Abstract
This paper presents a selection of legal topics in the context of data analytics and Big Data from a lawyer’s perspective. After introducing the reader to the role of law, both in the analogue and the digital world (1), the paper gives a systematic overview of some of the currently most relevant data-related legal topics (2). While digitalisation and data processing poses new questions to all areas of law, this paper focusses on the role Big Data plays in competition, data protection and contract law, as those are closely interlinked and address similar data-related phenomena. The paper was written from a mainly European perspective and presents some specific approaches European law takes to address the challenges we face with the advent of Big Data.
Keywords
This work has been funded by the Federal Ministry of Education and Research of Germany (BMBF) under grant No. 16DII111 (“Deutsches Internet-Institut”).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
For instance, Directive (EU) 2011/83 of 22 October 2011 on consumer rights, amending Council Directive 93/13/EEC and Directive 1999/44/EC of the European Parliament and of the Council and repealing Council Directive 85/577/EEC and Directive 97/7/EC of the European Parliament and of the Council OJ L 304/64 (2011)
For instance, Council Directive 93/13/EEC of 5 April 1993 on unfair terms in consumer contracts OJ L 95/29 (1993)
For instance, the buyer of a product may have the right to receive a proportionate reduction in the price where the acquired product is not in conformity with the contract. See Directive (EU) 2019/771 of the European Parliament and of the Council of 20 May 2019 on certain aspects concerning contracts for the sale of goods, amending Regulation (EU) 2017/2394 and Directive 2009/22/EC, and repealing Directive 1999/44/EC OJ L 136/28 (2019)
Treaty on the Functioning of the European Union (TFEU) [2012] OJ C 326/47, arts 101, 102; Council Regulation (EC) No 139/2004 of 20 January 2004 on the control of concentrations between undertakings (the EC Merger Regulation) OJ L 24/1 (2004)
Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) OJ L 119/1 (“GDPR”) (2016)
Cf Directive (EU) 2019/771 (n 3)
Regarding the term “Big Data”, see, for instance, Laney, D.: 3-D Data Management: Controlling data volume, velocity, and variety. Application Delivery Strategies, META Group Inc. (2001). http://blogs.gartner.com/doug-laney/files/2012/01/ad949-3D-Data-Management-Controlling-Data-Volume-Velocity-and-Variety.pdf. Accessed 24 June 2020; Monopolkommission: Competition policy: The challenge of digital markets. Special Report No 68, (2015), paras 67ff, http://www.monopolkommission.de/images/PDF/SG/s68_fulltext_eng.pdf. Accessed 24 June 2020; Stucke, M., Grunes A.: Big Data and Competition Policy. OUP, Oxford, paras 2.04ff (2016)
For an in-depth overview of the diverse risks and opportunities of Big Data, see, for instance, Tene, O., Polonetsky, J.: Big Data for All: Privacy and User Control in the Age of Analytics. Nw. J. Tech. Intell. Prop. 11(5) pp. 239, 243ff, 251ff (2013)
Bollier, D.: The Promise and Perils of Big Data. The Aspen Institute, Washington, DC, pp. 20ff (2010)
For some examples in practice, see Bartel, J., et al.: Big Data im Praxiseinsatz – Szenarien, Beispiele, Effekte. BITKOM e. V., Berlin, pp. 51ff (2012), https://www.bitkom.org/sites/default/files/file/import/BITKOM-LF-big-data-2012-online1.pdf. Accessed 24 June 2020
Minssen, T., Schovsbo J.: Big Data in the Health and Life Sciences: What Are the Challenges for European Competition Law and Where Can They Be Found? In: Seuba, X., Geiger, C., Penin, J. (eds.), Intellectual Property and Digital Trade in the Age of Artificial Intelligence and Big Data. Global Perspectives for the Intellectual Property System, CEIPI and ICTSD, Geneva and Strasbourg, pp. 121, 123 (2018); Federal Trade Commission: Big Data – A Tool for Inclusion or Exclusion? p. 5 (2016). https://www.ftc.gov/system/files/documents/reports/big-data-tool-inclusion-or-exclusion-understanding-issues/160106big-data-rpt.pdf. Accessed 24 June 2020; Bartel, J., et al. (n 10) pp. 70, 76
