Right to smart factory data
The main requirement for the “smart factory” which is to be expected as the result of the fourth industrial revolution is large quantities of data and their processing by networked machines at the company. The issue of who the machine-generated data belongs to and what usage rights third parties have are the most important questions requiring clarification in the area of “Industry 4.0”. Noerr has already dealt in detail with many of the legal issues relating to “Industry 4.0” in a legal opinion prepared for the Bundesverband der Deutschen Industrie (BDI) (Federation of German Industry) [Legal challenges of digitalisation].
Data is a central commodity in the age of digitalisation. It does not, however, have any physical form and therefore cannot be the subject of any ownership rights in accordance with Sec. 903 of the German Civil Code (Bürgerliches Gesetzbuch – BGB) because Sec. 903 of the German Civil Code only recognises ownership of things, i.e. physical objects. A legal policy discussion is currently being held with regard to whether the “ownership” of data can and should be created by an analogous application of Sec. 903 of the German Civil Code. In terms of legal doctrine, however, a comparable interest and an unplanned regulatory gap by the legislator would have to exist, which is rejected by the majority of IT law specialists. Other approaches at providing protection such as protection as “another right” under the terms of Sec. 823 (1) of the German Civil Code have not been able to assert themselves in case law to date either. According to prevailing opinion, no general right with absolute effect with respect to all legal relations therefore exists for data either. Case law does recognise that allocation criteria exist for data. Naumburg Higher Regional Court for example ruled in 2014 that there are certainly criteria under which rights to data can exist for a specific person. The Higher Regional Court ruled that the data from a radar speed trap belongs to the police station where the police officer who created the data in a “creation act” is based. Case law, however, does not derive any absolute rights in the sense of data ownership from the “creation act”.
Special regulations, such as the German Act Against Unfair Competition (Gesetz gegen den unlauteren Wettbewerb – UWG) and the German Copyright Act (Urhebergesetz – UrhG), offer certain defence rights against access to data and/or its use for certain categories of data. However, these only apply when certain requirements have been met (e.g. to company or business secrets). These regulations cannot serve as a general basis for data ownership due to their narrow scope of application.
Data ownership in the legal sense therefore does not currently exist on the basis of the current legal situation. Companies are therefore advised to ensure the allocation of rights to data by using clear contractual provisions in relation to the parties creating, processing and using the data. This protection will, however, only be effective between the contractual parties.
Regulation at European level
In its “Digital Single Market Strategy for Europe” published in May 2015 the EU Commission presented a European initiative for a “free flow of data”, which deals with issues such as the ownership of data, their usability, and access to data in certain situations, e.g. when data is created by machines and with interaction between machines. On 30 June 2016, the EU Commission published the “Inception Impact Assessment” of the initiative for a free flow of data, which summarises the next possible steps of the EU Commission. It emphasises that the EU Commission wants to carry out more research on the concept of data ownership. Whether the legal situation with respect to the ownership of data will change at European level in the short or medium term cannot currently be predicted – since even IT law specialists dealing with this issue are unable to agree whether statutory regulation is necessary.
Whether ownership of data will be created, whether usage rights relating to data should continue to be established contractually or whether the legislator will choose a completely different solution are controversial legal policy questions, the answers to which we are keenly anticipating.
Any questions? Please contact: Thomas Thalhofer
Practice Group: IT, Outsourcing & Data Privacy