Activities of Axel VOSS related to 2022/0047(COD)
Legal basis opinions (0)
Amendments (50)
Amendment 127 #
Proposal for a regulation
Recital 13 a (new)
Recital 13 a (new)
(13 a) This Regulation is without prejudice to Union and national legal acts providing for the protection of intellectual property rights, including Directive 2001/29/EC, Directive 2004/48/EC, and Directive (EU) 2019/790.
Amendment 133 #
Proposal for a regulation
Recital 17
Recital 17
(17) Data generated by the use of a product or related service include data recorded intentionally by the user. Such data include also data generated as a by- product of the user’s action, such as diagnostics data, and without any action by the user, such as when the product is in ‘standby mode’, and data recorded during periods when the product is switched off. Such data should include data accessible to the data holder in the form and format in which they are generated by the product, but not pertain to data resulting from any software process that calculates derivative data from such data as such software process may be subject to intellectual property rights.
Amendment 140 #
Proposal for a regulation
Recital 24
Recital 24
(24) This Regulation imposes the obligation on data holders to make data available in certain circumstances. Insofar as personal data are processed, the data holder should be a controller under Regulation (EU) 2016/679. Where users are data subjects, data holders should be obliged to provide them access to their data and to make the data available to third parties of the user’s choice in accordance with this Regulation. However, this Regulation does not create a legal basis under Regulation (EU) 2016/679 for the data holder to provide access to personal data or make it available to a third party when requested by a user that is not a data subject and should not be understood as conferring any new right on the data holder to use data generated by the use of a product or related service. This applies in particular where the manufacturer is the data holder. In that case, the basis for the manufacturer to use non-personal data should be a contractual agreement between the manufacturer and the user. This agreement may be part of the sale, rent or lease agreement relating to the product. Any contractual term in the agreement stipulating that the data holder may use the data generated by the user of a product or related service should be transparent to the user, including as regards the purpose for which the data holder intends to use the data. This Regulation should not prevent contractual conditions, whose effect is to exclude or limit the use of the data, or certain categories thereof, by the data holder, whenever that is justified, in line with the principle of good faith, in light of the legitimate interests of the user that would otherwise be disproportionately harmed. This Regulation should also not prevent sector-specific regulatory requirements under Union law, or national law compatible with Union law, which would exclude or limit the use of certain such data by the data holder on well- defined public policy grounds.
Amendment 145 #
Proposal for a regulation
Recital 28 a (new)
Recital 28 a (new)
(28 a) As regards trade secrets, this Regulation should be interpreted in a manner that preserves the protection awarded to trade secrets under Directive (EU) 2016/943. For this reason, data holders are entitled to require that the user or third parties of the user’s choice take all necessary measures to ensure that confidentiality of data considered as trade secrets, including through technical means, is preserved.
Amendment 147 #
Proposal for a regulation
Recital 29
Recital 29
(29) A third party to whom data is made available may be an enterprise, a research organisation or a not-for-profit organisation. In making the data available to the third party, neither the data holder nor the third party should not abuse its position to seek a competitive advantage in markets where the data holder and third party may be in direct competition. The data holderBoth parties should not therefore use any data generated by the use of the product or related service in order to derive insights about the economic situation of the othirder party or its assets or production methods or the use in any other way that could undermine the commercial position of the othirder party on the markets it is active on.
Amendment 151 #
Proposal for a regulation
Recital 37
Recital 37
(37) Given the current state of technology, it is overly burdensome to impose further design obligations in relation to products manufactured or designed and related services provided by micro and small enterprises. That is not the case, however, where a micro or small enterprise is sub-contracted to manufacture or design a product. In such situations, the enterprise, which has sub-contracted to the micro or small enterprise, is able to compensate the sub-contractor appropriately. A micro or small enterprise may nevertheless be subject to the requirements laid down by this Regulation as data holder, where it is not the manufacturer of the product or a provider of related services. In order to increase the participation of micro and small enterprises in the data economy, Member States should provide digital training and guidance to such enterprises.
