European Data Market SMART 2013/0063 D 3.6 and...
Transcript of European Data Market SMART 2013/0063 D 3.6 and...
European Data Market SMART 2013/0063 D 3.6 and D 3.7 Data Ownership and Access to Data – Key Emerging Issues Final Release
29th January 2016
2
Author(s) Gabriella Cattaneo, Giorgio Micheletti, Alys Woodward (IDC); David Osimo (Open Evidence)
Deliverable D 3.6 and D 3.7 Quarterly Stories – Story 6 and 7 (Final Release)
Date of delivery 29th January 2016
Version 4.0
Addressee officer Katalin IMREI
Policy Officer
European Commission - DG CONNECT
Unit G3 – Data Value Chain
EUFO 1/178, L-2557 Luxembourg/Gasperich
Contract ref. N. 30-CE-0599839/00-39
3
TABLE OF CONTENTS
EXECUTIVE SUMMARY ............................................................................................................... 5
1 INTRODUCTION ............................................................................................................ 7
1.1 MAIN OBJECTIVES AND SCOPE .......................................................................................... 7
1.1.1 Objectives .................................................................................................................................... 7
1.1.2 Scope ........................................................................................................................................7
1.2 METHODOLOGY APPROACH .............................................................................................. 7
1.2.1 Secondary Research and Expert Interviews ................................................................................ 7
1.2.2 Real-life Case Studies .................................................................................................................. 8
1.3 THE STRUCTURE OF THIS DOCUMENT ................................................................................ 9
2 DATA OWNERSHIP: DEFINITION, CONTEXT AND EMERGING ISSUES .............. 10
2.1 DATA OWNERSHIP: A DEFINITION IN THE MAKING ............................................................. 10
2.2 POLICY CONTEXT ........................................................................................................... 10
2.3 EMERGING CRITICAL ISSUES ........................................................................................... 11
2.3.1 Identifying Data Owners ........................................................................................................... 11
2.3.2 Contractual Arrangements and Business Models ...................................................................... 12
2.3.3 Data Value and Pricing .............................................................................................................. 14
2.3.4 Data Ownership and Market Efficiency...................................................................................... 14
3 DATA OWNERSHIP IN PRACTICE: SELECT CASE STUDIES................................ 16
3.1 INVESTIGATING DATA OWNERSHIP .................................................................................. 16
3.1.1 Manufacturing and the Case of SAP Industrial Machinery and Components ............................ 16
3.1.2 Banking and Finance and the Case of BBVA Data & Analytics ................................................... 19
3.1.3 Social Media and the ICT Sector ................................................................................................ 22
3.1.4 Business Intelligence & Analytics and the Case of Blue Yonder ................................................ 24
3.1.5 Transport and the Usage of Mobile Phone Data ................................... Error! Bookmark not defined.
3.1.6 Software and Business Intelligence and the Case of Qlik ......................................................... 27
4 FINAL CONSIDERATIONS ......................................................................................... 29
4.1 DATA OWNERSHIP ISSUES .............................................................................................. 29
4.2 POTENTIAL MARKET IMPACTS ......................................................................................... 30
4.3 POLICY IMPLICATIONS ..................................................................................................... 31
MAIN SOURCES ......................................................................................................................... 33
4
Table of Figures
Figure 1 Different Forms of Data-Related Business ............................................................................. 13
Figure 2 One-to-One Facilitator Scenario in the Manufacturing Industry .............................................. 17
Figure 3 The Cloud Provider Scenario in the Manufacturing Industry .................................................. 18
Figure 4 BBVA, BBVA Data & Analytics and its lines of businesses .................................................... 20
Figure 5 Social Networks and Users’ Relationships – The Platform Approach .................................... 22
Figure 6 Example of Engagor’s Analytics Tool...................................................................................... 23
Figure 7 Blue Yonder’s, Data Aggregators and Customers’ Relationships .......................................... 25
Figure 8 Qlik and its data-based business intelligence services ........................................................... 27
Table of Tables
Table 1 Case Study List .......................................................................................................................... 8
5
Executive Summary
Data availability, and the extent to which data is flowing across sectors and organizations, play a
fundamental role in sustaining and developing the emergence of a European data-driven economy. In
defining and specifying the rights to create, edit, modify, share and restrict access to data, data
ownership becomes a pivotal factor affecting a growing number of potential data users and an increasing
range of data-related activities.
Nonetheless, the concept of data ownership does not come without challenges. Through a series of
real-life case studies among several European businesses, this document reviews in practice some of
the most significant issues affecting data ownership, data access, data use & re-use, and data exchange
in Europe today and in the near future. Our empirical analysis, coupled with in-depth interviews with
legal experts, shows that European businesses find it difficult to adopt a viable, shared definition of data
ownership and resort to existing intellectual property rights’ (IPR) regimes, or current database rights’
systems, to safely exchange data. As a consequence, most of the stakeholders that have participated
to this study do not exercise any pressing request for new, data-related contractual arrangements or
alternative types of regulatory regimes specifically oriented to manage data ownership and are content
with the existing contractual forms in use. At the same time, our investigation reveals that Europe’s
rapidly evolving data market is constantly putting forward new business models and that data
stakeholders in Europe may well benefit from ad-hoc guidelines to adjust the existing contracts to these
emerging data-based business models. If more and more European companies do embrace innovative
data-based business models, no evidence emerges yet as to the existence of a well-functioning, shared
and recognized data-pricing mechanism. Indeed, data are often exchanged “in bundles” with other
services so that their value is inevitably included in the overall price that businesses apply to the bundled
service.
The way data ownership and data access are managed and regulated can directly affect the functioning
of the data market. Companies having a high concentration, or accessing huge amounts of data, could
easily incur in situations of market asymmetry, which – in turn – may result in different forms of market
distortion. In our case studies we found no significant evidence of severe market abuse as the current
level of data exchange and data re-use does not seem to cause stark hindrances to the overall market
efficiency, at least at this stage of the process.
Our analysis has finally revealed that the notion of data ownership, data access and data control is
intimately connected with the overall development of a balanced playing field in the European data
market with key implications for the whole competitiveness of Europe’s data economy. In the opinion of
the data-stakeholders taking part to this study, data ownership should therefore be considered within
the broader framework of growth, innovation and competition policies and not seen simply as a
contractual issue or a legal matter. This is not to say that a certain number of guidelines, as well as new
types of model contracts, could be fruitfully developed by the industry to help data-stakeholders come
to terms with emerging business models and new business cases. Further adjustments to regulatory
frameworks on data ownership could also enable and promote cross-border data flows in the context of
the Digital Single Market – in fact, EC initiatives such as the Free-Flow-of-Data Initiative to be launched
in 2016 seem to go in this direction and are being positively received by the stakeholders and the
businesses that we contacted in our research.
6
7
1 Introduction
1.1 Main Objectives and Scope
1.1.1 Objectives
The main objective of this report is the analysis of the emerging policy issues concerning data
ownership, data access and data re-use in the context of the European Data Market and the evolution
towards the data-driven economy. This report is one of a series of in-depth analyses focusing on the
development of the data-driven economy in Europe based on case studies by sector and by topic. This
report constitutes the deliverables D3.6 and D3.7 of the study “European Data market SMART
2013/0063” entrusted to IDC and Open Evidence by the European Commission, DG Connect.
1.1.2 Scope
As requested by the European Commission, this document will explore the following topics:
The definition and implications of data ownership within the context of Europe’s emerging data
market;
The relevance and suitability of existing contractual arrangements underpinning or regulating
data access, data use, re-use and exchange;
The existence and effectiveness of appropriate tools and mechanisms to estimate the value of
data, as well as the different business models that can be generated by the use, re-use and
exchange of data;
The extent to which a possible data ownership-related and data-access-related information
asymmetry leads to market disruptions in Europe.
Through an empirical, use-case-based investigation of the above issues, the document will present a
set of final considerations on the evolution of the European data market and its main policy implications.
1.2 Methodology Approach
The present report is the result of a mixed effort entailing both secondary and primary research activities.
The first part of the research was devoted to the acquisition of the necessary information providing a
comprehensive picture of the debate about data ownership, data access and data re-use in Europe
today. The second part consisted in an in-depth, empirical investigation of the key issues emerging from
the first part the research. This investigation was carried out through a series of real-life case studies
selected among a number of representative European data-related businesses and data stakeholders.
1.2.1 Secondary Research and Expert Interviews
Secondary desk research has been undertaken on a number of existing publicly available sources (from
international economic organizations, to global management consulting firms and specialized press) as
referenced in the footnotes and in the “Main Sources” section at the end of this document. The study
team has subsequently interviewed two legal experts in data management to properly apprehend the
overall regulatory framework currently revolving around the topic of data ownership and access to data.
The experts were:
Dr. Hans Graux, founding partner at time.lex, and member of the ICT Committee of the Council of
Bars and Law Societies of Europe (CCBE).
