Access to Data (and how to enforce it)
Published on 14th Jun 2022
For most data-driven business models, access to data is key. If a supplier holds data that gives it a competitive advantage (for example on an aftermarket), its competitors will need to find alternative or equivalent datasets or seek to secure access to the first supplier's data. In practice, securing access is not always an easy undertaking. For effective competition on such markets, legal options for gaining access to data for all market participants are crucial.
This is chapter 2.2 of Data-driven business models: The role of legal teams in delivering success
Access to data and competitive advantage
Many suppliers and manufacturers now offer connected products, and many of those products collect data.
Often the data is not about the user, but is about performance or wear and tear. It can be valuable data where it supports aftermarket services associated with the main product, such as repair, maintenance or servicing, or supply of spare parts or additional consumables needed to use the main product. Having access to this data can enable a number of aftermarket actions. For example, it might give the supplier a clear indication of when the customer is likely to need aftermarket services. This might, in turn, enable the supplier to schedule pre-emptive maintenance at the user's convenience, avoiding wear and tear breakdowns and unexpected call-outs for emergency repairs, and facilitating efficient deployment of its workforce. The data might also enable the supplier to order replacement parts or new consumables in good time. This data-driven business model is seen in the automotive industry for cars and car servicing, in the energy sector for smart meters and boiler servicing, and for some connected consumer products that regularly need new supplies of a consumable (such as ink and paper for a printer).
However, where there is a downstream market for the supply of aftermarket services such as repairs and maintenance, or for the associated consumables, access to the data from connected products becomes a strategic issue. If competitors cannot access the data, and cannot access an equivalent or alternative dataset, they may find it more difficult to win that customer for their alternative aftermarket products and services. Access to data from the main product becomes a barrier to entry for aftermarket competitors.
In addition, in some markets collected data is considered to be proprietary by the business that holds it, and not shared. This may mean that third parties have no possibility of using it innovatively to develop new products and services that the incumbents do not offer.
Is it possible for a business using a product to gain access to data generated by its use? Can a third party gain access to the data? Or is the supplier that holds the data free to decide to retain it – and any competitive advantage that flows from the data – for itself?
Data-driven business models
The role of legal teams in delivering success
Legal options to get access to data today
Complaint to a competition authority
European legislators have repeatedly acknowledged and stressed the relevance of data for competition. In this vein, there have been several amendments to national competition laws expressly focusing on the relevance of data. In Germany, with the 10th Amendment to the Act against Restraints of Competition (Competition Act – GWB), the legislator clarified that companies owning certain data can qualify as being dominant and restricting access to such data is abuse. Competition authorities have also not been shy to initiate investigations into practices where the use and access to data has been at the core of the case. An investigation by a competition authority has certain advantages due to the extensive investigatory powers of competition authorities. Therefore, companies seeking access to data may ask authorities for help by lodging a complaint. Such complaints can be by an individual company, a group of companies, a trade association or even anonymous.
However, given that authorities have a discretion regarding if and when to open an investigation, authorities will balance their available resources with (among other things) the complexity of the case, the expected investigatory efforts required, and the economic importance and general relevance of the issues at hand. Against this background, complaints tend to be more successful when the complainant has already built a convincing case setting out the legal issues, providing corroborating evidence and showing the general importance for a wider group of companies or a sector. Should a competent national competition authority or the European Commission initiate an investigation and conclude that the data holder has infringed competition law by restricting access to the data, the authorities can impose remedies on the data holder that not only affect the complainants, but may also benefit other companies.
Direct claims based on competition law
Competition law provides not only for public enforcement but also for private enforcement through litigation. Therefore, companies seeking access to data may alternatively choose to assess a direct civil claim against the data holder. Such claims can be brought as follow-on litigation on the back of a decision from a competition authority or as a stand-alone claim. Follow-on litigation has certain advantages as there is some relaxation of the burden of proof (the decision of the authority is binding for courts with regard to the infringement). However, in most of the cases there is no authority decision on which claimants can rely.
Stand-alone litigation can be based on specific competition law, such as that in Germany dealing with access to data, but also finds support in seminal court decisions on European competition law like the Magill (cases no. C-241/91 P and C 242/91 P) and IMS Heath (case no. C- 18/01) cases of the Court of Justice of the European Union. On this basis a claimant may have a right to access if the access to the specific data is indispensable in order to compete on a downstream market. Given that in a civil claim the burden of proof is on the claimant, it is our experience that the prospects of a successful claim hinge on the diligent preparation of facts, in particular with regard to the type of data, the replicability of data and relevance of that data for the products and services that the claimants offer.
Direct claim based on sector-specific legislation
The EU and national legislators have introduced specific legislation on access to data for certain economic sectors. For example, in the Automotive sector, Regulation (EU) 2018/858 contains specific obligations for car producers to provide technical information on their vehicles to the independent aftermarket (repair shops, spare parts providers and so on). The regulation also provides for a right of independent operators to access the vehicle data stream. As a regulation, these rules are directly applicable in EU Member States, and independent operators can enforce rights in court based on this sector-specific legislation.
