- Use Cases
If you have been following us during the “Stay at home” period, you might have noticed that Covid-19 has prompted unprecedented levels of data sharing across the world. However, you might still be uncertain about which data you can legally publish, especially if you live in Europe.
Over the last years, the European Union has earned the reputation of being a data protection champion, largely thanks to the landmark General Data Protection Regulation (GDPR), which was implemented in 2018. But here’s the good news: the EU also wants to lead the way in open data and data sharing.
Can the EU achieve data protection and open data at the same time? Continue reading to find out!
Data generated with public money should be made freely available for re-use by the public, notably businesses, civil society, and researchers, to boost open innovation across the economy and society. This is the idea behind the 2019 Directive on Open Data and the Re-Use of Public Sector Information.
This Directive applies to all data that can be accessed under the “access to information” laws of each Member State and that is held by national, regional, or local public organizations. Public bodies include ministries, State agencies, libraries, cultural heritage institutions, but also publicly funded research centers and public companies, such as transport, utilities, and postal services. Only security, intellectual property and personal data are excluded from the legislation.
Data re-use may be free of charge or at a low usage fee that does not exceed the marginal cost of their dissemination. “High-value” datasets (geospatial, earth observation, environmental, meteorological, statistical, mobility, company ownership) are always free of charge and available through APIs and, where relevant, as bulk download. The Open Data Directive reduces costs for SMEs and enhances public sector transparency. Its only flaw? It does not indicate a common open standard license, so if different countries choose different standards, interoperability issues might arise.
Are open data and data sharing a worthwhile investment for private companies? An increasing number of businesses think they are. While most initiatives are voluntary and self-regulated, a regulatory framework is emerging in some sectors. Remember “Open Banking” from my last article? Let’s have a closer look at the legislation behind it. The 2016 Payment Service Directive 2 (PSD2) opens the market for payment services to Third Party Providers (TPPs). For simplicity, let’s consider again the French mobile payment app Lydia.
The PSD2 applies to 3 types of services: payment initiation (for instant online payments), account information (to centralize control over many payment accounts) and issuance of card-based payment instruments (by TTPs). The Lydia app offers them all: control over different bank accounts, money transfers including by text message or email, creation of online money pots, payments by QR code and digital wallets, and, in the premium version, also a Lydia Mastercard. How is this possible?
The PSD2 Directive requires all institutions offering payment accounts, such as banks, to provide account data and services through APIs to authorized and regulated third parties acting on behalf of the account’s owner. To ensure compliance and help banks identify trusted TPPs, a European Open Banking platform was launched. It provides a central repository of Access to Account information, a Regulatory Directory (containing the list of registered TPPs) and a Transparency Directory (containing operational and contact information about TPPs).
Aside from the Open Data Directive, data coming from publicly funded research also falls under the scope of the 2016 Communication on the European Cloud Initiative. In this document the European Commission laid the ground for the creation of the European Open Science Cloud (EOSC), a platform launched in 2018.
The EOSC is a federation of existing scientific clouds that provides a single point of access to data coming from publicly funded research and allows for its re-use free of charge. Available datasets are interoperable, thus allowing for interdisciplinary research. Represented fields include medicine, natural sciences, physics, earth sciences, arts, humanities, agriculture, and engineering. The platform also offers complementary services, such as data management, processing, analysis and storage, computational capacity, security, networking, training, and directories of scientific papers.
The long-term objective is to expand the EOSC user base to the public sector and to relevant industries, thus advancing both Open Science and Open Innovation to the benefit of society and the economy.
The latest development in data regulation is the European Data Strategy published in February 2020. Among its objectives is to set up a legislative framework and funding capacity to create Common European Data Spaces for the agricultural, industrial, financial, mobility, health, public, digital skills, and green sectors. An Implementing Act will specify which datasets classify as “high value” in the Open Data Directive and a Data Act will encourage B2B and B2G data sharing. Resources will also be devoted to interconnecting existing computing capacities, such as the EOSC and the DIAS clouds of Copernicus earth observation data, and to develop a cloud services marketplace for the public and the private sectors.
The EU has successfully achieved data protection and open data at the same time. How? By excluding personal data from its open data regulation and by subjecting data sharing to the high consent and security standards of the GDPR. Will the EU also succeed in implementing its new Data Strategy? The upcoming years will tell.