The Digital Governance Act

The Digital Governance Act (DGA) establishes robust procedures to facilitate the safe re-use of certain ‘protected’ public-sector data subject to the rights of others – such as trade secrets, personal data and data protected by intellectual property.

The DGA also intends to foster data altruism throughout the European Union, increasing trust in data sharing and establishing trusted data use for research and innovation, amongst other things.

Affected businesses

The DGA applies to different types of organisations, including open data marketplaces and enablers of data pools or data-sharing ecosystems, as well as public-sector and nonprofit-sector organisations.

Key impacts

Pursuant to the DGA, public-sector bodies can rely on the data-sharing framework if they want to share protected data – such as trade secrets, personal data and data protected by intellectual property.

The DGA outlines that the re-use of data held by public-sector bodies shall not be done to restrict competition and shall be nondiscriminatory, transparent, proportionate and objectively justified with respect to the category of data applicable and the purposes of the re-use. It also establishes a ban on exclusivity arrangements, meaning it will not be possible to conclude arrangements, or engage in other practices, pertaining to the re-use of data that grant one party an exclusive right to, or limit the availability of, data for re-use by others.

The DGA sets out the requirements for data intermediation services, requiring them:

• Not to use the data for which they provide data intermediation services for purposes other than putting the data at the disposal of data users.
• To provide the data intermediation services through a separate legal entity.
• To ensure the procedures for access to their services are fair, transparent and nondiscriminatory.
• To maintain a record of their data intermediation activities.

The DGA sets out a voluntary framework of consent-based data sharing for data altruism (the use of data for the greater good).

Enforcement

The DGA does not explicitly provide for sanctions; instead, it shifts the role onto individual Member States to establish provisions for penalties for infringements of the DGA.

Key timings

The DGA entered into force on 23 June 2022 and became applicable on 24 September 2023.

This content is provided for general informational purposes only, and your access or use of the content does not create an attorney-client relationship between you or your organization and Cooley LLP, Cooley (UK) LLP, or any other affiliated practice or entity (collectively referred to as “Cooley”). By accessing this content, you agree that the information provided does not constitute legal or other professional advice. This content is not a substitute for obtaining legal advice from a qualified attorney licensed in your jurisdiction and you should not act or refrain from acting based on this content. This content may be changed without notice. It is not guaranteed to be complete, correct or up to date, and it may not reflect the most current legal developments. Prior results do not guarantee a similar outcome. Do not send any confidential information to Cooley, as we do not have any duty to keep any information you provide to us confidential. This content may be considered Attorney Advertising and is subject to our legal notices.