Data Ownership, Data Privacy and Monetization of Data

Given the intrinsic value of data, it is essential that its transmission and protection is properly regulated to ensure its safe use.

In fact, database transactions raise many legal issues ranging from antitrust to privacy, with implications in different areas of law depending on the classification and nature of the data they contain. For example, raw vs. processed data, personal vs. non-personal data, or open vs. confidential data. These legal challenges are particularly daunting given the intangible, non-consumable, and sometimes non-competitive nature of big data.

Once the data is under the control of a company, it is able to determine how it will use – or not use – it. The data does not compete and it can be used by another entity at the same time (ie. in the case of the statistical information obtained by the institutions).

Who owns the data? And what right is held on such data?

There are many legal tools available in this regard, such as trade secret rules or special protection for databases. But whoever legally owns the data feels entitled to use it, so the term data rights seems more appropriate than data ownership in monetization strategies. So The next important question becomes: what kind of data can be used?

Data vs. Information

Translating or describing something in binary allows language, logic, mathematics, arithmetic, and description to be normalized. When we talk about the data that creates and makes up big data archives, we mean digital data. These data correspond to those referred to in the most recent definition of the European legal system contained in EU Regulation 910/201, known as the “eIDAS Regulation,” which defines an electronic document as “any content stored in electronic form, in particular a text or audio recording.”

Analog data (which is not created or read/stored using digital technology) cannot be converted into big data because this modern aggregate data is protected by digital information production technology. Analog data must first be converted to digital data to qualify as part of big data aggregation.

Thus, data is the smallest unit (or bit) of information. Information can be seen as the result of data processing activities, which is the product of a developmental process in which the structure converts data into information according to its operating rules.

A fundamental principle of copyright law states that the law protects not the information itself, but the specific expression in which it appears.

What protection for pure data?

The misappropriation and use of data for unauthorized purposes by unauthorized third parties and the reckless inclusion of such data on the web can eliminate the competitive advantage that a database provides a company and undermine investments carried out during its implementation and maintenance.

Therefore, before developing a data monetization strategy, how to protect the database must first be addressed.

Until now, databases, knowledge and trade secrets are protected by law, while the protection of purely raw data that plays an essential role in the development of commercial and industrial value is uncertain.

For example, the so-called unique rights (implemented in Articles 102bis and 102ter of the Italian Copyright Code) grant exclusive rights to the “author” of the database, prohibiting the extraction or reuse of all or most of the data on forms of illegal economic exploitation in its content.

However, this type of protection does not protect personal data, but only database data, which does not include all data measured by sensors or generated by devices, at least in the early stages of their existence – for example having previously been collected in the database. This situation creates a protection gap in the period between production and data collection, which is detrimental to producers.

The European Union is working hard to provide a satisfactory and accurate response to this need, which is strongly felt by stakeholders, as evidenced by the latest legislative developments. EU measures include a proposal for a directive on the reuse of information in the public sector and a regulation on the dissemination of non-personal data, but above all the various public consultations that have been launched over the last two years, for example on the so-called “database directive,” which provides private protection.

The Commission is currently reviewing this legal framework on data ownership, and the new EU plan is expected to provide legislative updates to enable and facilitate new business models based on data revenue.

The brave new world of data ownership, monetization, and privacy is a complex one that uur attorneys are well-equipped to navigate.

We offer you a panoply of cutting-edge services