Amendment 152 #
Proposal for a regulation
Recital 51
Recital 51
(51) Where one party is in a stronger bargaining position, there is a risk that that party could leverage such position to the detriment of the other contracting party when negotiating access to data and make access to data commercially less viable and sometimes economically prohibitive. Such contractual imbalances can in particularly harm micro, small and medium-sized enterprises withoutenterprises that, due to their comparatively smaller size, may not have a meaningful ability to negotiate the conditions for access to data, who and, therefore, may have no other choice than to accept ‘take- it-or-leave-it’ contractual terms. Therefore, in those cases where such imbalances of negotiation power are present, unfair contract terms regulating the access to and use of data or the liability and remedies for the breach or the termination of data related obligations should not be binding on micro, small or medium-sizedthose enterprises when they have been unilaterally imposed on them.
Amendment 153 #
Proposal for a regulation
Recital 52
Recital 52
(52) Rules on contractual terms should take into account the principle of contractual freedom as an essential concept in business-to-business relationships. Therefore, not all contractual terms should be subject to an unfairness test, but only to those terms that are unilaterally imposed oin micro, small and medium-sized enterprissituations where an imbalance of negotiation power exists between the contracting parties. This concerns ‘take-it- or- leave-it’ situations where one party supplies a certain contractual term and the micro, small or medium-sized enterpriseother cannot influence the content of that term despite an attempt to negotiate it. A contractual term that is simply provided by one party and accepted by the micro, small or medium-sized enterpriseother or a term that is negotiated and subsequently agreed in an amended way between contracting parties should not be considered as unilaterally imposed.
Amendment 161 #
Proposal for a regulation
Recital 58
Recital 58
(58) An exceptional need may also arise when a public sector body can demonstrate that the data are necessary either to prevent a public emergency, or to assist recovery from a public emergency, in circumstances that are reasonably proximate to the public emergency in question. Where the exceptional need is not justified by the need to respond to, prevent or assist recovery from a public emergency, the public sector body or the Union institution, agency or body should demonstrate that the lack of timely access to and the use of the data requested prevents it from effectively fulfilling a specific task in the public interest that has been explicitly provided in law. Such exceptional need may also occur in other situations, for example in relation to the timely compilation of official statistics when data is not otherwise available or when the burden on statistical respondents will be considerably reduced. At the same time, the public sector body or the Union institution, agency or body should, outside the case of responding to, preventing or assisting recovery from a public emergency, demonstrate that no alternativeit has exhausted all other means forto obtaining the data requested exists and that the data cannot be obtained in a timely manner, including through the laying down of the necessary data provision obligations in new legislation.
Amendment 176 #
Proposal for a regulation
Recital 80
Recital 80
(80) To promote the interoperability of smart contracts in data sharing applications, it is necessary to lay down essential requirements for smart contracts for professionals who create smart contracts for others or integrate such smart contracts in applications that support the implementation of agreements for sharing data. Specific training programmes on smart contracts for businesses, in particular SMEs, should be provided. In order to facilitate the conformity of such smart contracts with those essential requirements, it is necessary to provide for a presumption of conformity for smart contracts that meet harmonised standards or parts thereof in accordance with Regulation (EU) No 1025/2012 of the European Parliament and of the Council.
Amendment 180 #
Proposal for a regulation
Recital 84
Recital 84
(84) In order to eliminate the risk that holders of data in databases obtained or generated by means of physical components, such as sensors, of a connected product and a related service claim the sui generis right under Article 7 of Directive 96/9/EC where such databases do not qualify for the sui generis right, and in so doing hinder the effective exercise of the right of users to access and use data and the right to share data with third parties under this Regulation, this Regulation should clarify that the sui generis right does not apply to such databases as the requirements for protection would not be fulfilledshould not be invoked to refuse access to those data generated by the use of a product or a related service.
Amendment 233 #
Proposal for a regulation
Article 3 – paragraph 1
Article 3 – paragraph 1
1. Products shall be designed and manufactured, and related services shall be provided, in such a manner that data generated by their use that are accessible to the data holder are, by default, easily, safely, securely and, where relevant and appropriate, directly accessible to the user. Data shall be provided in the raw form in which they have been generated by the product, with only the minimal adaptations necessary to make them useable by a third party, including related metadata necessary to interpret and use the data.
