IT and data

Data: making best use of a valuable asset

Published on 28th May 2020

Businesses in all sectors are focusing more than ever on how they can digitise and enhance their interactions with customers, suppliers and others. Data is usually at the heart of those interactions. However, many businesses face challenges when seeking to manage and use the data they have collected – or hope to collect – in the way that they would like to.

DB_network_server

In a series of webinars, chaired by Mark Taylor, we explored some of the most pressing legal issues surrounding the use and exploitation of data, from both a UK and an international perspective. As well as looking at the immediate data protection concerns (where data constitutes “personal data"), we tackled some of the broader issues raised by the use and exploitation of data, including intellectual property, competition and contractual arrangements.

Data ownership and rights

Tamara Quinn tackled the questions of whether data can be "owned", what intellectual property rights exist to protect data, and the issues that commonly arise in contractual arrangements concerning the use and exploitation of data (irrespective of whether data is "personal data").

While some forms of intellectual property rights can be useful to protect data – particularly database rights – they are not straightforward. Database right will not protect many commercial databases that our modern economy generates, such as those being created automatically in connection with electricity consumption via smart meters. The question of who owns database rights is also quite challenging; it won't necessarily be the same as the person who owns any copyright in the database.

For that reason, trade secrets and maintaining confidential information are likely to be sources of important protection for many when seeking to exploit data, as will contractual protections. Tamara gave some practical solutions for maximising protection of data and top tips when seeking to put in place contractual protection for data.

The protection afforded by intellectual property rights – and the ease with which those rights can be enforced – varies globally, even within the EU. Claire Bouchenard – a partner in our Paris office – illustrated this by explaining a particular issue that has arisen under French law, where an assignment of intellectual property rights in a database which is either not capable of protection by intellectual property rights, or capable of protection but not GDPR-compliant, may be held to be void. That issue is, for the moment, a French-law issue, as opposed to one that would also necessarily arise in other EU jurisdictions. The disparity in how data is protected globally reinforces the importance of combining the protection which is afforded to data by intellectual property rights (if any) with strong contractual protections.

Data protection

Data may be collected from a number of different sources to create a profile of an individual, which is then used to tailor a service, product or experience to them. As Georgina Graham explained, personalisation is a great way of increasing customer engagement, sales and improving retention rates, but it also comes with certain (not insurmountable) challenges from a data protection perspective.

When looking at how the value in data can be unlocked by sharing it, it is important to consider the different roles that the persons sharing and receiving data might have and how that impacts on the contractual terms that need to be put in place between them.

As Jon Round discussed, buying and selling personal data poses particular issues in the context of a corporate transaction. Significant technological advances mean that the volume of personal data which sellers hold has risen considerably and the data is also increasingly granular and valuable. It is becoming more common for sellers to structure businesses with exit strategies designed to unlock the value of data as a standalone asset. Since the introduction of the GDPR (and the ICO's recent proposals to apply high fines in connection with pre-acquisition breaches), parties to corporate transactions are more attuned to the risks of exploiting data in non-compliant ways. On the other hand, demonstrating compliance is an opportunity to instil trust in employees and customers.

Joanne Loveridge and Alex Aisthorpe looked at what's on the horizon in the ever-evolving world of data protection, including tackling the uncertainty surrounding cookies (and similar tracking technologies), international transfers of personal data and trends in the protection of personal data globally.

Data and competition

In an economy where data can confer significant market power, Katherine Kirrage looked at how competition law issues apply to the use and exploitation of data, and the intersection of competition and data protection law. These are issues which, in our experience, are too often forgotten.

Competition considerations are relevant to businesses considering their own use of data in connection with their current or future strategies and to those considering the use of data by other players in the market which they want to access. It is not the exclusive concern of big organisations sitting on large datasets and should be considered by businesses throughout their lifecycles, including when just starting out.

Katherine explained how businesses can be forced to grant access to data where they are shown to be abusing a dominant position, and the circumstances in which agreements allowing access to data may be considered to be anti-competitive. In the UK and internationally, authorities and regulators are looking at what additional obligations should be imposed on so-called "gatekeepers" of data (digital advertising platforms, in particular) to address regulatory gaps in existing competition law.

What next?

If you would like copies of the recordings and slides from this webinar series, please contact one of the experts listed below.

Over the next few weeks, we will be publishing a series of practically-focused articles on each of the topics discussed in this series of webinars, and on the use and exploitation of data in certain key sectors. In addition, some of these articles will set out the sector-specific challenges and opportunities being met by businesses looking to unlock the value in data – this being a particular issue we covered in the last of our three webinars.

If you'd like to receive these articles, please update your preferences, or if you would like to discuss any of these issues in more detail, please get in touch with one of our experts, or your usual Osborne Clarke contact.

Follow
Interested in hearing more from Osborne Clarke?
Register now for more insights, news and events from across Osborne Clarke
Sign up
Related articles
Dutch Data Protection Authority issues new guidance and steps up cookie-banner supervision
15/02/2024 4 mins
Data protection law challenges in Europe when using AI services
06/02/2024 3 mins
DORA – New EU cybersecurity law for Crypto
31/01/2024 5 mins
UK Binding Corporate Rules: are updates a reason to reconsider the 'gold standard' transfer tool?
24/01/2024 5 mins

* This article is current as of the date of its publication and does not necessarily reflect the present state of the law or relevant regulation.

Connect with one of our experts

Interested in hearing more from Osborne Clarke?
Register now for more insights, news and events from across Osborne Clarke
Sign up