The Council of the European Union has just approved the Data Governance Act, a document that aims to facilitate the re-use of certain protected public sector data and encourage data sharing throughout the European Union, while ensuring strict respect of data privacy. It should be executed by 2023.
When it comes to data, the European Union plays a major role. While the GDPR celebrated its fourth anniversary on May 25th, the European Parliament and the Council of the European Union continue to work for a reasonable and responsible use of data. The Data Governance Act (also known as the DGA) has been in the works since 2019 – the result of a broad consultation covering the private and public sectors. Based on 11 workshops, the DGA is devoted to the strengthening of the control offered to individuals and legal entities on the use and dissemination of their data.
After an initial agreement on April 6th, 2022 to define the scope of the Data Governance Act, the Council of the European Union officially approved the DGA on May 16th, 2022. The Act is expected to be fully implemented by the summer of 2023. Beyond its main ambition, which is to define a unique and homogeneous framework for all European countries, the Data Governance Act is conceived as a legal instrument that should facilitate, fluidify, and rationalize the exploitation of data.
Unlike the GDPR, the Data Governance Act is not limited to personal data, but has much broader ambitions. Ambitions that not only frame good practices related to data governance, but also encourage the exploitation of data from the public sector. Behind the DGA, there is a double aspiration: to preserve the freedom of the business while protecting data privacy.
What exactly is the DGA?
To fulfill its mission of protecting data while creating the conditions for freeing up innovation and creativity, the Data Governance Act is based on four key principles.
The first principle concerns public actors. Like private sector companies, public agencies generate and use large amounts of data. This data falls under the scope of the GDPR and is subject to strict protection and oversight – whether it is personal data, privacy rights, or intellectual property. The DGA sets out a legal and technical framework that defines the rules for the re-use of this protected data, with essential levers such as anonymization or pseudonymization.
The second major component of the Data Governance Act is devoted to the sharing of data (personal or corporate) with non-profit organizations. The regulator’s ambition is to encourage innovation in the public interest in key sectors such as the environment and health sectors. A specific status called ‘altruistic organization’ will thus be created. To benefit from this status, it will be necessary to register officially via a European form and to respect a demanding framework, placed under the line of transparency.
The third principle of the DGA concerns the sharing of data between companies and private actors. These actors use intermediaries whose missions are redefined by the DGA. The principle is clear: to avoid that these intermediaries can exploit the information for their own purposes by sharing it. Once again, the DGA sets out the principle of total transparency, combined with an ambition for sovereignty. For example, these intermediaries must be located in the European Union or the European Economic Area.
Finally, the DGA institutes the creation of a European Data Innovation Council that will compile and share best practices related to data governance, with ongoing reflections on standardization at the European level.
What is the impact of the Data Governance Act for your company?
While the DGA may seem restrictive in developing a precise framework, particularly for data intermediation, it is nevertheless a major step forward. Indeed, behind the native requirement inscribed in the spirit of the Data Governance Act, you will find above all, the ground of trust with your customers as well as your partner ecosystems. A trust that is essential to legitimize all data projects in the service of the efficiency and productivity of your company.