Amendment 241 #
Proposal for a regulation
Article 3 – paragraph 2 – point a
Article 3 – paragraph 2 – point a
(a) the nature antype of data and the estimated volume of the data likely to be generated by the use of the product or related service;
Amendment 260 #
Proposal for a regulation
Article 4 – paragraph 1
Article 4 – paragraph 1
1. Where data cannot be directly accessed by the user from the product, the data holder shall make available to the user the data generated by its use of a product or related service that are accessible to the data holder without undue delay, free of charge and, where applicable, continuously and in real-time. This shall be done on the basis of a simple request through electronic means where technically feasible. Data shall be provided in the raw form in which they have been generated by the product, with only the minimal adaptations necessary to make them useable by the user, including related metadata necessary to interpret and use the data.
Amendment 265 #
Proposal for a regulation
Article 4 – paragraph 3
Article 4 – paragraph 3
3. Trade secrets shall only be disclosed provided that all specific necessary measures are taken by the user prior to the disclosure to preserve the confidentiality of trade secrets in particular with respect to third parties. TWhere such measures are not sufficient, the data holder and the user canshall agree measuresadditional measures, such as technical and organisational measures, to preserve the confidentiality of the shared data, in particular in relation to third parties, through contractual instruments such as confidentiality agreements. The data holder shall identify the data which are protected as trade secrets. When no agreement is reached regarding the necessary measures to preserve the confidentiality of trade secrets or the user fails to implement those measures, the data holder is entitled to refuse the user’s access to data which are protected as trade secrets.
Amendment 273 #
Proposal for a regulation
Article 4 – paragraph 4
Article 4 – paragraph 4
4. The user shall not use the data obtained pursuant to a request referred to in paragraph 1 to develop a product or related service that competes with the product or related service from which the data originate.
Amendment 276 #
Proposal for a regulation
Article 4 – paragraph 4 a (new)
Article 4 – paragraph 4 a (new)
4 a. The user shall not deploy coercive means or abuse gaps in the technical infrastructure of the data holder designed to protect the data in order to obtain access to data.
Amendment 277 #
Proposal for a regulation
Article 4 – paragraph 5
Article 4 – paragraph 5
Amendment 279 #
Proposal for a regulation
Article 4 – paragraph 6
Article 4 – paragraph 6
6. The data holder shall only use any non-personal data generated by the use of a product or related service on the basis of a contractual agreement with the user. The data holduser shall authorise the use of non- personal data generated by the use of a product or related service at the request of the data holder if no legitimate interest of the user is disproportionately harmed. The data holder and the user shall not use such data generated by the use of the product or related service to derive insights about the economic situation, assets and production methods of or the use by the userother party that could undermine the commercial position of the userother party in the markets in which the userother party is active.
Amendment 282 #
Proposal for a regulation
Article 5 – paragraph 1
Article 5 – paragraph 1
1. Upon request by a user, or by a party acting on behalf of a user, the data holder shall make available the data generated by the use of a product or related service that are accessible to the data holder to a third party, without undue delay, free of charge to the user, of the same quality as is available to the data holder and, where applicable, continuously and in real-time. Data shall be provided in the raw form in which they have been generated by the product, with only the minimal adaptations necessary to make them useable by a third party, including related metadata necessary to interpret and use the data.
Amendment 289 #
Proposal for a regulation
Article 4 – paragraph 5
Article 4 – paragraph 5
Amendment 293 #
Proposal for a regulation
Article 5 – paragraph 4
Article 5 – paragraph 4
4. The third party shall not deploy coercive means or abuse evident gaps in the technical infrastructure of the data holder designed to protect the data in order to obtain access to data.
Amendment 294 #
Proposal for a regulation
Article 5 – paragraph 5
Article 5 – paragraph 5
5. The data holder shall not use any non-personal data generated by the use of the product or related service to derive insights about the economic situation, assets and production methods of or use by the third party that could undermine the commercial position of the third party on the markets in which the third party is active, unless the third party has consented to such use and has the technical possibility to withdraw that consent at any time.
