EU Data Governance Act adopted by Parliament

The Council of the European Union formally adopted the Data Governance Act on 6 April 2022, establishing the first component of the European Data Strategy's legislative framework. The regulation creates frameworks for public sector data reuse, data intermediation services, and data altruism organizations to enable trusted data sharing across the EU.

Public Sector Data Reuse

Protected data categories subject to the DGA include data held by public sector bodies that cannot be made openly available due to confidentiality, intellectual property, or personal data protections. This addresses data that is valuable for innovation but requires access controls.

Conditions for reuse include technical measures ensuring data protection, access restrictions limited to necessary scope, and requirements that reuse not lead to re-identification of individuals. Member States must designate competent bodies to assist with reuse requests.

Exclusive arrangements prohibition prevents public sector bodies from granting exclusive data access rights except where necessary for service provision in the public interest. Existing exclusive arrangements must be reassessed against DGA requirements.

Data Intermediation Services

Service categories include intermediaries helping bilateral data sharing between data holders and users, platforms enabling multi-party data pooling and exchange, and services supporting data subject consent management for personal data sharing.

Registration requirements require data intermediation services register with national authorities before starting operations. Registration provides legitimacy and enables regulatory oversight of intermediary activities.

Neutrality obligations prohibit intermediaries from using shared data for their own purposes other than operating the intermediation service. This ensures intermediaries act as neutral facilitators rather than competing with parties using their services.

Interoperability duties require intermediaries to use common standards enabling data portability between services and prevent lock-in effects that would undermine the regulation's data sharing objectives.

Data Altruism Organizations

Public interest purposes define data altruism as voluntary data sharing for general interest objectives such as scientific research, public health improvements, climate change mitigation, and mobility improvement. The framework provides trusted channels for altruistic data contributions.

Recognition regime enables organizations pursuing data altruism purposes to register as "data altruism teams recognized in the EU." Recognition provides transparency about data handling practices and builds trust with potential data donors.

Consent mechanisms for personal data donations require clear, specific consent for altruistic purposes, with ongoing rights to withdraw consent and access information about data use. The European Data Altruism Consent Form provides standardized consent documentation.

Governance Structure

National competent authorities designated by member states oversee data intermediation services and data altruism organizations, handling registration, complaints, and enforcement within their jurisdictions.

European Data Innovation Board provides expert advice on data governance matters, supports interoperability of common data spaces, and helps cross-border cooperation between national authorities.

Timeline overview

The DGA entered into force on 23 June 2022, with most provisions applying from 24 September 2023. Organizations operating data intermediation services or pursuing data altruism recognition should assess registration requirements and prepare compliance programs.

Teams should evaluate opportunities to use public sector data through DGA mechanisms, assess whether their data sharing activities require registration as intermediation services, and consider data altruism participation for corporate social responsibility initiatives.