Dr. Bart Custers, Leiden University – ELAW (Institute for Law in the Information Society).
8
In addition, we have carried out multiple rounds of discussions with IDC colleagues analyzing data-
related technologies and end-user markets. In particular, we have spoken with executives and managers
form the following departments:
IDC European Software, Big Data & Analytics;
IDC European Infrastructure Software;
IDC European SaaS and Cloud Computing;
IDC Storage Software;
IDC Finance Insights;
IDC Government Insights;
IDC Energy Insights;
IDC Manufacturing Insights.
1.2.2 Real-life Case Studies
To further examine the strength and relevance of the issues identified through the desk research and
the expert interviews, we have conducted a series of in-depth interviews with relevant stakeholders in
the European data economy. Upon the identification of a long list of potential representative
interviewees, we have selected and produced the following case studies.
Table 1 Case Study List
Company/Organization Industry Brief Description Interviewee
SAP
Manufacturing
Industrial Machinery
and Components and
data platforms
Georg Kube, IBU Director,
Industrial Machinery and
Components
BBVA Data & Analytics Banking and
Finance
Access to customer
and non-customer
data and role of APIs
Marcelo Soria, VP Data
Services
ENGAGOR
Social Media / ICT
Start-Up
Use and access of
social media data and
role of APIs
Jurriaan Persyn, CTO
Blue Yonder
Business
Intelligence &
Analytics / ICT
Use and access of
customers’ and Third-
Party’s data
Lars Trieloff, Director of
Product Management
Qlik
Business
Intelligence &
Analytics / ICT
Enhanced services
through customers’
and Third Party’s data
Josh Good, Director of
Product Marketing, Qlik
and Hjalmar Gislason, VP
of Data, Qlik
9
1.3 The Structure of this Document
The document is structured along three main chapters:
The first chapter proposes a working definition of data ownership and identifies the key emerging
critical issues around its notion;
The second chapter presents a number of real-life case studies describing, in practice, how these
critical issues are being tackled and possibly solved by data-related stakeholders in Europe;
The third chapter outlines the most significant considerations emerging from the current research
while attempting a first stock-taking of data ownership’s and data usage’s practices in Europe.
10
2 Data Ownership: Definition, Context and Emerging Issues
2.1 Data Ownership: A Definition in the Making
Data ownership, and the associated ability to access or retrieve data within a repository (i.e.: data
access), is not a new concept as it has been investigated in data management literature since the
beginning of the century. As back as in 2002, Loshin defined data ownership as both the possession of,
and responsibility for, information. In this respect, not only does data ownership include the ability to
access, create, modify, package, derive benefit from, sell or remove data, but also the right to assign
these data access-related privileges to others (Loshin, 2002). The importance of data ownership relates
directly to “the intrinsic value of data, as well as their added value as a byproduct of information
processing“: according to Loshin, the degree of ownership (and by corollary, the degree of responsibility)
is driven by the value that each interested party derives from the use of that information” (Loshin, 2002)1.
Data ownership’s prominence in the data management debate and its centrality in economic, business
and legal circles, has contributed to put it at the core of policy discussions. In its interim synthesis report
on “Data-driven Innovation for Growth and Well-being” (OECD, 2014), the OECD maintains that “data
ownership and control [of data]” is fundamental to ensure that the data-driven economy (DDI) is granted
sufficient and effective resources – data, in this case -, adding that governments and public agencies
should promote better access and free flow of data across the economy as a whole and not only over
the public sector.
Nonetheless, ownership is also seen as a “questionable appellation when it comes to data and personal
data in particular”2. Indeed, in case of “personal data” the concept of data ownership data “is even less
practical since privacy regimes grant certain explicit control rights to the data subject, as for example
specified by the Individual Participation Principle of the OECD (2013e) Guidelines Governing the
Protection of Privacy and Transborder Flows of Personal Data. The concept of data ownerships requires
therefore a careful usage (see 2.3.1 below for further analysis on this point).
2.2 Policy Context
In Europe, the European Commission has outlined the main features of the data-driven economy in the
Communication “Towards a thriving data-driven economy” (COM(2014) 442 final) in July 2014, following
the European Council’s conclusions of October 2013, which focused on the digital economy innovation
and services as drivers for growth and jobs3. Data ownership is quoted as one of the relevant aspects
that need to be considered to ensure a successful deployment of data-driven innovation and develop
an appropriate and supportive regulatory framework. Within this framework, data-related issues such as
data ownership and the liability of data provision is to be part and parcel of the Commission’s action
plan to bring about the data-driven economy of the future. More recently, in presenting the creation of a
Digital Single Market (DSM) as one of its key priorities4, the Commission has indicated that data is often
1 Responsible Conduct of Research (RCR) website at Northern Illinois University. 2014,
https://ori.hhs.gov/education/products/n_illinois_u/datamanagement/dotopic.html 2 OECD (2015), Data-Driven Innovation: Big Data for Growth and Well-Being, OECD Publishing, Paris. http://dx.doi.org/10.1787/9789264229358-en 3 Communication from the Commission to the European Parliament, the Council, the European economic and
social committee and the Committee of the Regions: “Towards a thriving data-driven economy”, COM(2014) 442 final, European Commission, July 2014
4 Communication from the Commission to the European Parliament, the Council, the European economic and social committee and the Committee of the Regions: “A Digital Single Market Strategy for Europe”, COM(2015) 192 final, European Commission, May 2015
11
considered “a catalyst for economic growth, innovation and digitalization” and that a fragmented market
hinders the development of data-related technologies (such as Big Data, Cloud Computing and IoT),
thus limiting the growth potential of the digital economy in Europe. For this reason, the Commission will
propose in 2016 a European “Free flow of data” initiative to encourage the free movement of data within
the EU. Among other things, this initiative will address the emerging issues of data ownership,
interoperability, usability and access to data in situations such as business-to-business, business-to-
consumers, machine generated and machine-to-machine data. (COM(2015) 192 final).
2.3 Emerging Critical Issues
Data availability and the extent to which data is flowing across sectors and organizations play a
fundamental role in sustaining and developing the emergence of a European data-driven economy. In
defining and specifying the rights to create, edit, modify share and restrict access to the data, data
ownership becomes a pivotal factor affecting the number of potential data users and the increasing
range of data-related activities.
The concept of data ownership, however, does not come without challenges as it involves a
considerable amount of stakeholders and parties, with different roles and interests. Consequently, when
dealing with the notion of data ownership several issues need to be take into consideration. Those that
we have considered in this document are.
Who owns the data? How to identify data owners.
What contractual arrangement would best serve the interests of all the different data stakeholders
involved in data transactions?
Which business models could be embraced by companies and organizations owning data and
seeking new revenue opportunities from them?
How can the value of data be determined and what tools do organizations use to price them?
Is the potential concentration of data ownership, and restriction of data access, a potential source
of market distortion? And, if yes, in which form?
2.3.1 Identifying Data Owners
As anticipated in 2.1 above5, the identification of data owners in concrete market situations is far from
being an easy task. Several authors6 point out that data management entails a number of complex
assignments of different rights across different data stakeholders, with several stakeholders having
diverse degrees of power depending on their role. In the case of patient data, for example, all the
involved stakeholders (patient, doctor and programmer of the supporting technology) “have a unique set
of privileges that do not line up exactly with ay traditional notion of “ownership”. Ironically, it is neither
the patient nor the doctor who is closest to “owning” the data, but the application developer, whose
application will have the largest control over the data”. On the other hand, the notion of data ownership
is not exactly suited to serve “personal (that is, highly sensitive, individual) data”7. In this case, the
situation is more complex as privacy regimes typically tend to strengthen the control rights of the
individuals, which own their own data but cannot trade their rights (sell them, for instance). But, again,
the boundary between “personal” or highly sensitive data and “other data” may not be so clear. For
example, when someone plays a video game, the video camera may be on and have the capability to
5 OECD (2015), Data-Driven Innovation: Big Data for Growth and Well-Being, OECD Publishing, Paris. http://dx.doi.org/10.1787/9789264229358-en 6 Loshin (2002) in “Data-Driven Innovation for Growth and Well-Being: Interim Synthesis Report”, OECD 2014;
Trotter (2012) 7 Trotter (2012)
12
constantly watch the player’s emotions and reactions. If a video record of this was created, who owns
that video data? Or even bigger, who owns the player playtime?
A similar situation can be observed with data generated by the Internet of Things (IoT) technologies,
whose benefits are based on multiple connected devices being able to capture, transfer, analyse, report
and act on an enormous amount of data. The value of this data resides precisely in their aggregation –
only when aggregated IoT-generated data provide additional value but who owns them? A number of
players may be involved in the journey of the data (e.g. the user, hardware manufacturer, app developer,
provider of database architecture and the purchaser of data). Identifying who in that chain owns the
aggregation of the data will, therefore, be crucial in determining who has the economic rights to the
aggregation8.