Amendment 297 #
Proposal for a regulation
Article 5 – paragraph 6
Article 5 – paragraph 6
Amendment 302 #
Proposal for a regulation
Article 5 – paragraph 8
Article 5 – paragraph 8
8. Trade secrets shall only be disclosed to third parties to the extent that they are strictly necessary to fulfil the purpose agreed between the user and the third party and all specific necessary measures agreed, including technical and organisational measures, specified in the agreement between the data holder and the third party are taken by the third party prior to the disclosure to preserve the confidentiality of the trade secret. In such a case, the nature of the data as trade secrets and theThe data holder shall identify the data which are protected as trade secrets. When no agreement is reached regarding the necessary measures forto preservinge the confidentiality shall bof trade specified in the agreement between the data holder and the third partyrets or the third party fails to implement those measures, the data holder is entitled to refuse the third party’s access to data which are protected as trade secrets.
Amendment 306 #
Proposal for a regulation
Article 5 – paragraph 6
Article 5 – paragraph 6
Amendment 307 #
Proposal for a regulation
Article 5 a (new)
Article 5 a (new)
Article 5 a Where the user is not a data subject and to the extent strictly necessary for compliance with the obligations to make available data generated by the use of a product or related service under this Regulation, the processing of personal data is lawful according to Article 6(1)(c), or, where relevant, according to Article 9(2)(g) of Regulation (EU) 2016/679. This only applies to access and sharing of data where the prior processing of the data by the data holder is lawful. The making available of personal data shall be proportionate and respect the essence of the right to data protection. The data holder, user and – where applicable – data recipient shall provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject, including technical limitations on the re-use and use of state- of-the-art security and privacy-preserving measures, such as pseudonymisation, or encryption where anonymisation may significantly affect the purpose pursued.
Amendment 312 #
Proposal for a regulation
Article 5 a (new)
Article 5 a (new)
Article 5 a Where the user is not a data subject and to the extent strictly necessary for compliance with the obligations to make available data generated by the use of a product or related service under this Regulation, the processing of personal data is lawful according to Art. 6 (1) (c), or, where relevant, according to Art. 9 (2) (g) of Regulation (EU) 2016/679. This only applies to access and sharing of data where the prior processing of the data by the data holder is lawful. The making available of personal data shall be proportionate and respect the essence of the right to data protection. The data holder, user and – where applicable – data recipient shall provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject, including technical limitations on the re-use and use of state- of-the-art security and privacy-preserving measures, such as pseudonymisation, or encryption where anonymisation may significantly affect the purpose pursued.
Amendment 314 #
Proposal for a regulation
Article 6 – paragraph 2 – point e
Article 6 – paragraph 2 – point e
(e) use the data it receives to develop a product or related service that competes with the product or related service from which the accessed data originate or share the data with another third party for that purpose;
Amendment 315 #
Proposal for a regulation
Article 6 – paragraph 2 – point e a (new)
Article 6 – paragraph 2 – point e a (new)
(e a) use the data it receives to cause substantial damage to the data holder by misuse of the data or to derive insights about the economic situation, assets and production methods of or use by the data holder that could undermine the commercial position of the data holder on the markets in which the data holder is active;
Amendment 321 #
Proposal for a regulation
Article 8 – paragraph 3
Article 8 – paragraph 3
3. A data holder shall not discriminate between comparable categories of data recipients, including partner enterprises or linked enterprises, as defined in Article 3 of the Annex to Recommendation 2003/361/EC, of the data holder, when making data available. Where a data recipient has reasonable grounds to considers that the conditions under which data has been made available to it to be discriminatory, it shall be for the data holder to demonstrate that there has been no discrimination.
