Is data really that important to a business?
A quick survey of the top companies by market capitalisation readily reveals that data is key.
We use cookies and other similar technology to collect data about you to allow us to deliver our online services, measure our website audience and improve your browsing experience. Full details on the cookies we use are set out in our Cookies policy. Please click OK to signify your consent to our use of cookies.
You can withdraw your consent by clicking “manage cookies” and following the instructions shown.
Global | Publication | February 2021
Errors, incompleteness or biases within data may flow through, and be amplified by, data analytics and process outputs (such as trend analysis and predictions) upon which strategic and investment decisions may depend, potentially causing business losses. Businesses may rely on data sourced from third parties and suffer loss, or cause loss to third parties based on its own data or that it has sourced from others. In this part we deal with liability arising out of use of data / datasets that are in some respect sub-optimal.
Disruptive technologies can give rise to unique risks and a range of liabilities in relation to data in their data ecosystems. Such technology-specific issues are dealt elsewhere (see our sites, AI, IoT, AVs, distributed ledger technology, cryptocurrencies and smart contracts).
Data sourced from different sources may vary in quality. Businesses will need to consider a number of factors in relation to the question of quality:
Are we likely to see legal systems enacting laws that deal with allocating liability specifically in relation to non-personal or industrial data?
EU
As at the date of publication, the European Commission’s view is that the transfer of information should be considered a service, so that the provision of data would fall outside the EU product liability and safety regimes (see the discussion on product liability as it relates to IoT ecosystem data at our site, The Internet of Things).
However, the European Commission is working on addressing the gaps in the present product liability and safety framework exposed by the challenges that arise from the use of emerging technologies (like connectivity, autonomy, data dependency, opacity, complexity of products and systems, software updates and more complex safety management and value chains).1
Other sources of liability need to be considered. In common law jurisdictions, for example, businesses who on-supply data, or who provide services dependent on it, could potentially face claims in contract, in tort (for example, for negligent misstatement) or for some other form of liability. In the EU, for example, there may be consumer claims based on the EU’s Digital Content Directive (2019/770)).
The European Commission is, at the date of publication, exploring the need to clarify rules on legal liability to ensure responsible sharing and use of data in the form of a proposed Data Act (envisaged for 2021) in order to facilitate voluntary data sharing.2
Any such new legislation may impact upon the liability of those businesses reliant upon emerging digital technologies which perform tasks dependent on data, such as distributed ledger technology, AI, IoT and robotics.
Businesses will need to ensure that they circumscribe their own liability to the extent legally permitted in the EU, insure against the potential risks, carry out reasonable checks and monitoring of the quality of data they supply or rely upon, and secure appropriate contractual comfort where possible.
United States
There is no federal legislation specifically allocating liability in relation to data across all industries.
China
China does not have a specific data liability law. However, when data is embedded in a product, say, to activate a function, such data (being a part of the product) will be subject to the quality requirements under the PRC Product Quality Law.
It is also common for information service providers to warrant certain levels of quality in relation to information being supplied, including data. In such cases, contractual liability will apply for breach.
A quick survey of the top companies by market capitalisation readily reveals that data is key.
The value that can be gained from data by businesses will inevitably lead to an increase in the use of data to improve daily operations and to develop new products, services and processes.
In many jurisdictions pure information, or data, is not considered to be property. This is because a claim to property in intangible information presents obvious definitional difficulties.
There is a patchwork of different rights, intellectual property rights and contract rights that may apply to data. Understanding the way in which these rights come into play enables a business to understand how its data assets can be protected.
Disruptive technologies, such as AI, IoT, AVs, distributed ledger technology (DLT), cryptocurrencies and smart contracts, generate many different forms of data. What are the particular characteristics of such data, and to what extent can intellectual property rights or other rights protect them?
In this section, we review the EU’s position with regards to industrial and non-personal data and look at whether other jurisdictions have similar initiatives.
Data location laws (in relation to industrial and non-personal data) can be restrictive (as in banking secrecy laws, which may require some types of data to remain onshore or to be “localised”) or liberalising (as in laws that ban the prohibition of export of data from a locality).
In furtherance of the objective of leveraging existing datasets paid for by public funds, a number of jurisdictions have sought to make public sector information (PSI) available to industry.
The exclusive possession or control of data can have antitrust / competition law considerations, giving rise to access disputes.
The uncertain nature of intellectual property rights in data means that “contract is king” in data transactions.
Data is an incredibly valuable resource for businesses, enabling organisations to effectively operate and to make business improvements. In order to exploit this value most effectively, businesses must invest in good data management.
Errors, incompleteness or biases within data may flow through, and be amplified by, data analytics process outputs upon which a business's strategic and investment decisions may depend, potentially causing business losses. In this section we deal with liability arising out of use of data / datasets that are in some respect sub-optimal.