Data has become one of the most important resources in postmodern information society. However, European civil law does not reflect this development adequately. In fact, so far, European civil law seems to struggle with handling data as a legal entity. Against this background, the article provides a transnational overview and a comprehensive analysis of the legal situation in Europe. It discusses why data ownership is widely perceived as a problem on this side of the Atlantic and how this perception can be overcome by a fundamental property law approach. Taking into account economic realities, we argue that European property law provides a sufficient framework for establishing a theoretical concept of data ownership. Therefore, we draft the dimensions of a data ownership concept by proposing potential criteria for assigning ownership and analyzing both positive access and negative restriction rights.'Data Ownership' ( CIGI Papers No. 187, Ottawa Faculty of Law Working Paper No. 2018-26) by Teresa Scassa comments
The rapid expansion of the data economy raises serious questions about who “owns” data, and what data “ownership” entails. In most jurisdictions, data that are kept confidential can be protected as confidential information. However, such data are vulnerable to exposure through hacking or leaking by third parties. In many instances, significant stores of data cannot be kept confidential, and protection must be sought elsewhere. Copyright law has long treated facts as being in the public domain, but will provide protection for compilations of facts that meet the threshold for “originality.” Such protection is considered to be “thin,” as it does not extend to the underlying facts, applying only to their original selection or arrangement. In the European Union, database rights offer a more robust protection for compilations of data, but they also fall short when it comes to protecting the facts that make up such compilations.
Debates over ownership rights in data have been heating up. In Europe, policy makers have raised the possibility of creating sui generis ownership rights in data. In Canada, a recent court decision has raised the interesting question of whether facts and data should be treated differently in copyright law, offering a far more robust protection for data than for facts. In addition to these developments, Europe’s new General Data Protection Regulation also appears to vest certain rights in data subjects through the newly introduced concept of data portability.
If data are capable of ownership, either through a sui generis right or copyright law, this raises important questions about how to strike a balance between the rights of data “owners” and the public interest in access to and reuse of data. This paper will explore the legal bases for claims of ownership of data, the extent of the public interest in access to and use of data, and the areas in which public policy development is required to address the changing needs of the data economy and society.The national Government has announced a new whole-of-government Hosting Strategy, characterised as providing
a new framework that strengthens data sovereignty, supply chain and data centre ownership provisions to increase security, protect privacy and improve resilience of data infrastructure. This includes a requirement that data centre facilities that host high-value government data achieve certification as “sovereign” or “assured” data centres. ...
“This Strategy will ensure that we have a trusted, secure hosting ecosystem, including data centre and network infrastructure, and our services can rely on data being safe and secure throughout the supply chain.” As part of the Strategy, a new Digital Infrastructure Service will be established to manage data centre certification and ensure the ecosystem is supported by an effective and efficient network infrastructure.