2.3.2 Contractual Arrangements and Business Models
The vast majority of European businesses and other organizations that need to protect the ownership
of their data tend to resort to the existing intellectual property rights’ (IPR) regime or the current database
rights’ system in use within the European Union. At the time of writing, these regimes appear to offer a
satisfactory level of protection helping European businesses to effectively exchange, use and reuse
data in full confidentiality.
As a result, EU organizations do not seem at a great disadvantage compared to the rest of the world
and do not exert significant pressure to obtain data-specific contractual arrangements or other forms of
regulatory regimes specifically oriented to data ownership. It is interesting, however, to analyze to what
extent the contractual arrangements currently in use among European businesses and other
organizations may correspond or fit to the emerging business models that are constantly being crafted
by the rapidly evolving data market in Europe.
Literature covering the contractual arrangements between organizations exchanging data, and their
underlying regulatory framework, is still few and far between.
According to the Boston Consulting Group (BCG)9 companies that commercialize data for business
purposes can form partnerships with other companies, develop fully-fledged contractual relationships or
going it alone, i.e. doing everything “in-house”. Evidence so far reveals that companies with a great deal
of existing data tend to capitalize on them and prefer going it alone by building their own entity and
commercialize data directly – this is typical in finance and telecommunications – two industries that
produce and own vast amount of data.
Other data-rich industries, such as the IT-sector and the retail, may enter ad-hoc partnerships with data-
analytics companies and build a joint venture.
8 “Who owns the Data in the Internet of Things?, www.united-kingdom.taylorwessing.com, February 2014 9 Seven Ways to Profit from Big Data as a Business”, by James Platt, Robert Souza, Enrique Checa and Ravi
Chabaldas; The Boston Consulting Group, March 2014
13
Figure 1 Different Forms of Data-Related Business
All in all, however, surveys conducted by the BCG10 in 2013 and 2014 show that the vast majority of
data exchange occurs in the form of commercialization of data from the organizations creating and
owning the data to the organizations that want to use these data (i.e.: “In-house”; see the “Big-Data
commercialization” element outlined at the right hand side of Figure 1 above). In most cases, this
happens through service platforms belonging directly to data owners with little concern about the
contractual arrangements between the two parties (data creator/owner and service platforms, since the
latter are placed in-house). In other cases (left-hand side and centre above), external partners are
involved with the ensuing need to manage data ownership through appropriate contracts provisions.
Empirical evidence from IDC, though, seem to confirm that these two latter cases are still the minority
in Europe.
This “data-business” presented above can take the form of several profit patterns, or business models,
and include a mix of business-to-business, as well as business-to-consumer offerings. In a recent study,
the Boston Consulting Group (BCG)11 has identified seven profit patterns from data trading and
exchange: three of these options differ in terms of how the product or service is delivered – i.e.: from
customized to mass market – and four very in terms of the duration of the relationship with the customer
– i.e. from short-term to long-term. The BCG, as well as existing empirical evidence from IDC analysts,
suggest that the most widespread options are the service bundle model in terms of the degree of
specialization of the product/service delivery and the subscription model in terms of duration of the
relationship among stakeholders: the former is characterized by several offerings being combined into
a single one. In this case, data are exchanged or traded within the framework of a wider offering and it
becomes arduous to isolate their price and the revenue that they generate. For instance, a utility can
combine gas and electricity delivery with an additional monitoring service based on gas and electricity
delivery data. This price of this additional service is bundled with the primary activity of the utility
company (delivery of gas and electricity) and it is not easy to isolate. The latter is the case where a
customer pays a periodic fee for unlimited access to a service over a set period. Within the framework
10 Seven Ways to Profit from Big Data as a Business”, ibidem 11 “Seven Ways to Profit from Big Data as a Business”, by James Platt, Robert Souza, Enrique Checa and Ravi
Chabaldas; The Boston Consulting Group, March 2014
14
of this service, the customer can receive a data-based service such as, for example, the case of an
insurance company receiving anonymized information on patient outcomes from a healthcare company
for a subscription fee. At the moment, as pointed out by our expert interviews and confirmed by our real-
life case studies, there does not seem to be wide dissatisfaction with the main contractual arrangements
in use in Europe, as these can successfully regulate the above mentioned business models. The
situation is rapidly evolving, though, bringing with it new and even more innovative business models
(IoT based, for example) for which the existing contractual arrangements may not be fully appropriate.
2.3.3 Data Value and Pricing
Data pricing is a difficult exercise since the value of data may not follow market-based rules and
converge, more or less naturally, towards the point where demand and offer meet. In fact, data
monetization (i.e. the process by which data producers, data aggregators and data consumers
exchange, sell or trade data and establish a possible monetary value to this data) depends on a
multitude of factors, often subjective ones, such as the perceived worth and utility of the data, their
source, their accuracy, but also the incentives (which may vary considerably by type of data stakeholder)
in exchanging the data.
As recently pointed out by the OECD12, pricing data is a particularly complex exercise “due to the fact
that data have no intrinsic value, as the value depends on the context of their use”. In particular, the
data accuracy and timeliness seem to influence the value of data. “The more relevant and accurate data
are for the particular context in which they are used, the more useful and thus valuable data will be. This
of course implies that the value of data can perish over time, depreciating as they become less relevant
for their intended use. There is thus a temporal premium that is motivated by the “real-time” supply of
data, for example in the financial sector. Indeed, some economic experiments and surveys the United
States indicate that individuals are willing to reveal their social security numbers for USD 240 on
average, while the same data sets can be obtained for less than USD 10 from private data brokers and
data marketplaces. 13
Evidence gathered so far by IDC in Europe’s business-to-business environment, however, tends to
highlight the prominence of the bundling model when exchanging and trading data – data-based
services are bundled with other services and priced accordingly. As an example, SWIFT, the Belgian
headquartered organization enabling financial institutions to make financial transactions in a secure,
standardized and reliable environment, has founded SWIFT Ref14, a payment reference data utility,
which sources data directly from banks and offers other companies data-based services aiming at
minimizing payment delays, reduce financial risks, and improve regulatory compliance. These services
are provided in packaged offers often including additional non-data-based services, hence the difficulty
to isolate the “value” of data and define the mechanism adopted to price them.
2.3.4 Data Ownership and Market Efficiency
The way data ownership (and its corollary of data access) is managed and regulated can directly affect
the functioning of the data market. In fact, the approach of granting and distributing legal rights and
control over data among the different data stakeholders could lead to situations of information
asymmetry, with the ensuing risk of possible market distortions. Companies and organizations having a
huge concentration of data and high degree of control over it, could easily exploit their advantage
commercially and abuse their dominant market position. At times, when data stakeholders are able to
12 OECD (2015), Data-Driven Innovation: Big Data for Growth and Well-Being, OECD Publishing, Paris. http://dx.doi.org/10.1787/9789264229358-en 13 Data-Driven Innovation for Growth and Well-Being: Interim Synthesis Report”, OECD 2014 14 https://swiftref.swift.com/about-swiftref
15
capture the rights and control over a very large share of data, market competition could be severely hit,
with the data market turning itself into a “winner-takes-all-market”.
As illustrated below, in our case studies we found no significant evidence of relevant information
asymmetry enabling market abuse because of data ownership/ access control issues. Indeed, there is
evidence of information asymmetry among stakeholders, but the consequences on the market appear
to be limited (at least currently) and it is unclear how they will evolve in future.
On the other hand, digital innovation does tend to create cases of "winner takes all" markets. For
example, booking.com the Dutch-born (now U.S.-incorporated) online accommodation booking website
musters the vast majority of room night reservations in Europe and therefore has considerable market
power over hotels and hospitality companies who cannot afford to be excluded from its platform. Booking
com is in a position to impose a best price obligation to the hotels under its contract.
Although this obligation is favorable for consumers, the practical effect is a competitive advantage for
Booking.com against other platforms and loss of freedom in the pricing policy of the hotels. Such data-
related best price practices are starting to be challenged by antitrust authorities in Europe and
elsewhere. For instance, in April 2015, the German Federal Cartel Office (Bundeskarellamt) issued a
statement of obligations to booking.com regarding its best price clauses and a parallel proceeding was
initiated against booking.com HRS a few months earlier (Booking.com and best price clauses under fire
again in Germany, April, 2015). From this example we may infer that being the only owner and gate-
keeper of valuable datasets is a necessary, but not sufficient condition for market abuse and unfair
competition.
16
3 Data Ownership in Practice: Select Case Studies
Data ownership as defined above, together with its associated issues, may delay the deployment of an
efficient Digital Single Market and, ultimately, slow down the creation of a successful European data-
driven economy. This paragraph presents the main hypotheses that need to be tested to verify the
effects of data ownership and access to data practices on the functioning of the data market and includes
an initial selection of real-life case studies illustrating this functioning in several sectors of today’s
European data economy.
3.1 Investigating Data Ownership
In our case studies we have investigated a number of research hypotheses in order to analyse the main
issues correlated with data ownership emerging from current practices. In this document, we have drawn
a number of hypotheses to test the effects exerted on the data market by insufficient or inappropriate
data ownership management’s practices.
