the current state of technology, it is overly burdensome to impose further design obligations in relation to products manufactured or designed and related services provided by micro and small enterprises. That is not the case, however, wWhere a micro or small enterprise is sub-contracted to manufacture or design a product. In such situations, the enterprise, which has sub-contracted to the micro or small enterprise, is able to compensate the sub- contractor appropriately. A micro or small enterprise may nevertheless be subject to the requirements laid down by this Regulation as data holder, where it is not the manufacturer of the product or a provider of related services. In order to increase the participation of micro and small enterprises in the data economy Member States should provide guidance to such enterprises.
Amendment 154 #
Proposal for a regulation
Recital 42
Recital 42
(42) In order to incentivise the continued investment in generating valuable data, including investments in relevant technical tools, this Regulation contains the principle that the data holder may request reasonable compensation when legally obliged to make data available to the data recipient. These provisions should not be understood as paying for the data itself, but in the case of micro, small or medium-sized enterprises and of research organisations using the data on a not-for-profit basis or in the context of a public-interest mission recognised in the Union or national law, for the costs incurred and investment required for making the data available.
Amendment 159 #
Proposal for a regulation
Recital 44
Recital 44
(44) To protect micro, small or medium- sized enterprises from excessive economic burdens which would make it commercially too difficult for them to develop and run innovative business models, the compensation for making data available to be paid by them should not exceed the direct cost of making the data available and be non-discriminatory. The same regime should apply to those research organisations that use the data on a not-for-profit basis or in the context of a public-interest mission recognised in the Union or national law.
Amendment 173 #
Proposal for a regulation
Recital 69
Recital 69
(69) The ability for customers of data processing services, including cloud and edge services, to switch from one data processing service to another, while maintaining a minimum functionality of service, or to use the services of several providers simultaneously without undue data transfer costs, is a key condition for a more competitive market with lower entry barriers for new service providers, and for ensuring further resilience for the users of these services. Guarantees for effective switching should be especially reinforced for customers benefiting from large-scale free-tier offerings, so that does not result in a lock-in situation for customers.
Amendment 176 #
Proposal for a regulation
Recital 69 a (new)
Recital 69 a (new)
(69a) Switching charges are charges imposed by data processing providers to their customers for the switching process. Typically, those charges are intended to pass on costs, which the originating provider may incur because of the switching process, to the customer that wishes to switch. Examples of common switching charges are costs related to the transit of data from one provider to the other or to an on-premise system (‘data egress costs’) or the costs incurred for specific support actions during the switching process, for example in terms of additional human resources provided by the originating data processing service provider. Unnecessarily high “data egress fees” restrict free flow of data, restrict competition and can be an obstacle to compliance with existing EU regulations such as GDPR and ECJ’s rulings. Egress fees are charged to the clients by the cloud service providers of origin when they are willing to take their data out from a cloud provider’s network to an external location, especially when switching from one provider to one or several providers of destination, to relocate their data from one location to another while using the same cloud service provider, or when using the services of several providers simultaneously. Therefore, the gradual withdrawal of the charges associated with switching data processing services shall specifically include withdrawing “egress fees” charged by the data processing service to a customer.
Amendment 183 #
Proposal for a regulation
Recital 71 a (new)
Recital 71 a (new)
(71a) Data processing services fall into one or more of the following three data processing service delivery models: IaaS (infrastructure-as-a-service), PaaS (platform-as-a-service) and SaaS (software-as-a-service). These service delivery models indicate the level and type of computing resources (hardware and/or software) offered by the provider of a given service, relative to the computing resources that remain in control of the user of that service. In a much more detailed categorisation, data processing services can be categorised in a non- exhaustive multiplicity of different ‘service types’, meaning sets of data processing services that share the same primary objective and main functionalities.
Amendment 188 #
Proposal for a regulation
Recital 72 a (new)
Recital 72 a (new)
(72a) High switching charges prevent customers of data processing service providers from switching to another service provider. These charges are incurred by the origin data processing service provider and passed on to customers. These charges commonly known as "egress fees" lead to customer lock-in and reduce competition between providers of data processing services. In particular, this applies to charges related to extracting and transferring data from and between the origin and destination data processing service providers. In order to foster innovation and competition and in order to create a single market for data processing services, all switching charges, in particular egress fees, should be withdrawn.
