Developing data sharing and creating a single market for data, to foster innovation and economic development while guaranteeing protection for citizens’ rights and data security and safety: these were the European Commission’s overarching ambitions when crafting its data strategy in 2020. To achieve these goals, two European legislative acts were established: the Data Act[1] and the Data Governance Act[2] , to increase the availability of data and promote their voluntary sharing, while creating a framework of trust between stakeholders.
In particular, the Data Governance Act (DGA) creates the status of data intermediary for companies operating as neutral third parties connecting data owners with data users, by creating a data marketplace, for instance. To this end, it establishes harmonised rules that enable reliable and trustworthy data intermediation services to develop in Europe, creating a key pillar for the development of data trading and pooling between different sectors.
Service providers in France can therefore be vetted by Arcep to obtain the label of “data intermediation services provider recognised in the Union”.
Arcep has adopted the first two decisions authorising the firms M-iTrust and Hub One DataTrust to use the “data intermediation services provider recognised in the Union” label.
To obtain this label, providers must comply with the requirements set out in Article 12 of DGA, notably in terms of data intermediation services’ independence, neutrality and fairness with respect to the data owners using their services. These guarantees of reliability and trustworthiness are vital to creating the conditions for the development of a healthy data-driven economy, fostering innovation for the benefit of citizens.
Since the DGA entered into force, nine companies in France have notified themselves to Arcep as data intermediation service providers, which testifies to an encouraging momentum in the European Union where 26 data intermediaries have notified themselves thus far. They operate in a wide range of sectors, including agriculture, airport logistics, space and health. Of these, two companies, M-iTrust and Hub One DataTrust, applied to obtain the EU label. The first, M-iTrust, provides a data intermediation service designed to enable the parties involved to transmit, with their consent, some of their personal or business data collected from reliable sources (government organisations, telcos, power companies, banks, insurance companies) to service providers that use these data. The second, Hub One DataTrust, offers a data intermediation service for companies that own and use airport sector data.
In its examination of the label applications from these two companies, Arcep found no reason to reject the award of the “data intermediation services provider recognised in the Union” label, with regard to the conditions set forth in Article 12 of the Data Governance Act, and after having consulted with France’s Data Protection authority, CNIL, to ensure they did not raise any data privacy issues. These companies are thus authorised to use this label and the associated logo.
In accordance with its “Ambition 2030” strategy, Arcep is committed to pursuing its proactive approach to listening to and supporting all of the stakeholders on track to develop innovative data sharing projects
To sustain this encouraging momentum, in its strategy the Authority reaffirmed its commitment to fostering the emergence of data intermediation service providers and
what are still nascent surrounding ecosystems, while guaranteeing a high level of trust in these companies. To this end, project owners and this ecosystem’s stakeholders can contact Arcep by email at the following address: intermediation_donnees[a]arcep.fr