First, we have assumed that different stakeholders will choose different types of contractual
arrangements. We wanted to investigate if the contractual arrangements currently used in Europe
for data ownership (IPR and database rights) are broadly satisfactory for stakeholders or if there is
an emerging need for new types of contracts.
Second, we have explored the existence of mechanisms put in place to assign a value to the
exchanged data. Have European businesses so far created tools for pricing data? Have they agreed
on some shared criteria and is there a consensus on how to evaluate data in Europe?
Third, we have explored the role that certain data ownership management choices could play in
backing or hindering the strength of European organizations and, ultimately, the role that they could
have in ensuring or disrupting the overall market efficiency. We have also examined whether
asymmetrical data ownership, and control of data access, could end into situations of abuse of
dominant position by some market actors.
The real-life examples presented in this document illustrate how different European stakeholders and
organizations in several industry sectors have tackled the issues related to data ownership, data access,
data use and re-use. To ensure a common analytical framework, the case studies are structured in three
main sections as follows:
Background information and data usage: this section describes the type of data-driven
innovation and the relationship between the relevant stakeholders;
Data Ownership and Contractual Agreements: this part describes the contractual
relationship between the stakeholders and how they deal with data ownership issues;
Potential Impacts on the Market: this paragraph draws some conclusions on the business
models exemplified by the case study and their data management patterns, analyzing
implications for the overall market efficiency.
3.1.1 Manufacturing and the Case of SAP Industrial Machinery and Components
3.1.1.1. Background Information and Data Usage
In the manufacturing industry, the role of ICT vendors and other ICT enablers in today’s data economy
can take two major forms:
The one-to-one facilitator: In this first form, the ICT vendor provides software and other technology
(often industry-specific and customized solutions) to an OEM (Original Equipment Manufacturer),
who, in turns, ships its equipment to its customers (usually another manufacturer) and collects
feedback through the equipment in the form of data. Data therefore proceed from customers to the
17
OEM, with the ICT vendor acting as a sheer technology provider. Under this form, the ownership of
data is regulated by a specific contractual agreement between the OEM and its customers, with the
OEM usually maintaining the ownership of most of the data that are part of the transaction.
The Cloud-platform technology provider: In this second form, the ICT vendor runs the technology
that is necessary to operate an open industrial cloud platform supporting the data transaction for
several industry players. The cloud platform enables a standardized device connectivity among
multiple actors and serves as a reliable data ecosystem for OEMs, their customers and other third-
party devices within and outside the customers’ plant. This second form is becoming more and more
popular with the increasing adoption of the IoT (internet of Things) into industrial production
processes and the vast amount of data generated through the interaction of highly heterogeneous
machine and plant environments.
A graphic representation of the one-to-one facilitator scenario is offered in the figure below:
Figure 2 One-to-One Facilitator Scenario in the Manufacturing Industry
Source: IDC, 2015
An even more complex situation is represented by the second form of ICT vendor involvement – the
cloud technology provider. In this case, several OEM’s customers (i.e.: other manufacturers, plants,
factories), as well as a number of OEMs, would exchange data over the same industrial cloud platform.
For instance, Siemens – Europe’s largest multinational engineering conglomerate - has recently
launched an open cloud platform for its industrial customers that runs the SAP HANA Cloud Platform
(HPC) – SAP’s open cloud platform for IoT, based on the in-memory database SAP HANA. Siemens
Cloud for Industry15 – the name of the this open cloud - offers a comprehensive data hosting platform
where data from several Siemens’ customers (and among them several potential competitors) are
collected, transmitted, stored and subsequently used by Siemens to provide a series of cloud-based
industry apps offering a wide range of services such as the optimization of asset performance, the
improvement of energy and resource consumption, the remote control of maintenance systems, etc.
A similar example of large-scale cloud-based data sharing from a multitude of different organizations
(potentially in competition with one another) is offered by Ariba16 – an SAP-acquired ICT services
company specialized in internet-based procurement processes. The company manages a cloud
15 See: https://www.industry.siemens.com/services/global/en/portfolio/plant-data-services/cloud-for-
industry/Documents/Onepager_Cloud-for-Industry_E10001-T430-A349-X-7600.pdf; And: http://www.industry.siemens.com/services/global/en/portfolio/plant-data-services/cloud-for-
industry/pages/default.aspx 16 http://www.ariba.com/ and https://en.wikipedia.org/wiki/Ariba
18
platform that provides services facilitating commerce between a wide range of buyers and users. To do
so, Ariba collects and stores in the cloud a large amount of data from its customers both in the form of
standard “personal information” (i.e. data allowing to identify the customer to Ariba and other trad ing
partners such as the company name, address, identification number, contact details, etc.), as well as in
the form of “transaction data” (i.e. data more sensitive in nature that are provided by the customer to
execute the procurement transaction, for example: data about the products/services that are part of the
transaction, their quantity or units, their price or other value, etc.). The latter may disclose vital
commercial details about a company’s products, services and market strategies. The cloud platform–
provider technology mode can be portrayed as follows:
Figure 3 The Cloud Provider Scenario in the Manufacturing Industry
Source: IDC, 2015
3.1.1.2. Data Ownership and Contractual Agreements
In both cases above, the ICT vendor plays the role of a technology broker and does not actively intervene
in the debate over the ownership of data. In the facilitator case, the data exchange occurs between the
OEM and its customers (mainly other manufactures with their plants and factories) and is regulated by
bilateral contractual agreements between the parties. These agreements do not come in standard
formats but offer different levels of data transferability and data access according to the sensitiveness
of the data forming part of the exchange.
For instance, data obtained by the OEM through process manufacturing equipment can reveal
fundamental features of the OEM’s customers’ final products. In this case, OEM’s customers will engage
in complex negotiations with OEMs in order to limit the amount of data exchanged and maintain the
data’s intellectual property rights (IPRs).
Similarly, in the case of the of the cloud-platform provider, despite the amplified complication of having
multiple players, the situation can be efficiently regulated through mutual contractual agreements
presiding over the exchange of data between the OEMs and the ICT vendor on the one end, and the
ICT vendor and the OEM’s customers on the other end. In the cloud-platform provider set-up, the ICT
vendor’s absolute neutrality and reliability vis-à-vis the access and ownership of data is fundamental to
ensure a viable mechanism. In fact, both Siemens and SAP act as sheer “data custodians”, i.e.: they do
not acquire the ownership of the data that they treat, they do not have unlimited access to them and,
most importantly, they cannot perform any data mining activities that would reveal commercially-
exploitable information about the organizations using the cloud platform, which often compete in the
same market. Likewise all the organizations recurring to Ariba’s services need to subscribe a privacy
statement where they agree to submit potentially sensitive information to allow Ariba to deliver the
required services; in exchange, Ariba commits to use customers’ transaction data as confidential
19
information, renounce to retain primary control over the data transmitted by the customers and accepts
to grant options to customers as to which data to exclude from the transaction, if so requested. A
comprehensive privacy statement17 (that is a bilateral contractual agreement between Ariba and its
customers) regulates the matter in detail and ensures the ICT vendor’s neutrality and the safeguard of
the customers’ commercially sensitive data.
3.1.1.3. Potential Impacts on the Market
This case study illustrates how the interactions between OEMs of industrial machinery and
manufacturers are changing thanks to the increasing role that played by data-driven innovation. A
number of ICT vendors are rapidly entering the industrial market of data and are starting to offer cloud-
based platforms such as those described above. Some of these players are proposing free offerings in
exchange of a total control of the acquired data and enhanced analysis capabilities, differently from the
case described above (this is for example the case of Google). It is probably too early now to determine
which value proposition the market will prefer over the next few years. In the future, we may be
confronted with two distinct business models with two parallel cloud-based data platforms: the “pay-for-
it” platform with enhanced data privacy levels and retained control over data and intellectual property
rights and the free platform run by ICT players having virtual unlimited access and use of the exchanged
data. In the first case, there is probably less risk that any individual player will acquire too much power
over the others, because the business relationships are based on negotiations; in the second case
instead the stakeholder owning the platform and the data might acquire potentially an excessive market
power over the other actors. A critical guarantee for the actors in the second case could be avoiding
customer lock-in situations and insuring the possibility to migrate to other platforms when so desired.
3.1.2 Banking and Finance and the Case of BBVA Data & Analytics
3.1.2.1. Background Information and Data Usage
The banking sector is well-known for its heavy reliance on data and data-related technologies. Banks in
particular have worked hard over the past few years and have been able to accumulate vast amounts
of data and use them to improve their operational efficiency, their customer experience and their risk
management and compliance practices. Yet, recent developments in the sector demonstrate that data
can be collected, stored and used not only to obtain benefits for the banking institutions themselves, but
can be exchanged outside these institutions, indeed beyond the banking and finance industry, to
generate benefits in other sectors. The case of BBVA Data & Analytics provides a good example in this
respect.
