No law on data ownership and access rights at this point in time
As expected, the communication on building a European data economy establishes four thematic priorities. One chapter examines the free flow of data in the EU, another data ownership and access rights. Furthermore, liability issues linked to autonomous systems and data portability are addressed. However, for the time being the European Commission holds back from making a legislative initiative in the area of data ownership law – in line with a request made by business. BDI had repeatedly warned against hasty legislation reactions in this area. On the issue of data access rights, this explicitly relates also to non-personal technical and machine data which are increasingly being generated in Industry 4.0. The Commission points out that rights to technical and machine data, in particular to machine-generated raw data, are widely unregulated in law. It is also convinced that the macroeconomic benefit will be all the greater if more market participants have access to as many data as possible and can also use them. But it would like to conduct an open discussion on the need for regulation. In particular, it is important to look at the questions of how companies can be incentivised to maximise access to parts of their data, how to prevent lock-in effects but also how investments can be protected. Participation in the consultation is still possible until 26 April 2017.
New e-privacy regulation could also have a knock-on effect for Industry 4.0 and the Internet of things
In January 2017, the European Commission also presented a proposal for a regulation amending the data protection directive for electronic communication, the so-called e-privacy directive. The purpose of the 2009 directive is to protect the private sphere and the confidentiality of communications. The proposal for a regulation is now intended to update the directive. The proposal is closely interlinked with the general data protection regulation which will enter into force in May 2018. As a regulation, it would be directly applicable in all EU Member States. According to the wish of the Commission, the e-privacy regulation should in future serve to protect not only the private sphere of natural persons but also the confidentiality of the communications of legal persons, e. g. business secrets or sensitive company information. Providers of online telecommunication services (so-called OTTs) should in future also be covered by the protection obligations alongside classical telecommunication service providers. The Commission also expressly includes the exchange of information between machines in the proposal for a regulation. This would also impact on the transfer of data in the so-called Internet of things, e. g. on automated driving.