Amendment 324 #
Proposal for a regulation
Article 9 – paragraph 2
Article 9 – paragraph 2
2. Where the data recipient is a micro, small or medium enterprise, as defined in Article 2 of the Annex to Recommendation 2003/361/EC, any compensation agreed shall not exceed the costs directly related to making the data available to the data recipient and which are attributable to the requestprovided those enterprises do not have partner enterprises or linked enterprises as defined in Article 3 of the Annex to Recommendation 2003/361/EC which do not qualify as micro, small or medium enterprises, any compensation agreed shall not exceed the costs directly related to making the data available to the data recipient and which are attributable to the request, unless the data holder is also a micro, small or medium enterprise, as defined in Article 2 of the Annex to Recommendation 2003/361/EC, and no imbalance exists between the parties. Article 8(3) shall apply accordingly.
Amendment 334 #
Proposal for a regulation
Article 11 – paragraph 2 – introductory part
Article 11 – paragraph 2 – introductory part
2. A data recipient that has, for the purposes of obtaining data, provided inaccurate or false information to the data holder, deployed deceptive or coercive means or abused evident gaps in the technical infrastructure of the data holder designed to protect the data, has used the data made available for unauthorised purposes or has disclosed those data to another party without the data holder’s authorisation, shall without undue delay, unless the data holder or the user instruct otherwise:
Amendment 346 #
Proposal for a regulation
Article 13 – paragraph 1
Article 13 – paragraph 1
1. A contractual term, concerning the access to and use of data or the liability and remedies for the breach or the termination of data related obligations which has been unilaterally imposed by an enterprise on a micro, small or medium-sized enterprise as defined in Article 2 of the Annex to Recommendation 2003/361/ECnother enterprise that has no meaningful ability to negotiate due to the imbalance of power between the parties shall not be binding on the latter enterprise if it is unfair.
Amendment 347 #
Proposal for a regulation
Article 13 – paragraph 2
Article 13 – paragraph 2
2. A contractual term is unfair if it is of such a nature that its use grossly deviates from good commercial practice in data access and use, contrary to good faith and fair dealing, and it causes a significant imbalance in the party's rights and obligations arising under the contract.
Amendment 369 #
Proposal for a regulation
Article 15 – paragraph 1 – point b
Article 15 – paragraph 1 – point b
(b) where the data request is limited in time and scope and necessary to prevent an imminent public emergency or to assist the recovery from a public emergency, and alternative means to obtain such data are either unavailable or would be inappropriate;
Amendment 375 #
Proposal for a regulation
Article 15 – paragraph 1 – point c – point 1
Article 15 – paragraph 1 – point c – point 1
(1) the public sector body or Union institution, agency or body has been unable to obtain such data by alternative meansexhausted all other means at its disposal to obtain such data, including bythe purchasinge of the data on the market at market rates or by, relying on existing obligations to make data available, andor the adoption of new legislative measures cannotwhich could ensure the timely availability of the data; orand
Amendment 382 #
Proposal for a regulation
Article 17 – paragraph 1 – point e
Article 17 – paragraph 1 – point e
(e) specify an appropriathe deadline by which the data are to be made available or within which the data holder may request the public sector body, Union institution, agency or body to modify or withdraw the request.
Amendment 387 #
Proposal for a regulation
Article 17 – paragraph 2 – point d a (new)
Article 17 – paragraph 2 – point d a (new)
(d a) where applicable, specify the measures to be taken pursuant to Article 19(2) to preserve the confidentiality of trade secrets, in particular with respect to third parties;
Amendment 390 #
Proposal for a regulation
Article 17 – paragraph 4 – subparagraph 1
Article 17 – paragraph 4 – subparagraph 1
Paragraph 3 does not preclude a public sector body or a Union institution, agency or body to exchange data obtained pursuant to this Chapter with another public sector body, Union institution, agency or body, in view of completing the tasks in Article 15 or to make the data available to a third party in cases where it has outsourced, by means of a publicly available agreement, technical inspections or other functions to this third party. The obligations on public sector bodies, Union institutions, agencies or bodies pursuant to Article 19 apply also to those third parties.
Amendment 391 #
Proposal for a regulation
Article 17 – paragraph 4 – subparagraph 1 a (new)
Article 17 – paragraph 4 – subparagraph 1 a (new)
Those third parties shall not use the data they receive from a public sector body or a Union institution, agency or body under this paragraph to develop a product or a service that competes with the product or service of the data holder from whom the data was received, nor share the data with another third party for that purpose.