Amendment 206 #
Proposal for a regulation
Article 1 – paragraph 1
Article 1 – paragraph 1
1. This Regulation lays down harmonised rules on making data generated by the use of a product or related service available to the user of that product or service, on the making data available by data holders to data recipients, and on the making data available by data holders to public sector bodies or Union institutions, agencies or bodies, where there is an exceptional need, for the performance of a task carried out in the public interest:, on facilitating switching between data processing services, on introducing safeguards against unlawful third party access to non-personal data, and on providing for the development of interoperability standards for data to be transferred and used.
Amendment 207 #
Proposal for a regulation
Article 1 – paragraph 1 a (new)
Article 1 – paragraph 1 a (new)
1 a. This Regulation covers personal and non-personal data, including the following types of data or in the following contexts: (a) Chapter II applies to data concerning the performance, use and environment of products and related services; (b) Chapter III applies to any private sector data subject to statutory data sharing obligations; (c) Chapter IV applies to any private sector data accessed and used on the basis of contractual agreements between businesses; (d) Chapter V applies to any private sector data with a focus on non-personal data; (e) Chapter VI applies to any data processed between data processing services; (f) Chapter VII applies to any non- personal data held in the Union by providers of data processing services.
Amendment 221 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 a (new)
Article 2 – paragraph 1 – point 1 a (new)
(1a) 'commercially sensitive information’ means any information or data that is strategic for a business or related to a right of intellectual property or a non disclosure agreement;
Amendment 222 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 b (new)
Article 2 – paragraph 1 – point 1 b (new)
Amendment 236 #
Proposal for a regulation
Article 2 – paragraph 1 – point 5
Article 2 – paragraph 1 – point 5
(5) ‘user’ means a natural or legal person, including a data subject, that owns, rents or leases a product or receives arelated services;
Amendment 243 #
Proposal for a regulation
Article 2 – paragraph 1 – point 6
Article 2 – paragraph 1 – point 6
(6) ‘data holder’ means a legal or natural person who has the right or obligation, in accordance with this Regulation, applicable Union law or national legislation implementing Union law, or in the case of non-personal data and through control of the technical design of the product and related services, at the time the data is generated by the usage, the ability, to make available certain data;
Amendment 252 #
Proposal for a regulation
Article 2 – paragraph 1 – point 10
Article 2 – paragraph 1 – point 10
(10) ‘public emergency’ means an exceptional situation negatively affecting the population of the Union, a Member State or part of it, with a risk of serious and lasting repercussions on living conditions or economic stability, or the substantial degradation of economic assets in the Union or the relevant Member State(s), and which is determined according to the respective procedures under Union law;
Amendment 257 #
Proposal for a regulation
Article 2 – paragraph 1 – point 12 a (new)
Article 2 – paragraph 1 – point 12 a (new)
(12a) ‘on-premise’ means a digital data processing infrastructure operated by the customer itself to serve its own needs;
Amendment 271 #
Proposal for a regulation
Article 2 – paragraph 1 – point 20 a (new)
Article 2 – paragraph 1 – point 20 a (new)
(20a) ‘Switching’ shall be understood as the process enabling, for any client of a cloud service provider, to terminate contractual obligations and to extract, transform and load their data to another provider(s), including configurations where data transfers occur when clients of cloud service providers are using several providers simultaneously;
Amendment 275 #
Proposal for a regulation
Article 2 – paragraph 1 – point 20 b (new)
Article 2 – paragraph 1 – point 20 b (new)
(20b) ‘egress fees’ refers to data transfer fees being charged to the clients of cloud service providers when they are willing to extract their data from a cloud provider’s network to an external location;
Amendment 279 #
Proposal for a regulation
Article 3 – paragraph 1
Article 3 – paragraph 1
1. Products shall be designed and manufactured, and related services shall be provided, in such a manner that data generated by their use are, by default, easily, securely and, where relevant and appropriate, directly accessible to the user. The data holder shall not be held liable towards the data recipient for direct or indirect damages arising from, relating to or in connection with the data that was made accessible to the data recipient.