Founded in 2014 and headquartered in Madrid, BBVA Data & Analytics is an evolution of the Spanish
bank BBVA’s original internal Business Intelligence department. It subsequently evolved into an
independent company providing third-party organizations outside the bank with competitive and
sustained advantage through data generated and collected by the bank. The move towards an
independent company was sparked by a twofold need:
Extend the support to the mother bank by opening up new revenue streams through the use of
existing data within the context of an ever fast digital transformation of the economy;
Provide additional and extended, profitable, data-based services that a bank per se is not allowed
to deliver under the current Spanish legislation.
BBVA Data & Analytics’ main activities can be summarized along the three following lines:
17 Ariba Data Policy and Privacy Statement http://www.sap.com/corporate-en/about/our-
company/policies/ariba/data-policy.html; http://www.ariba.com/assets/uploads/documents/Legal/2015-08-25/Ariba_Data_Policy_2015Aug25_enGLOBAL.pdf
20
Firstly, the company leverages BBVA’s data (mainly anonymized and aggregated credit card’s data
of the bank customers) to create intelligence tools for retailers and helping them to improve their
performances such as benchmarking and profiling their own customers vis-à-vis those of other
competitors;
Secondly, BBVA’s customers data (again, appropriately treated to ensure their anonymity) are used
to produce analytics solutions, which are specifically designed for the tourism industry. This is the
case in Mexico, for instance, where BBVA signed a contract with the Mexican Ministry of Tourism
to provide aggregated transactional data on tourists’ preferences and help local authorities to
implement appropriate development policies.
Thirdly, BBVA Data & Analytics has recently made available vast sets of anonymized and
aggregated data (on BBVA customers’ debit/credit card payments, ATMs’ withdrawals or other
financial transactions) through a set of open APIs18 (Application Programming Interfaces). These
sets of data can be accessed by anyone may be interested and, thanks to the open APIs, can be
used, re-aggregated and re-combined to produce additional value-add in different sectors and new
models not yet explored.
BBVA Data & Analytics lines of business can be represented as follows:
Figure 4 BBVA, BBVA Data & Analytics and its lines of businesses
Source: IDC, 2015
The latter line of business is particularly innovative: data sets are not treated and customized for a
precise sector or a specific purpose, and no industry-specific data-based tool or customized solution is
accompanied to these data sets. Anyone can access the data thanks to the open APIs and can leverage
the data to test new, creative fashions of data use and re-use.
Needless to say, this open model of data access, data use and data re-use poses a series of
unprecedented issues:
In terms of competition: BBVA Data & Analytics had to apply enhanced security, filtering and
anonymization procedures to make sure that the accessed sets of data would not endanger the
bank’s competitive positions vis-à-vis other banking institutions (especially, if the data were to be
accessed by other, competing banks).
18 In computer programming, an application programming interface (API) is a set of routines, protocols, and tools
for building software applications. An API expresses a software component in terms of its operations, inputs,
outputs, and underlying types and makes it easier to access databases or computer hardware, such as hard disk
drives or video cards, and ease the work of programmers in creating add-on applications.
21
In terms of business model: BBVA Data & Analytics is currently offering access to the data set free
of charge but it is planning to introduce a premium service offering data sets at different levels of
aggregation in exchange for monthly fees;
In terms of regulation: BBVA’s legal department has been very active in researching all possible
implications of this new open model of data exchange but has not come to a clear, uniform position.
Many doubts remain as to the legal consequences of this model and, as a result, the actual
applications remain limited.
3.1.2.2. Data Ownership and Contractual Agreements
Among these concerns, the issue of data ownership plays a prominent role. In this respect, and in
accordance with the prevailing custom, BBVA’s legal services have adopted the following stance:
Single transactional data referring to the banking and financial operations conducted by identifiable
individuals belong to these individuals;
Aggregated and anonymized data belong to the organization that has carried out the aggregation
and anonymization processes (i.e.: the bank). In other words, these activities have generated IPRs
and created a property right for the bank.
The dissociation process between the identifiable individual conducting a (financial) transaction
generating data and the transaction itself is the key to assign the property of the generated data. For
these reasons, and according to the European and the Spanish data privacy regulation, BBVA lets its
customers sign a disclaimer giving permission to use and re-use their data, appropriately aggregated
and anonymized. Interestingly, only a scanty customer’s minority refuses to sign this disclaimer,
provided that the bank clarifies that their data will be used anonymously and that will not be transferred
to third parties for marketing, sales and advertising purposes. As for the relationship between BBVA
Data & Analytics and third party organizations using or acquiring otherwise the anonymized and
aggregated sets of data, no issue of data ownership is to be reported as third parties organizations
receives only statistical results which have been preliminary aggregated and anonymized.
The company has certainly created an innovative data-based service, which is not (only) addressed to
its main constituents (the “mother” bank) or to industry-specific organizations and needs. This
constitutes in principle a very promising business model and, in order to reap all the benefits of this
innovative way of sharing and re-using data, the existing legal framework needs to be revisited and
made it clearer. The proposed General Data Protection Regulation and the upcoming Free Flow of Data
initiative represent a step forward in this respect but a clearer guidance and framework of what is allowed
and what is forbidden when transferring and accessing data is necessary. Single and ad-hoc instances
of legal assistance should be set up at EU level to allow the legal departments of the organizations
involved in the data transfer, as well as national authorities and national courts, to receive qualified
assistance if we want to develop and push forward this encouraging line of business.
Clarity should also be ensured to shape the proper business conditions underlying and permitting this
open model of data access. BBVA Data & Analytics is already thinking of introducing a premium model
imposing some sort of fees to access the data and, in the long run, this is seen as more and more
necessary it this service is to be kept sustainable over the years. To do so, however, and to make sure
that third parties are willing to pay a premium to acquire data, a clear return from data sharing should
be established.
3.1.2.3. Potential Impacts on the Market
At the time of writing, this model of accessing and sharing data does not seem to create significant
market distortions and potential “winner-takes-all” market situations, at least according to the BBVA.
Although one of the largest banks in Spain, BBVA’s market share is far from constituting a monopoly
and the same type of business could still be developed by another company offering similar business
intelligence services from other banking institutions to third-party organizations.
22
A different situation could arise if all banks in a given country put their datasets in common, allowing
data sharing and analytics. This would yield benefits in terms of the quality of analytics, but the player
running this platform could play a "winner takes all“ role, or the banks could act together as a cartel
preventing competition from other data players. The potential risks and consequences of this situation
would have to be carefully examined and monitored by antitrust and data protection authorities.
3.1.3 Social Media and the ICT Sector
3.1.3.1. Background Information and Data Usage
Social networks are probably the fastest growing area of data production, with daily choices and
preference of users being gathered at an unprecedented rate and scale and being used to radically
improve targeted advertising. One of the peculiarity of this sector is that the main players, such as
Facebook and Twitter, have adopted a “platform” approach that deliberately encourages third parties to
build apps and services on top of their data through API. All social networks have an open API that
allows anyone, after accepting the terms of use, to access some portion of the data for free. In this
sense, social networks are typically far more open than any other company.
Figure 5 Social Networks and Users’ Relationships – The Platform Approach
Source: IDC, 2015
There can be very different level of access to the social network data. Some companies, such as Gnip
and Datasift have gained (paid) access to the full historical dataset (the so-called “firehose”). All
companies can access for free the open API with limited dataset; some social network provide paid
“premium” API in terms of quantity of data available. These data and API are used to deliver more user-
friendly and comprehensive data analysis to the final users; and to enable users to manage their social
media presence across multiple social networks, by posting and monitoring replies. The data flow goes
in two directions: for analytics, from the social network to the user; for the social media posting, from the
user to the social networks.
Many startups are building services on top of these API, such as tools that allow anyone to monitor the
performance of social media campaigns and to manage the multiple presence on social media through
a single interface. One EU successful example is Engagor, founded in Gent and recently bought by US-
based Clarabridge. Engagor acts as an intermediary between social networks and the user. It provides
23
social media analytics to monitor campaigns, and it allows users to manage multiple profiles on the
same networks.
Figure 6 Example of Engagor’s Analytics Tool
3.1.3.2. Data Ownership and Contractual Agreements
In the relationship between social network-platform-user there is no change in “data ownership”. Data
always remain owned by the platform, and third parties simply can use and access it, and build services
on top. Social networks normally do not receive any payments for the usage of such data: their benefit
lies in the growth of the user base thanks to the convenience of the services. On the other hand, social
media management companies charge clients for these reporting activities. There are no contractual
agreements but simple acceptance of a set of rules. In fact, Engagor uses free API of social networks
to provide its data analytics services. As such, there is no problem in accessing data, indeed the very
existence of social networks has provided their business opportunity.
