This document is an excerpt from the EUR-Lex website
The Data Governance Act (DGA) aims to make more data* available for reuse and facilitate data sharing across areas such as health, environment, energy, agriculture, mobility, finance, manufacturing, public administration and skills for the benefit of European Union (EU) citizens and businesses, creating jobs and stimulating innovation.
The regulation sets out:
Reuse of certain categories of publicly held data
Public sector bodies hold vast amounts of data protected by third-party rights (such as trade secrets, personal data or intellectual property) that cannot be used as open data but that could be reused under specific EU or national rules. Whenever such reuse is allowed, public sector bodies will have to comply with the reuse conditions laid down by the DGA. Notably, the reuse conditions should be non-discriminatory, transparent, proportionate, justified and made publicly available.
Data transfer to non-EU countries
A reuser intending to transfer protected, non-personal data to a non-EU country will have to comply with the specific rules in the DGA.
Fees
Fees for reuse should be transparent, proportionate, non-discriminatory and objectively justified. Public sector bodies granting reuse permits can apply reduced or zero fees, for example, for small and medium-sized enterprises, start-ups, civil society organisations and educational establishments.
Single information point
To ensure data can be found (‘findability’), EU Member States will have to ensure that all relevant information on conditions for reuse and on charges is available and easily accessible through a single information point. The European Commission will, in turn, collate this information at data.europa.eu.
Data intermediation services
The DGA regulates the providers of data intermediation services, which are neutral third parties that connect individuals and companies that hold data with others that want to use data. The requirements for such services aim to ensure that such data intermediaries will function as trustworthy organisers of data sharing. To increase trust in data sharing, this approach lays down a model based on the neutrality and transparency of data intermediaries while putting individuals and companies in control of their data.
Entities wishing to provide data intermediation services must:
Data altruism
Data altruism arises when individuals and companies give their consent or permission to make data that they generate available for use in the public interest, voluntarily and without reward. Such data have enormous potential to advance research and to develop better products and services, including in the fields of health, climate action and mobility. Member States may develop national policies to encourage data altruism and an entity engaged in data altruism can apply to be registered as a ‘data altruism organisation recognised in the Union’. The Commission will maintain an EU-level register of these organisations.
European Data Innovation Board
The Commission will set up the EDIB, which will consist of representatives of:
The EDIB’s tasks include advising and assisting the Commission in:
International data flows
As non-personal data may be of considerable economic value, the DGA introduces safeguards to protect such data from unlawful access by non-EU countries’ authorities.
It will apply from 24 September 2023.
The DGA also amends Regulation (EU) 2018/1724 on the single digital gateway.
For further information, see:
Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance and amending Regulation (EU) 2018/1724 (Data Governance Act) (OJ L 152, 3.6.2022, pp. 1–44).
Regulation (EU) 2019/881 of the European Parliament and of the Council of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526/2013 (Cybersecurity Act) (OJ L 151, 7.6.2019, pp. 15–69).
Regulation (EU) 2018/1724 of the European Parliament and of the Council of 2 October 2018 establishing a single digital gateway to provide access to information, to procedures and to assistance and problem-solving services and amending Regulation (EU) No 1024/2012 (OJ L 295, 21.11.2018, pp. 1–38).
Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, pp. 39–98).
last update 20.07.2022