Amendment 280 #
Proposal for a regulation
Article 3 – paragraph 1
Article 3 – paragraph 1
1. Products shall be designed and manufactured, and related services shall be provided, in such a manner that data generated by their use and that are accessible to the data holder are, by default, easily, securely and, where relevant and appropriate, directly accessible to the user., in a structured, commonly used and machine-readable format;
Amendment 294 #
Proposal for a regulation
Article 3 – paragraph 2 – point a
Article 3 – paragraph 2 – point a
(a) the nature antype of data and estimated volume of the data likely to be generated by the use of the product or related service;
Amendment 303 #
Proposal for a regulation
Article 3 – paragraph 2 – point d a (new)
Article 3 – paragraph 2 – point d a (new)
(da) where the data holder is a provider of related services or a of cloud services, which terms it has agreed with the manufacturer for making available the data, which are considered trade secrets, to the user;
Amendment 316 #
Proposal for a regulation
Article 4 – paragraph 1
Article 4 – paragraph 1
1. Where data cannot be directly accessed by the user from the product, the data holder shall make available to the user the data generated by itsthe use of a product or related service without undue delay, free of charge and, where applicable, continuously and in real-timethat are accessible to the data holder without undue delay easily, securely, in a structured, commonly used and machine-readable format free of charge and, where applicable, continuously and in real-time. Data shall be provided in the form in which they have been generated by the product, with only the minimal adaptations necessary to make them useable by a third party, including related metadata necessary to interpret and use the data. This shall be done on the basis of a simple request through electronic means where technically feasible.
Amendment 318 #
Proposal for a regulation
Article 4 – paragraph 1
Article 4 – paragraph 1
1. Where data cannot be directly accessed by the user from the product, the data holder shall make available to the user the data generated by its use of a product or related service without undue delay, free of charge and, where applicable, continuously and in real-time. This shall be done on the basis of a simple request through electronic means where technically feasible. The data holder shall not be held liable towards the data recipient for direct or indirect damages arising from, relating to or in connection with the data that was made accessible to the data recipient.
Amendment 323 #
Proposal for a regulation
Article 5 – paragraph 1
Article 5 – paragraph 1
1. Upon request by a user, or by a party acting on behalf of a user, the data holder shall make available the data generated by the use of a product or related service to a third party, without undue delay, free of charge to the user, of the same quality as is available to the data holder and, where applicable, continuously and in real-timehat are readily available to the data holder, to a third party, without undue delay, easily, securely, in machine- readable format, free of charge to the user, of the same quality as is available to the data holder, in the form they were generated, include related metadata necessary to interpret and use that data, and, where applicable, continuously and in real-time, subject to compliance with applicable laws to the outsourcing of data driven services. Data shall be provided in the form in which they have been generated by the product, with only the minimal adaptations necessary to make them useable by a third party, including related metadata necessary to interpret and use the data.
Amendment 332 #
Proposal for a regulation
Article 5 – paragraph 4
Article 5 – paragraph 4
4. The third party shall not deploy coercive means or abuse evident gaps in the technical infrastructure of the data holder designed to protect the data in order to obtain access to data.
Amendment 360 #
Proposal for a regulation
Article 8 – paragraph 2
Article 8 – paragraph 2
2. A data holder shall agree with a data recipient the terms for making the data available. A contractual term concerning the access to and use of the data or the liability and remedies for the breach or the termination of data related obligations shall not be binding if it fulfils the conditions of Article 13 or if it excludes the application of, derogates from or varies the effect of the user’s rights under Chapter II. The data holder shall not be held liable towards the data recipient for direct or indirect damages arising from, relating to or in connection with the data that was made available to the data recipient.
Amendment 365 #
Proposal for a regulation
Article 8 – paragraph 5 a (new)
Article 8 – paragraph 5 a (new)
5a. When a data holder is the provider of related services, it shall inform, without undue delay, the manufacturer of the product before making data, which are considered trade secrets, available to data recipients. The terms for making those data available shall be agreed with the manufacturer.
Amendment 371 #
Proposal for a regulation
Article 9 – paragraph 2
Article 9 – paragraph 2
2. Where the data recipient is a micro, small or medium enterprise, as defined in Article 2 of the Annex to Recommendation 2003/361/EC, or is a research organisation, and the data holder is not an SME, any compensation agreed shall not exceed the costs directly related to making the data available to the data recipient and which are attributable to the request. Article 8(3) shall apply accordingly.
Amendment 378 #
Proposal for a regulation
Article 9 – paragraph 4
Article 9 – paragraph 4
4. The data holder shall provide the data recipient with information setting out the basis for the calculation of the compensation in sufficient detail so that the data recipient can verify thatassess if the requirements of paragraph 1 and, where applicable, paragraph 2 are met.