The European Commission envisages further access to in-vehicle data via sectoral legislation, which is to be specifically tailored to the distinctive characteristics of the Automotive industry and will serve to supplement the broader approach of the Data Act (see Chapter 2.10).
German particularity: Unfair competition law in connection with sector-specific legislation
In Germany, in addition to basing claims directly on sector-specific legislation, claimants may also enforce such legislation through competition law. The German Unfair Competition Act contains a provision whereby, among other things, competitors and associations may base unfair competition claims on a violation of a market conduct rule. Legislation on access to information or data will often constitute such a market conduct rule. The German Federal Court of Justice has explicitly confirmed that the rules on access to information in the Automotive sector constitute a market conduct rule (Federal Court of Justice, decision of 30.1.2020 – I ZR 40/17).
Basing claims on unfair competition law has several procedural benefits. In particular, these claims can be raised by associations (despite the fact that typically only their members, not the associations as such, will be legal beneficiaries of access rules); claimants may select among several local jurisdictions; and provisional injunctions can be granted by the courts without prior substantiation that the matter is urgent.
Where there is no sector-specific legislation in place, claimants may still try to rely on IP and property rights where their own machinery is concerned. Arguably, the producer of a machine cannot prevent the purchaser of said machine from accessing data generated by it, since the purchase will include rights to use and access the software on the machine. This principle has now also been enshrined in the Data Act (see Chapter 2.10).
Legal options to get access to data in the future
The importance of data-driven business models means that these issues are now at the forefront of regulatory and policy-makers' attention. New legislation and regulators' frameworks will make it more difficult for suppliers of connected products to refuse to share the data that they generate. These changes are driven both by competition policy and by a broader desire to build data economies that offer enhanced potential for innovation and new data-driven products and services.
In the UK, we have already seen data access and interoperability as a competition remedy in open banking, which has given challenger financial services and software companies the ability to offer competing banking services based on compulsory application program interfaces (APIs)/data interoperability (see Chapter 2.3).
This is likely to be reflected in the upcoming EU Digital Markets Act, which will regulate companies acting as “gatekeepers” (likely to include the Big Tech players) in EU digital markets. Parallel regulation is planned in the UK, to be enforced by the new Digital Markets Unit within the UK competition authority.
In particular, the Digital Markets Act proposals include obligations on gatekeepers to allow third parties to interoperate with the gatekeeper's own service in certain specific situations and to allow business users to access data that they generate in their use of the gatekeeper's platform. On the flip side, gatekeepers will be prohibited from usage of certain data, including taking non-public data from business users on their platform to compete with those businesses, and combining personal data obtained from the core platform services with any other service unless in accordance with the General Data Protection Regulation (GDPR).
While these proposals are currently targeted at the leading tech players, they will provide a clear precedent on the usage of data and the requirements of interoperability where players have a strong market position and so may provide useful grounds for bringing complaints in other markets.
More broadly, the EU Commission's Data Act proposals, published in February 2022, envisage creating rights for users of connected products and services to have access to the data held by the supplier but generated from their use of the product or service. The proposals enabling the user to require access are extended to identified third parties. These are radical proposals that will significantly impact on the current ability of suppliers to keep such data as proprietary.
In the UK, the concept of 'smart data' is being actively explored. The example of open banking is being extended into other areas of consumer finance, such as open pensions. But more generally, policymakers are exploring how opening up access to consumer data could power innovation for the benefit of consumers.
As with all regulatory shifts, some businesses will find that longstanding strategies – or less considered default approaches – will need to be reconsidered. Other businesses and start-ups will find new opportunities are created. We expect the opening up of data from these new initiatives to offer the raw material for a new wave of data-driven business models.
Data-Driven Business Models: The role of legal teams in delivering success
Explore the full report
Data-Driven Business Models: The role of legal teams in delivering success
We have partnered with European Company Lawyers Association (ECLA) to produce a report exploring the challenges and opportunities associated with new data-driven business models.
2.1 Shaping success for data-driven business models
2.2 Access to Data (and how to enforce it)
2.3 How open banking has facilitated data-driven business models, and what's next
2.4 Our new products are connected – what implications does that have?
2.5 Data Pooling and Data Integration in Groups of Companies
2.6 Digital twins: enabling sale of a service, not an asset
2.7 Regulating data-powered artificial intelligence
2.8 Digital twins in the built environment
2.9 How to respond to a ransomware attack – an illustrative example
2.10 Cyber security – Are you prepared? Some thoughts on cyber security governance
2.11 Future IP issues relating to data-driven business models
2.12 Challenging the environmental impact of data-driven business models
2.13 Trust and Legal Certainty for the Data-driven Economy? A look into the EU Data Governance Act
2.14 Rethinking regulation of data-driven digital platforms
2.15 Data Law Landscapes Beyond Europe