Legal developments about data spaces:  Data Act, Data Governance Act

  • Home
  • Blog
  • Legal developments about data spaces:  Data Act, Data Governance Act

In this blog, we will plainly explain the emerging field of data governance in European regulation, how this came to be, the current state and what we can expect in the future. These themes were presented and discussed in a workshop with Data4Food2030 consortium partners at the second annual meeting in Thessaloniki.

With GDPR in full force, many users conceptualise data protection as a strictly digital phenomenon. This is a natural approach as most people encounter GDPR on online cookie banners and privacy policies. Nevertheless, GDPR and data governance find their origins in human rights, specifically the right to privacy and protection of personal data. Data protection laws are founded on the idea of protecting human rights; with the advent of laws protecting privacy – data related to identifying natural persons became the object of regulation.

In agriculture and food systems, there is a lot of data not related to natural persons, including but not limited to data linked to machines, finances, livestock and fish, land and agronomic areas and climate data. However, these data sets can be mixed with natural persons (a farmer) or legal persons (companies, cooperatives that may also be farms and farmers, some of whom may also be legal persons) with this non-personal data linked to a geographic location may, in fact, be treated as a mixed data set. Furthermore, some of these elements of non-personal data may be seen or treated as sensitive; in the context of non-personal data, it is worthwhile to recognise that data can be treated as trade secrets. For example, this can be the case of temperature when energy efficiency can be seen as a competitive advantage.

The European data strategy builds on the success of GDPR and promotes a line of thinking from digital sovereignty to data sovereignty; in this strategy, Europe aims to support its digital autonomy and data sovereignty by 2030. This is done with new regulations like the Data Governance Act and the Data Act, which can help promote the targeted 75% adoption rate of cloud, AI and big data technologies among SMEs.

In Europe, data spaces are being created under the guise of the Data Governance Act. Food systems are unique because they fall under the mandate of many different data spaces. There are 12 European common data spaces planned in the Data Governance Act, which are focused on sectors or themes, including the green deal, mobility, health, industry and manufacturing, financial services, energy, agriculture, public administration, skills, cultural heritage, security and law enforcement, and smart communities. Food systems do not fit neatly in any single one of these data spaces but are very much a traversal theme across a number of the data spaces. An interesting question emerging from the Data4Food2030 will be how the data generally interacts with and supports the data spaces.

The Data Governance Act, which came into force in June 2022 and has been applicable since September 2023, regulates data to “data” — “any digital representation of acts, facts or information” and some critical aspects of the Data Governance Act are the Re-use of specific categories of data held by public sector bodies, data altruism and the establishment of the data innovation board. Data Altruism is unique in that it, “means the voluntary sharing of data based on the consent of data subjects to process personal data about them, or permissions of data holders to allow the use of their non-personal data without seeking or receiving a reward.” The Data Act was recently approved and is on track to be an enforceable regulation; it applies primarily to devices related to the Internet of Things.

As these new legislative acts are implemented, there will be more clarity on managing the data economy for food systems. These new legislative frameworks will help fill the gap and clarify some elements of what data needs to be controlled and protected and what can be leveraged for public use. The EU Code of Conduct on agricultural data sharing is an excellent example of how the regulation of GDPR can be applied to a specific sector.

Keep up with Data4Food2030’s progress, by following our social media accounts!

Your submission was successful.

Thank you!