Amendment 387 #
Proposal for a regulation
Article 11 – paragraph 2 – introductory part
Article 11 – paragraph 2 – introductory part
2. A data recipient that has, for the purposes of obtaining data, provided inaccurate or false information to the data holder, deployed deceptive or coercive means or abused evident gaps in the technical infrastructure of the data holder designed to protect the data, has used the data made available for unauthorised purposes or has disclosed those data to another party without the data holder’s authorisation, shall be liable for the damages to the party suffering from the misuse or disclosure of such data and may, without undue delay, unless the data holder or the user instruct otherwise:
Amendment 400 #
Proposal for a regulation
Article 14 – paragraph 1
Article 14 – paragraph 1
1. Upon request, a data holder shall make datathat is a legal person shall make data, including relevant metadata, available to a public sector body or to a Union institution, agency or body demonstrating an exceptional need to use the data requested.
Amendment 408 #
Proposal for a regulation
Article 15 – paragraph 1 – introductory part
Article 15 – paragraph 1 – introductory part
An exceptional need to use data within the meaning of this Chapter shall be limited in time and scope and deemed to exist in any ofonly in the following circumstances:
Amendment 415 #
Proposal for a regulation
Article 15 – paragraph 1 – point b
Article 15 – paragraph 1 – point b
(b) where the data request is limited in time and scope and necessary to prevent a public emergency or to assist the recovery from a public emergency; or
Amendment 429 #
Proposal for a regulation
Article 17 – paragraph 1 – point a
Article 17 – paragraph 1 – point a
(a) specify what data and relevant metadata are required;
Amendment 434 #
Proposal for a regulation
Article 17 – paragraph 1 – point e a (new)
Article 17 – paragraph 1 – point e a (new)
(ea) report to the data holder, within a reasonable time from the reception of the data and that shall not exceed six months, on how the data has been processed.
Amendment 436 #
Proposal for a regulation
Article 17 – paragraph 1 – point e b (new)
Article 17 – paragraph 1 – point e b (new)
(eb) where applicable, specify the identity of the third party referred to in paragraph 4, and Article 21 of this Regulation
Amendment 443 #
Proposal for a regulation
Article 17 – paragraph 4 – subparagraph 1
Article 17 – paragraph 4 – subparagraph 1
Paragraph 3 does not preclude a public sector body or a Union institution, agency or body to exchange data obtained pursuant to this Chapter with another public sector body, Union institution, agency or body, in view of completing the tasks in Article 15 or to make the data available to a third party in cases where it has outsourced, by means of a publicly available agreement, technical inspections or other functions to this third party. The obligations on public sector bodies, Union institutions, agencies or bodies pursuant to Article 19 apply also to that third party.
Amendment 444 #
Proposal for a regulation
Article 17 – paragraph 4 – subparagraph 2 a (new)
Article 17 – paragraph 4 – subparagraph 2 a (new)
Any third party is forbidden to use the data it receives from a public sector body or a Union institution, agency or body, to develop a product or a service that competes with the product or service from which the accessed data originate or share the data with another third party for that purpose.
Amendment 468 #
Proposal for a regulation
Article 23 – paragraph 1 – introductory part
Article 23 – paragraph 1 – introductory part
1. Providers of a data processing service shall take the measures provided for in Articles 24, 25 and 26 to ensure that customers of their service can switch to another data processing service, covering the same service type, which is provided by a different service provider or use multiple providers at the same . In particular, providers of data processing service shall remove pre-commercial, commercial, technical, contractual and organisational obstacles, which inhibit customers from:
Amendment 474 #
Proposal for a regulation
Article 23 – paragraph 1 – point a
Article 23 – paragraph 1 – point a
(a) terminating, after a maximum notice period of 30 calendar days, the contractual agreement of the service, unless the contracting parties mutually and explicitly set forth a different period in the contractual terms;
Amendment 482 #
Proposal for a regulation
Article 23 – paragraph 1 – point c
Article 23 – paragraph 1 – point c
(c) porting its data, and metadata applications created by the customer and other digital assets to another provider of data processing services or to an on- premise system;
Amendment 489 #
2. Paragraph 1 shall only apply to obstaclesThe obligations in this Chapter shall only apply to the original provider to the extent they are within its sphere of control, in particular only to the extent that the obstacles referred to in paragraph 1 that are related to the services, contractual agreements pre-commercial or commercial practices provided by the original provider.