Data access remains the single most important strategic challenge for Engagor in the medium term. The
competitive advantage of their offer lies in their capacity to cover all relevant data. While social networks
are generally open, they change continuously their API strategy. The openness is not a goal but a
strategic instrument to gain usage and foothold as a platform, in particular at an early stage. The
availability and policies of the open API continuously change and startups have to be alert on those
changes not to be taken off the market. In fact, a large part of the business is to monitor and as far as
possible anticipate the choices of the networks, and deliver solutions that are resilient in cases of policy
change.
In some cases, vertical integration leads to lower data availability. For instance, Datasift and Gnip are
two companies that acted as “resellers” of the full Twitter data source (the firehose). In April 2015, in the
wake of its acquisition of Gnip, Twitter ended the partnership with Datasift which no longer had access
to the full data. The words of Datasift explain well their perspective: “Twitter has seriously damaged the
ecosystem this week. 80% of our customers use technology that can’t be replaced by Twitter. At the
end of the day, Twitter is providing data licensing, not processing data to enable analysis. […] Twitter
also demonstrated that it doesn’t understand the basic rules of this market: social networks make money
from engagement and advertising. Revenue from data should be a secondary concern to distribution
and it should occur only in a privacy-safe way. Better understanding of their audience means more
engagement and more ad spend from brands. More noise = less ad spend.” 19 Or in the other way, as
19 http://blog.datasift.com/2015/04/11/twitter-ends-its-partnership-with-datasift-firehose-access-expires-on-
august-13-2015/ . Incidentally, Gnip is a US-based company while
24
Gnip puts it: “The acquisition of Gnip was the first step toward developing more direct relationships [by
Twitter] with data customers.”20
In the aftermath of this event, Datasift established a partnership with Facebook to provide new value-
added services, such as aggregated data about profiles of readers of personal posts. Previously,
Facebook had a public API for profiles of readership of public posts, but it was little used because of the
low diffusion of public posts. Nevertheless, Engagor is well aware that a) social networks are fully entitled
to change their policies and that b) as a result of these changes, many startups have been put out of
business in the past. Engagor is one of the remaining four or five large global players, from the more
than 100 of three years ago. Twitter in particular, in view of their unsatisfactory financial results, is
expected to seek new sources of revenues by pursuing greater vertical integration, as in the case of
Gnip. Survival for startups reusing social networks data depends therefore on the capacity to anticipate
change.
3.1.3.3. Potential Impacts on the Market
The domain of social data is probably the one where data re-use is more widespread, through the social
platform approach and the use of API. In fact, the use of API for free is a key factor to enable win-win
relationships between social networks and third parties, where access to data is guaranteed (but data
is not traded for commercial value). This situation is positive for the EU and is allowing the growth of
many start-ups and innovative companies. However, there is a risk that the willingness of social
networks to allow free access to their data will change and (as Linked.in is doing) they will start posing
barriers to access and requiring at best compensation for data. In front of this situation start-ups and
innovative data intermediaries are essentially powerless. This market situation should be carefully
monitored by the EC since major social network platforms are all US-owned and this may create a
disadvantage for the EU industry.
3.1.4 Business Intelligence & Analytics and the Case of Blue Yonder
3.1.4.1. Background Information and Data Usage
Together with technology and applied science, blue-sky research is another area where enormous
amounts of data are produced, collected and analyzed. Not surprisingly, fundamental research features
among the earliest sectors recognizing the immense value represented by the possession of data – a
value that can be applied in a wide array of sectors and that can be leveraged to generate profit in
virtually all industries across the economy.
Blue Yonder embodies this link between basic research and data-related business-oriented
applications. Founded in 2008 by a particle physicist of the University of Karlsruhe, the company
specializes in software for predictive analytics and provides forecasting and data pattern recognition’s
solutions to gain unprecedented insights from data. These data are obtained by Blue Yonder either
directly from its own customers or from external sources.
In the first case, Blue Yonder performs its forecasting and data pattern recognition activities out of
data, which are provided straight from its customers. These data – coming from Blue Yonder
customer’s own solutions and business management applications such as Enterprise Resource
Planning (ERM), Customer Relationship Management (CRM), and Supply Chain Management
(CSM) solutions – are not aggregated or otherwise treated by Blue Yonder and are physically
exchanged through one or more API(s) – Application Programming Interface.
Alternatively, or in addition to its own customers’ data, Blue Yonder may acquire data from different
external sources. This is the case of data on geo-localization, weather conditions and weather
forecast, competitive prices, public holidays and school vacations, etc. which are often combined
20 https://blog.gnip.com/twitter-data-ecosystem/
25
with Blue Yonder’s customers data to enhance the forecasting potential and improve the company’s
overall products and services.
A graphic representation of Blue Yonder’s data-acquisition activities could resemble the following
picture:
Figure 7 Blue Yonder’s, Data Aggregators and Customers’ Relationships
Source: IDC, 2015
3.1.4.2. Data Ownership and Contractual Agreements
In terms of ownership, in the first of the two cases presented above, data remain of the exclusive
ownership of Blue Yonder’s customers as they are not being aggregated or otherwise treated. In the
second case, the exchanged data are most of the times open data. As a consequence, the issue of data
ownership becomes of little relevance. However, even when technically open, Blue Yonder often buys
data from third-party data aggregators in order to reduce the marginal cost of acquiring the appropriate
data and simplify the whole process underpinning data search and procurement (speed up the timing,
reduce the administrative burden, decrease the probability of incurring in material errors, etc.). Data
ownership, in this case, is regulated by a contract between Blue Yonder and the data aggregator and,
unless differently agreed, rests with the latter.
The existing contractual agreements and other forms of terms and conditions already in place (for
example: various types of disclaimers and conditions to be “ticked” and approved on the web) have so
far proven to be largely sufficient to ensure Blue Yonder the right to access its customers’ data, as well
as to obtain additional data from external sources.
It is also fair to notice, though, that Blue Yonder has built its successful business model on non-personal,
transaction data, thus on data that have been aggregated and anonymized and that can no longer be
referred to identifiable individuals. This is all the more necessary so to avoid the strict set of rules
surrounding the concepts of data protection and data privacy currently existing in Europe. Going forward,
it would be beneficial for European businesses to ease the way and the right to access and treat data
in general and personal data in particular. This is especially true for SMEs and micro-businesses (i.e:
the great bulk of innovative companies in Europe), which often lack the resources to fully comply with
all the regulatory and administrative procedures accompanying the actions of data acquisition, use and
re-use. In this respect, the European Commission could play a fundamental and decisive role in
promoting the adoption of standardized terms and conditions to be applied when trading and exchanging
data across different organizations within the European Union. Given the multinational and global nature
of data trading and exchange, bilateral agreements between the EU and other third countries, as well
26
as the adoption of EU-Third Party standardized terms and conditions could also simplify and encourage
the use and diffusion of data-related activities among European organizations.
If the regulatory framework underneath the acquisition of customer data or external data by Blue Yonder
is relatively clear – i.e.: a contractual agreement with Blue Yonder’s customers and a purchase contract
with third-party data aggregators - the mechanism establishing the price and the value of the data
acquired by Blue Yonder is less straightforward. Blue Yonder assesses the value of the data in its
possession according to two main factors:
The total cost incurred in purchasing the data from external sources;
The total cost incurred in accessing the data from external sources.
The purchasing price is obviously the main component of the first factor, to which supplementary
transaction costs may need to be added (.e.g.: the cost of finding and selecting the most appropriate
data aggregators, the costs of data aggregation and anonymization, etc.). In contrast, the quality of the
aggregators’ APIs and the technical ease with which Blue Yonder can access the aggregators’ data
constitutes the key element of the second factor.
The overall value of Blue Yonder’s data is further affected by at least two additional constituents:
First, data’s intrinsic “predictive power”, i.e. the capability that data have to improve the quality
of Blue Yonder’s predictions, forecasting and data pattern recognition solutions;
Second, the anticipated business impact that better-quality prediction capabilities can ultimately
exert on Blue Yonder’s customers – i.e. the effects that Blue Yonder’s augmented solutions
have on its customers’ key performance indicators such as the overall turnover and the
profitability.
By combining the above elements, Blue Yonder is in a position to devise and apply an effective pricing
mechanism based on fixed or semi-fixed purchase prices on one hand and on variable sales prices on
the other hand.
3.1.4.3. The Potential Impacts on the Market
This case study highlights very well the relevance of data access issues in the field of predictive
analytics, one of the most effective tools of data-driven innovation applicable in most industry sectors.
The risk of market inefficiencies due to the excessive concentration of resources in the hands of few or
very few organizations is real, also in the case of data. However, in order to extract value and gain
competitive advantages with data, quantity is relatively more important than quality. For example, in
predictive analytics the data set must be sufficiently large and varied to allow the identification of
meaningful patterns.