Amendment 394 #
Proposal for a regulation
Article 17 – paragraph 4 – subparagraph 2
Article 17 – paragraph 4 – subparagraph 2
Where a public sector body or a Union institution, agency or body transmits or makes data available under this paragraph, it shall notify without undue delay the data holder from whom the data was received.
Amendment 406 #
Proposal for a regulation
Article 19 – paragraph 2
Article 19 – paragraph 2
2. Disclosure of trade secrets or alleged trade secrets to a public sector body or to a Union institution, agency or body shall only be required to the extent that it is strictly necessary to achieve the purpose of the request. In such a case, the public sector body or the Union institution, agency or body shall take appropriate measures, prior to the disclosure, take all the necessary and appropriate measures, such as technical and organisational measures, agreed with the data holder to preserve the confidentiality of those trade secrets.
Amendment 409 #
Proposal for a regulation
Article 19 – paragraph 2 – subparagraph 1 (new)
Article 19 – paragraph 2 – subparagraph 1 (new)
Where a public sector body or a Union institution, agency or body transmits or makes data available to third parties pursuant to Article 17 (4), trade secrets shall only be disclosed to third parties to the extent that they are strictly necessary for the third party to perform the tasks that have been outsourced to it and provided that all specific necessary measures, including technical and organisational measures, agreed between the data holder and the third party are taken by the third party to preserve the confidentiality of the trade secret.
Amendment 410 #
Proposal for a regulation
Article 19 – paragraph 2 a (new)
Article 19 – paragraph 2 a (new)
2 a. The data holder shall identify the data which are protected as trade secrets. When no agreement is reached regarding the necessary measures to preserve the confidentiality of trade secrets or those measures are not implemented, the data holder is entitled to refuse access to data which are protected as trade secrets.
Amendment 415 #
Proposal for a regulation
Article 20 – paragraph 1
Article 20 – paragraph 1
1. DFor making data made available to respond to a public emergency pursuant to Article 15, point (a), shall be provided free of chargethe data holder is entitled to claim a compensation, which shall not exceed the technical and organisational costs incurred to comply with the request.
Amendment 417 #
Proposal for a regulation
Article 20 – paragraph 2
Article 20 – paragraph 2
2. Where tThe data holder claims compensshall be entitled to a fair remuneration for making data available in compliance with a request made pursuant to Article 15, points (b) or (c), s. Such compensation shall not exceedat the least cover the technical and organisational costs incurred to comply with the request including, where necessary, the costs of anonymisation and of technical adaptation, plus a reasonable margin. Upon request of the public sector body or the Union institution, agency or body requesting the data, the data holder shall provide information on the basis for the calculation of the costs and the reasonable margin.
Amendment 421 #
Proposal for a regulation
Article 21 – paragraph 4
Article 21 – paragraph 4
4. Where a public sector body or a Union institution, agency or body transmits or makes data available under paragraph 1, it shall notify without undue delay the data holder from whom the data was received, and provide all necessary information regarding the identity of the data recipient and the activities that will be carried out by the data recipient based on the data received pursuant to paragraph 1.
Amendment 468 #
Proposal for a regulation
Article 34 – paragraph 1
Article 34 – paragraph 1
The Commission shall develop and recommend non-binding model contractual terms on data access and use to assist parties in drafting and negotiating contracts with balanced contractual rights and obligations, as well as model contractual terms on the necessary protection of trade secrets and the preservation of their confidentiality.
Amendment 471 #
Proposal for a regulation
Article 35 – paragraph 1
Article 35 – paragraph 1
In order not to hinder the exercise of the right of users to access and use such data in accordance with Article 4 of this Regulation or of the right to share such data with third parties in accordance with Article 5 of this Regulation, the sui generis right provided for in Article 7 of Directive 96/9/EC does not apply to databases containing data obtained from or, shall not be invoked to refuse access to data generated by the use of a product or a related service.