Amendment 492 #
Proposal for a regulation
Article 23 – paragraph 2
Article 23 – paragraph 2
2. Paragraph 1 shall only apply to obstacles that are relatdirectly influenced toby the services, contractual agreements or commercial practices provided by the original provider.
Amendment 493 #
Proposal for a regulation
Article 23 – paragraph 2 a (new)
Article 23 – paragraph 2 a (new)
2 a. The measures related to the contractual relationship between providers of a data processing service and customers pursuant to Article 23 paragraph 1 and 2 shall be equally ensured in the contractual relationship between providers of a data processing service and resellers of such a service and between resellers and their customers;
Amendment 494 #
Proposal for a regulation
Article 23 – paragraph 2 b (new)
Article 23 – paragraph 2 b (new)
2 b. Where applicable, and without prejudice to the obligations of the existing providers, all parties involved, including destination service providers, shall collaborate in good faith to make the switching process effective.
Amendment 498 #
Proposal for a regulation
Article 24 – paragraph 1 – introductory part
Article 24 – paragraph 1 – introductory part
1. The rights of the customer and the obligations of the provider of a data processing service in relation to switching between providers of such services or to an on-premise system shall be clearly set out in a written contract. Without prejudice to Directive (EU) 2019/770, that contract shall include at least the following:
Amendment 506 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – introductory part
Article 24 – paragraph 1 – point a – introductory part
(a) clauses allowing the customer, upon request, to switch to a data processing service offered by another provider of data processing service or to port all data, applications and digital assets directly generated directly or indirectly by the customer to an on- premise system, in particular the establishment of a mandatory maximum transition period of 30 calendar days, during which the data processing service provider shall:
Amendment 509 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – point 1
Article 24 – paragraph 1 – point a – point 1
(1) reasonably assist and, where technically feasible, complete the switching processsupport the switching process, including assisting a third-party entity managing the switching process on behalf of the customer;
Amendment 511 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – point 1
Article 24 – paragraph 1 – point a – point 1
(1) assist the customer and third parties authorized by the customer in, and, where technically feasible, complete the switching, exporting or porting process;
Amendment 513 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – point 1 a (new)
Article 24 – paragraph 1 – point a – point 1 a (new)
(1 a) provide the customer and third parties authorized by the customer, at their request and free of charge, access to the resources necessary to support the switching process;
Amendment 521 #
Proposal for a regulation
Article 24 – paragraph 1 – point a – point 2 a (new)
Article 24 – paragraph 1 – point a – point 2 a (new)
(2 a) ensure that a high level of security is maintained throughout the porting process, notably the security of the data during their transfer.
Amendment 528 #
Proposal for a regulation
Article 24 – paragraph 1 – point b
Article 24 – paragraph 1 – point b
(b) an exhaustive detailed specification of all data and application categories exportable during the switching process, including, at minimum, all data imported by the customer at the inception of the service agreement and all data and metadata created by the customer and by the use of the service during the period the service was provided that can be clearly assigned to the customer, including, but not limited to, configuration parameters, security settings, access rights and access logs to the service;
Amendment 530 #
Proposal for a regulation
Article 24 – paragraph 1 – point b
Article 24 – paragraph 1 – point b
(b) an exhaustive specification of all data and application categories exportable during the switching process, including, at minimum, all data imported by the customer at the inception of the service agreement and all data and metadata created by the customer and by the use of the service during the period the service was provided, including, but not limited to, configuration parameters, security settings, access rights and access logs to the service;
Amendment 540 #
Proposal for a regulation
Article 24 – paragraph 1 – point c a (new)
Article 24 – paragraph 1 – point c a (new)
(c a) a clause guaranteeing full deletion of all customer data immediately after the expiration of the retrieval period set out in paragraph 1(c);
Amendment 543 #
Proposal for a regulation
Article 24 – paragraph 2
Article 24 – paragraph 2
2. Where the mandatory transition period as defined in paragraph 1, points (a) and (c) of this Article is technically unfeasible, due to limitations solely under the control of the provider, the provider of data processing services shall notify the customer within 7 working days after the switching request has been made, duly motivating the technical unfeasibility with a detailed report and indicating an alternative transition period, which may not exceed 612 months taking into account the technical complexity to migrate. In accordance with paragraph 1 of this Article, full service continuity shall be ensured throughout the alternative transition period against reduced charges, referred to in Article 25(2).