According to Blue Yonder, when dealing with data-based products and services, it is the quantity of data
at one own’ s disposal that makes the difference, rather than the quality of the algorithm processing the
data or the skills possessed by the data scientists working with the data. To achieve quantity, datasets
must be aggregated and concentrated, and this may create the risk of few organizations controlling the
key datasets. In this respect, the European Commission, could play a role in creating a reliable and
durable data level-playing field for all those who generate, store and exchange data. In the opinion of
many data-based businesses, measures further encouraging the availability and adoption of open data
and favouring the data exchange (such as the adoption of appropriate and accessible APIs) would all
help develop a strong, competitive European digital economy
27
3.1.5 Software and Business Intelligence and the Case of Qlik
3.1.5.1. Background Information and Data Usage
ICT companies in general, and business intelligence (BI), analytics tools and data technologies
companies in particular, have long discovered the value of data and devised more and more
sophisticated data-driven solutions for businesses and consumers. Indeed, some of these companies
have gone an extra mile in harnessing and procuring an increasing amount of data from an ever wider
array of sources – from one own’ s data, to data provided directly by customers and BI solutions’ users,
to external data procured on an open or on a commercial basis. The case of Qlik – a business
intelligence & visualization software company – exemplifies well the trend of merging data from different
sources to deliver augmented value to a wide variety of data users.
Founded in Lund (Sweden) in 1993, Qlik – previously known as QlikTech - specializes in data
visualization solutions, guided analytics applications, embedded analytics and reporting solutions. In
2006, the company created QlikView, a self-visualization tool allowing Qlik users to get enhanced
insights from their own data, and in 2005 Qlik’s single-user desk platform was replaced with a server-
based web tool so that the company now delivers its products and services via web on a cloud platform.
The company offers three main ways to analyze and extract value from data:
A series of guided analytics tools allowing customers import and analyze their own data through
the building of BI applications on their desktop or PCs;
A series of guided and embedded analytics tools allowing customers to make their own
visualizations with their data and embed them through standard and modern APIs into any Web
portal or application to better communicate with their own customers and stakeholders;
Additional analytics tools to find, connect and manage data from external sources and
merge/use them with the customers’ own data, so to enhance their analytic and predictive value.
Qlik data-acquisition and data exchange activities could therefore be summarized as follows:
Figure 8 Qlik and its data-based business intelligence services
Source: IDC, 2015
The third line of business entails the acquisition of a wide variety of external, third-party data which Qlik
is subsequently able to anonymize and aggregate (when necessary) and then offer to their customers
to augment the analytic power of their existing data. Qlik DataMarket – this is the name of the product –
is delivered as a “Data-as-a-Service” cloud platform and is offered in different packages according to
the type of external data included and the level of insights that they present. External data are mostly
open data from public sources (such as currency data, demographic data, and historic & current weather
28
data) or propriety data that Qlik purchase from other organizations: this is sometimes the case of
business data (when not yet aggregated and transformed into statistics) or weather forecast data that
do not refer to the past or the present but that are the result of data analysis and predictive analytics
activities performed by specialized organizations.
3.1.5.2. Data Ownership and Regulatory Framework
Qlik’s way of acquiring, analyzing and exchanging data does not have direct repercussions on (and does
not depend directly from) the ownership’s regime of the data under consideration. In the cases of guided
analytics and embedded analytics, the data acquired and treated by Qlik are exclusively the ownership
of their clients, with Qlik only providing the technology to visualize and better extract value from the data.
When Qlik collects data from third-parties and external sources, the issue of data ownership remains in
most cases irrelevant, since the data used from third parties are most of the times open data from public
sources such as national or international statistics offices. However, in some cases, Qlik gets third-party
data from external data aggregators or existing “data markets” against a purchase price. This is the case
for example of currency data including details on lesser traded legal tenders (e.g. Cuban peso, bitcoin,
Tongan, etc.) or weather data comprising a wealth of facts and figures (e.g. wind speed and direction,
visibility, humidity, etc.) not always covered when analyzing general meteorological conditions and
including forecast data, in addition to historic and present data21. These data are aggregated and
anonymized and therefore not subject to specific restrictions in terms of data privacy and data protection.
As a result, they are purchased and exchanged through a standard purchase contractual agreements
with no need to require special, ad-hoc legal assistance in the process.
3.1.5.3. The Potential Impacts on the Market
When it comes to external data sources, Qlik acts primarily as a data collector and generally obtains
data that are already aggregated and anonymized. Plus, data from external sources are only one of the
many lines of business with which the company is currently operating. Qlik’s position vis-à-vis the overall
market of data, as well as with regards to the availability of data sources, can hardly be described as
one of a dominant position. The risk that companies like Qlik, and other BI providers with similar business
models, could abuse their market position and create market inefficiencies is more theoretical than real
at this stage and it will take a few years before other data market companies can actually gather such
an amount of data to threaten market efficiency.
Furthermore, companies specializing in BI software and visualization solutions, especially when
recurring to a multitude of data sources, are likely to exert a “multiplier effect” on data usage and data
generation in different sectors of the economy. The development of more and more innovative BI
solutions and procurement of additional streams of data from newer sources, is contributing to increase
the ease-of-use of data across an growing number of current and potential data users, making the role
of data more and more central but also encouraging a broader number of companies and organizations
to collect and exchange data. According to Qlik, policy makers could further support this trend by
avoiding a strict regulation on data access and data exchange and by favoring the introduction of EU-
wide guidelines and standardized documents presiding over the transfer of data across different
organizations in Europe.
21 Examples of Data Markets that can be leveraged for the acquisition of external data on world currencies and
world weather are Xignite (www.xignite.com) and Weather Source (www.weathersource.com).
29
4 Final Considerations
Our empirical excursus on data ownership among several industries and businesses is certainly not
exhaustive, nor can it be used to draw decisive conclusions on the ultimate impacts of data ownership-
and data-access-related issues on Europe’s emerging data market. However, the first-hand evidence
collected through our in-depth interviews and case studies does allow to highlight a set of thought-
provoking considerations on how the data market (and the digital economy as a whole) is evolving in
Europe and which are the key critical issues needing attention from national and European policy-
makers.
4.1 Data Ownership Issues
“Ownership” may not be the best label when dealing with data.
The concept of data ownership is hard to define and, more importantly, is difficult to apply in practice.
Storage devices that are used to store and collect data can be defined as commodities to which the
notion of ownership is applicable; in contrast, data alone cannot be owned as such and are subject, to
different extents, to IPRs’ and Database rights according to the Member States’ legislations in which
they are collected, stored, used or re-used.
‘What-Type-of-Data’ rather than ‘Who-Owns-the-Data’: This is the question.
“Ownership” is a questionable term when dealing with whom should data belong. In contrast to other
intangibles, data typically involve complex assignments of different rights across a multitude of data
stakeholders, who will typically have a varying array of powers over the data, depending on their role.
As a result, the type of data produced, collected, exchanged and used is the key to determine the data
ownership regime when exchanging data. The complexity of data management is likely to increase in
business-to-business relations, particularly in manufacturing, as data-driven innovation becomes more
and more embedded in business processes; this will be particularly relevant for the new data flows
generated by IoT systems. In the next years more and more business cases will emerge where there
will be a need to determine rights of access, control and use of data flows between different
stakeholders. “Personal data”, which refer to identified individuals are subject to a strict set of rules, in
particular surrounding the concept of data protection, while anonymized and aggregated “transaction
data” are subject to less strict regulatory regimes such as IPRs (intellectual property rights). In order to
function properly and fruitfully, data exchanges have to be based on a strict dissociation between the
author of a data transaction and the transaction itself.
Data Ownership’s Issues are not on the top of the agenda of European businesses.
Despite the increasing complexity entailed by new and more sophisticated data-based business models,
the issues arising around the ownership of data do not seem at the present stage to prevent companies
and organizations from acquiring and sharing data. Unlike privacy and data protection (both hotly
debated), the concept of data ownership appears to be scarcely understood and not deemed of primary
importance by European businesses and organizations.
Existing contractual arrangements work well (thus far)…
All in all, bilateral, contractual agreements between the parties (or indeed other forms of agreements
such as standard disclaimers) appear to be sufficient to regulate the exchange of data, their use and
possible re-use in the examined case studies. According to our legal experts, European businesses
resort to the existing intellectual property rights’ (IPR) regimes or the current database rights’ systems
in use within the European Union to effectively exchange, use and reuse data in full confidentiality. As
a result, we found no evidence that EU organizations are at a great disadvantage compared to the rest
of the world, nor any pressing request for new, data-specific contractual arrangements or other forms of
regulatory regimes specifically oriented to data ownership. However, many stakeholders looking to
30
emerging business models express the need for a clearer regulatory framework that will outline what is
allowed to do with data without breaching privacy laws, and/or new typologies of contracts to act as
guidelines in their business negotiations.
Pricing data is by no means a straightforward exercise.
