Skip to main content
|

Add a bookmark to get started

Bookmarks info

Establishing common rules and practices across the EU relating to developing a framework for data governance

The DGA regulates the role of intermediaries in commercial data sharing to ensure data access neutrality, security, portability and interoperability. It also creates a general regulatory framework for re-using protected public data and to facilitate data sharing for altruistic purposes.

The DGA is an EU-wide regulation that has been applicable since 24 September 2023.

The aim of the DGA is to improve the conditions for data sharing in the EU's internal market. It contains horizontal rules, creating a harmonised framework for (personal and non-personal) data exchanges and the basic requirements for data governance. With the DGA, the EU aims to eliminate some of the hurdles for the development of common European data spaces.

 

Who is in scope of the DGA

The DGA applies to different types of entities. The DGA contains a substantial new regulatory framework for data-sharing services that qualify as data intermediation services. Examples include open data marketplaces, enablers of data-sharing ecosystems and data pools that license data to all interested parties and reward all contributors. The DGA also establishes data sharing frameworks for the public sector and the non-profit sector.

“The conditions for data intermediation services can have an important impact on the business model of service providers.”

Requirements for data intermediation services

Among other requirements, data intermediation service providers are required to:

  • remain neutral with regard to the data exchanged between data holders or data subjects and data users;
  • make a prior notification to the competent authorities;
  • provide these services through a separate legal person; and
  • comply with strict obligations in the provision of the relevant services.

 

Data sharing frameworks

Public sector bodies can rely on the data sharing framework established by the DGA if they want to share certain protected data. “Protected data” means data that is protected by, for example, confidentiality, third-party intellectual property rights, trade secrets or personal data protection.

The DGA also sets out a voluntary framework of consent-based data sharing for data altruism, which refers to the use of data for the greater good. Nonprofit organisations that meet certain conditions will be able to be recognised as data altruism organisations.

 

Actions to consider

Providers of data intermediation services should assess whether their services are likely to be in scope for DGA and if so to notify the competent authority. In such cases, a thorough assessment of the new requirements is needed. Public sector bodies and nonprofit organisations should also assess the potential benefits of, and opportunities for, data sharing.

Get in touch with your usual DLA Piper contact or our key contacts below for information on how we can assist you with this exercise.

From our blogs

More To See

Key contacts

Heidi Waem
Heidi Waem
Partner

Related Capabilites

Consumer Goods, Food and RetailInsuranceFinancial ServicesEnergy and Natural ResourcesHealthcareLife SciencesIndustrialsInfrastructure, Construction and TransportMedia, Sport and EntertainmentTechnologyData, Privacy and CybersecurityCybersecurityData Protection
Privacy policyLegal noticesCookie policyModern slaveryWhistleblowingFraud AlertSitemap

DLA Piper is a global law firm operating through various separate and distinct legal entities. For further information about these entities and DLA Piper's structure, please refer to the Legal Notices page of this website. All rights reserved. Attorney advertising.

© 2024 DLA Piper