Amendment 546 #
Proposal for a regulation
Article 24 – paragraph 2 a (new)
Article 24 – paragraph 2 a (new)
2 a. The specification of exportable data referred in Article 24 paragraph 1 point (b) may exclude certain categories of data that, if exported, would put the integrity and security of the data processing service provider's services at risk.
Amendment 550 #
Proposal for a regulation
Article 25 – paragraph 1
Article 25 – paragraph 1
1. From [date X+3 2yrs] onwards, providers of data processing services shall not impose any charges on the customer for the switching process, with particular reference to egress fees.
Amendment 557 #
Proposal for a regulation
Article 25 – paragraph 1 a (new)
Article 25 – paragraph 1 a (new)
1 a. Standard subscription or service fees and charges for professional transition services work undertaken by the data processing service at the request of the customer to support the switching process, shall not be considered switching charges for the purposes of this Article.
Amendment 561 #
Proposal for a regulation
Article 25 – paragraph 2
Article 25 – paragraph 2
2. From [date X, the date of entry into force of the Data Act] until [date X+32yrs], providers of data processing services may impose reduced charges on the customer for the switching process and shall remove any other technical, contractual and organizational obstacle inhibiting the switching process.
Amendment 576 #
Proposal for a regulation
Article 26 – paragraph 1
Article 26 – paragraph 1
1. Providers of data processing services that concern scalable and elastic computing resources limited to infrastructural elements such as servers, networks and the virtual resources necessary for operating the infrastructure, but that do not provide access to the operating services, software and applications that are stored, otherwise processed, or deployed on those infrastructural elements, shall ensure thanot implement technical restrictions that prevent the customer, after switching to a service covering the same service type offered by a different provider of data processing services, from enjoysing functional equivalence in the use of the new service. Functional equivalence should be deemed technically feasible whenever both the originating and the destination data processing services cover (in part or in whole) the same service type.
Amendment 581 #
Proposal for a regulation
Article 26 – paragraph 2
Article 26 – paragraph 2
2. For data processing services other than those covered by paragraph 1, providers of data processing services shall make open interfaces publicly available and free of charge.can be required by the customer to make open interfaces designed to facilitate switching between services of the same service type available and free of charge for the customer and its destination provider;
Amendment 584 #
Proposal for a regulation
Article 26 – paragraph 3
Article 26 – paragraph 3
3. For data processing services other than those covered by paragraph 1, providers of data processing services shall ensure compatibility with open interoperability specifications or European standards, identified in the central Union data processing service standards repository, for interoperability that are identified in accordance with Article 29(5) of this Regulation.
Amendment 593 #
Proposal for a regulation
Article 26 – paragraph 4
Article 26 – paragraph 4
4. Where the open interoperability specifications or European standards referred to in paragraph 3 do not exist for the service type concerned, the provider of data processing services shall, at the request of the customer, export all data generated or co-generateddata, including the relevant data formats and data structures, in a structured, commonly used and machine- readable format.
Amendment 596 #
Proposal for a regulation
Article 26 – paragraph 4 a (new)
Article 26 – paragraph 4 a (new)
4 a. When ensuring functional equivalence, providers of data processing services are required to maintain the highest level of security features in their destination service.
Amendment 600 #
Proposal for a regulation
Article 27 – paragraph 1
Article 27 – paragraph 1
Amendment 617 #
Proposal for a regulation
Article 28 – paragraph 1 – subparagraph 1 – point b
Article 28 – paragraph 1 – subparagraph 1 – point b
(b) the data structures, data formats, vocabularies, classification schemes, taxonomies and code lists, where available, shall be described in a publicly available and consistent manner;
Amendment 620 #
Proposal for a regulation
Article 28 – paragraph 1 – subparagraph 1 – point c
Article 28 – paragraph 1 – subparagraph 1 – point c
(c) where applicable, the technical means to access the data, such as application programming interfaces, and their terms of use and quality of service shall be sufficiently described to enable automatic access and transmission of data between parties, including continuously or in real-time in a machine-readable format;
Amendment 632 #
Proposal for a regulation
Article 29 – paragraph 1 – point a
Article 29 – paragraph 1 – point a
(a) be performance oriented towards achieving interoperability, in a secure manner, between different data processing services that cover the same service type;
Amendment 677 #
Proposal for a regulation
Article 41 – paragraph 1 – point c a (new)
Article 41 – paragraph 1 – point c a (new)
(c a) the interplay between this Regulation, the sector-specific legislation and other relevant Union law, in order to assess any possible conflicting provision, overregulation or legislative gaps;