Data have no intrinsic value and their potential price depends on their usage and on the context in which
they are exchanged. According to the OECD, this is why the price of data does not follow market-based
rules to converge, more or less naturally, towards the point where demand and offer meet. Two elements
in particular seem to affect the value of data directly: accuracy and timeliness. “The more relevant and
accurate data are for the particular context in which they are used, the more useful and thus valuable
data will be”. 22
The real-life case studies examined in this document highlight the fact that European businesses tend
to opt for the bundling model when exchanging and trading data – data-based services are thus grouped
with extra (often existing) services and priced “in bundles”, i.e. together with other services. No evidence
has emerged as to the existence of well-functioning and shared mechanisms to assess the value of data
among the examples that we have analyzed in this report.
4.2 Potential Market Impacts
Data-related market disruption is (yet) more theoretical than real
Actual risks of market disruptions (or indeed of “winner-takes-all” market situations) appear to be more
abstract than tangible at this stage of the process. A certain extent of data-related information
asymmetry and competitive advantage is inevitable as companies having the technical capabilities to
aggregate and exchange a great amount of data will retain several advantages over the competition,
including a “lock-in” potential vis-à-vis their customers. The current level of data exchange and re-use,
however, does not seem to cause severe hindrances to the overall market efficiency at this stage. While
digital innovation does tend to create cases of “winner takes all” markets, in our case studies we found
no significant evidence of abuse of dominant position due to ownership and control of valuable datasets
alone. Being a data gate-keeper may be a necessary condition for unfair competition but it is probably
not a sufficient one.
Data access is a key source of competitive advantage
Open APIs can play a fundamental role in favouring data access among different organizations in
various industries and sectors, thus multiplying the exchange potential of data across the European
economy. Open access to data through APIs and automated access procedures should be gradually
introduced and preferred to new pieces of legislation, including contract law, if Europe is to allow the
growth of innovative businesses.
In the current European context, however, there is a risk that that many data-based successful
innovative companies may start creating barriers to data access, requiring monetary compensation, for
example. Faced with this situation, start-ups and innovative data intermediaries would no longer be
able to contribute to the dynamism of the European data market. This market situation should be
carefully monitored by the EC since all the major social network platforms are US-owned and this may
create a disadvantage for the overall EU industry.
22 Data-Driven Innovation for Growth and Well-Being: Final Report”, OECD 2015
31
4.3 Policy Implications
The European data market is in an early development phase and the context affecting data ownership
is rapidly evolving. This section outlines the main policy issues emerging from the empirical analysis,
without going as far as drawing specific policy recommendations, which would be beyond the scope of
and the methodological approach of the present document.
Guidelines would be useful to develop new contractual arrangements on data ownership, data
access and data control, suited to the emerging business models.
While existing contractual arrangements appear to be appropriate to effectively regulate the collection,
exchange, use and re-use of data among European data stakeholders, our empirical evidence suggests
an emerging need for guidelines to identify and develop new types of model contracts dealing with new
typologies of data in emerging business models and business cases, as already done in the case of
Cloud computing. These guidelines should be developed collaboratively by industry and be inspired by
shared principles to enable fair competition and the most effective use of datasets. This is all the more
important in at least two specific situations:
For the sake of SMEs and their participation in global supply chains, since they do not have the
resources to access the kind of legal support available to large companies;
When multiple parties are involved in the data exchange, as this considerably increases the
level of complexity due the fact that the iterations occur among a large number of stakeholders.
Data ownership is essentially a policy issue.
Yet, it would be reductive to consider data ownership as a simple contractual issue. Indeed, data
ownership, access and control are all intimately connected with the overall development of a balanced
playing field in the European data market, the potential competitive advantage of the EU data industry,
and the capability to enable widespread re-use and exploitation of EU datasets. The implications of new
data management arrangements should therefore be considered within the broader framework of
growth, innovation and competition policies and addressed with all the set of tools available to policy.
Stakeholders express the need for clear, simple and harmonized regulation.
The implementation of data exchange, use, re-use and access need a clear, standardized, harmonized,
and simplified legal basis. This is more so today with data created at an unprecedented pace due to the
widespread use of IoT technologies requiring less and less human intervention. Most of the stakeholders
that have taken part to this study have expressed the wish that open access and automated access
procedures should be gradually introduced and preferred to new piece of legislation, including contract
law. The rights of use and exploitation of data should be clarified. For example, BBVA Data Analytics
explained that they need to discuss every step they take in advance with Spain’s Data Protection
Authority, to make sure that every innovative use of data is compliant with the existing regulation.
Rather than additional and new legislation, more efforts towards a significant legal simplification should
be largely sufficient to improve the functioning and effectiveness of the European data market. The
current regulatory framework presiding over data ownership and data exchange may therefore require
renewed attention with ad-hoc updates and refinements at one point in time. This should be valid at EU
level and at Member State level, including the new Member States who generally integrates the “acquis
communautaire” while keeping their national legislations in place.
Competition authorities should monitor closely the data market to prevent distortions, abuses
of dominant position and risks of customers' lock-ins.
As situations of data-based information asymmetry are starting to emerge, and will continue to do so in
the future, there is a need to monitor these asymmetries to avoid the risk that they may lead to market
distortions with negative and tangible implications on the overall market competition in Europe. It is
therefore of paramount importance to understand which emerging business models could be likely to
32
create such situations. A closer and more regular collaboration between the EU and national anti-trust
and competition authorities would certainly help avoiding and preempting cases of abuse of dominant
positions and “winner-takes-all” markets. On the other hand, specialized intermediaries acting as
custodians and gate-keepers of common data platforms are likely to emerge (see for example the case
of SAP in the interaction between OEM and manufacturers) without necessarily bearing negative
consequences for competition, especially if the right of customers to move to different platforms is
guaranteed.
Cross-border data flows in the context of the Digital Single Market should be adequately
fostered.
As data-driven innovation is implemented in global supply chains, there will be an increased need to
access and use datasets across national boundaries. Data location restrictions and different national
regulations of data ownership may hinder these developments. Therefore the need for the free-flow of
data in the EU Digital Single Market is an important requirement for a viable future regulatory framework
of data ownership. There is also a need to incentivize the exchange of data and the creation of shared
datasets, overcoming the natural resistance of businesses to keep their own data confidential. To do
so, businesses have to trust that sharing data leads to greater benefits and better competitive
advantages than keeping it confidential. This may be helped by the ability to access public datasets,
which can add value to the combined business datasets.
Overall, the Free-Flow-of-Data Initiative planned by the EC within the Digital Single Market strategy, to
be launched in 2016, addresses all these issues. This is shown by the announcement about the main
components of the Initiative, made by DG CONNECT's Director Giuseppe Abbamonte at the European
Data Forum 2015 in Luxemburg, as follows:
Tackling data location restrictions;
Clarifying emerging issues of data ownership access and liability;
Launching a European cloud initiative;
Encouraging access to public data.
These lines of policy correspond to the main areas of policy action identified in this report about data
ownership and therefore appear coherent with the emerging needs of stakeholders. The opinions of
representative groups of stakeholders should be taken into consideration to develop concretely these
policies and avoid the risk of constraining the data market with complex regulation rather than enabling
its evolution towards a balanced playing field for all actors.
33
Main Sources
“Knowledge Integrity: Data Ownership” (Online) June 8, 2004, Loshin, D. (2002).
http://www.datawarehouse.com/article/?articleid=3052
“Data-driven Innovation for Growth and Well-being”, INTERIM SYNTHESIS REPORT October 2014,
OECD (2014)
“Booking.com and best price clauses under fire again in Germany”, April, 2015;
http://www.lexology.com/library/detail.aspx?g=ee68ff57-c838-4d40-8958-799daf2521ce
http://www.informationweek.com/strategic-cio/it-strategy/internet-of-things-whats-holding-us-back/d/d-
id/1235043?page_number=3
“Who owns the Data in the Internet of Things?, www.united-kingdom.taylorwessing.com, February
2014
https://ori.hhs.gov/education/products/n_illinois_u/datamanagement/dotopic.html
https://www.techopedia.com/definition/29059/data-ownership
http://searchcio.techtarget.com/definition/data-privacy-information-privacy
http://whatis.techtarget.com/definition/transactional-data
http://opendefinition.org/od/
http://www.wired.com/insights/2014/02/owns-data/
http://www.economist.com/blogs/schumpeter/2014/06/who-owns-your-personal-data
https://www.bbvaopenmind.com/en/article/who-owns-big-data/?fullscreen=true
https://en.wikipedia.org/wiki/Data_monetization
https://www.bcgperspectives.com/content/articles/information_technology_strategy_digital_economy_
age_digital_ecosystems_thriving_world_big_data/
http://www.hs-schmalkalden.de/Englmeier-p-790/_/ValueChainBigData.pdf
http://webcache.googleusercontent.com/search?q=cache:vXEWDM7q5DgJ:ec.europa.eu/information_
society/newsroom/cf/dae/document.cfm%3Fdoc_id%3D3488+&cd=6&hl=it&ct=clnk&gl=it
OECD, Data-Driven Innovation: Big Data for Growth and Well-Being, October 06, 2015
34