Is data really that important to a business?
A quick survey of the top companies by market capitalisation readily reveals that data is key.
Industrial and non-personal data: Building blocks of emerging technologies
Data is a vital asset for almost all businesses. In many cases it is fundamental to profitability and survival. Many businesses now have a mature understanding of the regulatory and commercial imperatives applicable to personal data, but may have not developed the same degree of data literacy in relation to industrial and non-personal data.
Managing, and extracting value from, such data can be a significant challenge. The increasing complexity of data capture, control, management, and analytics in the digital economy could well overwhelm businesses who are not sufficiently data literate. For example:
- Ownership: data are intangible and can be copied and used by multiple businesses, and (with some exceptions) at the moment generally fall outside the scope of property law in common law jurisdictions, leading to difficult questions in relation to ownership.
- Combining data: data can be combined with, or interact with, other data to make new, derived data, which can be used to drive, or to be manipulated, by software or algorithms (such as artificial intelligence (AI)) in order to produce a variety of outcomes. The transformable nature of data can lead to new contractual and liability issues.
- Governance: the imperative for better data governance by businesses is likely to increase, driven in part by potential business partners, business and consumer clients, and by law.
Accordingly there is potentially a large range of issues a business will need to consider when dealing with industrial and non-personal data. For example, how can businesses control and protect such data, use third party data, minimise risks in deploying data, value and monetise such data, and comply with rules and regulations applicable to (non-personal) data?
What do we cover?
With the object of outlining the main issues a business should be mindful of in relation to protecting its data as an asset, working with partners using or monetising data and managing risks specific to data, we examine the following in more detail:
- The importance and increasing use of data
- The nature of data, ownership, and control
- Ways of protecting data
- Disruptive technology data
- The regulatory environment for data
- Regulated data activities
- Antitrust / competition law data issues
- Contractual considerations in sharing data
- Managing data
- Liability issues specific to dealing in data
We discuss the legal position in a number of jurisdictions, using them as case studies, in order to illustrate principles of more general application in relation to industrial and non-personal data (given the breadth of laws potentially applicable, we do not attempt to state the law exhaustively in relation to such data for those jurisdictions). We do not address issues specific to personal data.
Local law advice should always be sought in relation to any data project.
The myriad ways in which data may be used
The value that can be gained from data by businesses will inevitably lead to an increase in the use of data to improve daily operations and to develop new products, services and processes.
Nature of data, ownership, and control
In many jurisdictions pure information, or data, is not considered to be property. This is because a claim to property in intangible information presents obvious definitional difficulties.
Ways of protecting data
There is a patchwork of different rights, intellectual property rights and contract rights that may apply to data. Understanding the way in which these rights come into play enables a business to understand how its data assets can be protected.
Disruptive technology data: case studies
Disruptive technologies, such as AI, IoT, AVs, distributed ledger technology (DLT), cryptocurrencies and smart contracts, generate many different forms of data. What are the particular characteristics of such data, and to what extent can intellectual property rights or other rights protect them?
The regulatory environment for data
In this section, we review the EU’s position with regards to industrial and non-personal data and look at whether other jurisdictions have similar initiatives.
Free flow of data
Data location laws (in relation to industrial and non-personal data) can be restrictive (as in banking secrecy laws, which may require some types of data to remain onshore or to be “localised”) or liberalising (as in laws that ban the prohibition of export of data from a locality).
Data for re-use
In furtherance of the objective of leveraging existing datasets paid for by public funds, a number of jurisdictions have sought to make public sector information (PSI) available to industry.
Antitrust / competition law data issues
The exclusive possession or control of data can have antitrust / competition law considerations, giving rise to access disputes.
Contractual considerations in sharing data
The uncertain nature of intellectual property rights in data means that “contract is king” in data transactions.
Managing Data
Data is an incredibly valuable resource for businesses, enabling organisations to effectively operate and to make business improvements. In order to exploit this value most effectively, businesses must invest in good data management.
Liability
Errors, incompleteness or biases within data may flow through, and be amplified by, data analytics process outputs upon which a business's strategic and investment decisions may depend, potentially causing business losses. In this section we deal with liability arising out of use of data / datasets that are in some respect sub-optimal.
Subscribe to Inside Tech Law
Head of Information Governance, Privacy and Cybersecurity, EMEA
Head of Information governance, privacy and cybersecurity, Asia Pacific
Head of Intellectual Property, Europe, Middle East and Asia
