The Act on safeguarding and regulating cyberspace of 21 May 2024 assigns Arcep two new responsibilities: the first in the cloud computing market, in preparation for Europe’s Data Act, and the second that of regulating data intermediation service providers, in application of Europe’s Data Governance Act. Today, the Authority is opening a window to enable data intermediation service providers to notify their business, and apply for the corresponding certification logo, which is recognised across the entire European Union.
The Data Governance Act and the Data Act: at the core of Europe’s data strategy
Developing services, optimising resources, gaining a more detailed understanding of industrial processes, automating certain tasks, or factoring environmental issues into farming… Data are at the heart of the transformations being made possible by digital technologies.
In 2020, the European Commission announced its strategy for data, seeking to foster the emergence of a Single Market by establishing rules for accessing data and facilitating their circulation. The centrepiece of this strategy is the Data Governance Act, which was adopted in 2022 and creates a harmonised framework of trust to boost the availability and reuse of data within the European Union, while the Data Act introduces a regulatory framework for cloud computing.
Regulating data intermediation service providers: a new remit for Arcep that joins its actions in support of open digital ecosystem
The Data Governance Act defines a new category of player: data intermediaries. Neutral, trusted third parties, they connect individuals and businesses that own personal and non-personal data. They enable them to share and pool data by creating a framework of legal and technical certainty. By unleashing the free flow of data, the regulation seeks to bolster the emergence of new services, in areas such as farming and airport logistics.
To create this framework of mutual trust that will help these new players to grow, the regulation contains a set of obligations designed to guarantee the independence, neutrality and fairness of data intermediation service providers with respect to their users. They must register their business with national authorities. The European Commission will maintain the European register of data intermediation services, which keeps a record of all of the entities notified within the European Union.
Data intermediaries can also ask Arcep to confirm their compliance with the regulations set forth in the new Act, and thereby be certified as a trusted “EU recognised data intermediary”. They will be able to use this label in all of their written and oral communications, along with the associated logo.
Data intermediation service providers in France can notify their business and apply for certification as of today
As part of its newfound responsibilities, Arcep is giving data intermediaries the ability to notify their business and submit a request for certification as of today.
- Practical information on the notification procedure can be found here.
- Practical information on the certification procedure can be found here.
The sector’s stakeholders can contact Arcep by sending an email to: intermediation_donnees[a]arcep.fr. To keep up with Arcep’s latest news and information regarding data intermediation service providers, stakeholders can also sign up for selected mailing lists in the News section (Subscribe) on the Arcep website.