European Commission: Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions: A European strategy on Cooperative Intelligent Transport Systems, a milestone towards cooperative, connected and automated mobility. COM(2016) 766 final; OECD: Data-Driven Innovation: Big Data for Growth and Well-Being. OECD Publishing, Paris, pp. 379ff (2015). https://dx.doi.org/10.1787/9789264229358-en; Bartel, J., et al. (n 10) p. 69
OECD (n 12) p. 383; Zhang,Y., Huang, T., Bompard, E.F.: Big data analytics in smart grids: a review. Energy Inform. 1(8) pp. 2, 9f, 12, 15f. (2018). https://doi.org/10.1186/s42162-018-0007-5
See, for instance, Federal Trade Commission (n 11) pp. 8ff; Bollier, D. (n 9) pp. 23, 31
Cf European Data Protection Supervisor: Privacy and Competitiveness in the Age of Big Data: The Interplay between Data Protection, Competition Law and Consumer Protection in the Digital Economy. Preliminary Opinion (2014). https://edps.europa.eu/sites/edp/files/publication/14-03-26_competitition_law_big_data_en.pdf. Accessed 24 June 2020; cf Crémer, J., de Montjoye, Y.-A., Schweitzer, H.: Competition Policy for the Digital Age: Final Report. Publications Office of the European Union, Luxembourg, pp. 76ff (2019). https://ec.europa.eu/competition/publications/reports/kd0419345enn.pdf. Accessed 24 June 2020
For an overview see, for instance, Bonneau, V., et al.: Digital Transformation Monitor, Big Data: a complex and evolving regulatory framework. IDATE et al. (eds.), European Union, p. 3 (2017). https://ec.europa.eu/growth/tools-databases/dem/monitor/sites/default/files/DTM_Big%20Data%20v1_0.pdf. Accessed 24 June 2020. For privacy breaches in the context of statistical data, see Nissim, K., et al.: Bridging the gap between computer science and legal approaches to privacy. Harvard J. Law Technol. 31(2), pp. 687, 700ff (2018)
Cadwalladr, C., Graham-Harrison, E.: Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach. The Guardian (17 March 2018). https://www.theguardian.com/news/2018/mar/17/cambridge-analytica-facebook-influence-us-election. Accessed 24 June 2020
See (n 5). For an introduction to US privacy laws, see, for instance, Nissim, K., et al. (n 16) pp. 706ff
For sensitive data, see specific rules in GDPR, art 9(2)
GDPR, art 35(3); Article 29 Working Party, Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679. WP 248 rev.01 (2017) pp. 8ff. http://ec.europa.eu/newsroom/document.cfm?doc_id=47711. Accessed 24 June 2020; cf Efroni, Z., et al.: Privacy icons: a risk-based approach to visualisation of data processing. EDPL 5(3) pp. 352, 361ff (2019)
See, for instance, Efroni, Z., et al. (n 20) pp. 355f with further references
Efroni, Z., et al. (n 20) pp. 357ff. Cf Hansen, M.: Putting Privacy Pictograms into Practice - a European Perspective. In: Fischer, S., Maehle, E., Reischuk, R. (eds.), Informatik 2009: Im Focus das Leben, Beiträge der 39. Jahrestagung der Gesellschaft für Informatik e.V. (GI), 28.9.-2.10.2009, Lübeck. Gesellschaft für Informatik e.V., Bonn (2009)
European Data Protection Supervisor, EDPS Opinion on Personal Information Management Systems: Towards More User Empowerment in Managing and Processing Personal Data. Opinion 9/2016, paras 5ff (2016). https://edps.europa.eu/sites/edp/files/publication/16-10-20_pims_opinion_en.pdf. Accessed 24 June 2020; Horn, N., Riechert, A., Müller, C.: Neue Wege bei der Einwilligung im Datenschutz – technische, rechtliche und ökonomische Herausforderungen. Stiftung Datenschutz, pp. 10ff (2017). https://stiftungdatenschutz.org/fileadmin/Redaktion/Bilder/Abschluss_Studie_30032017/stiftungdatenschutz_broschuere_20170611_01.pdf. Accessed 24 June 2020; Betkier, M.: Privacy Online, Law and the Effective Regulation of Online Services. Intersentia, Cambridge, pp. 79ff (2019)
See, for instance, Radlanski, P.: Das Konzept der Einwilligung in der datenschutzrechtlichen Realität. Mohr Siebeck, Tübingen, pp. 97, 204ff, 232f (2016)
Monopolkommission (n 7) paras 39f
Weber, R.H.: Information at the crossroads of competition and data protection law. Zeitschrift für Wettbewerbsrecht 12(2), pp. 169, 175 (2014). For the contract law perspective on this topic, see ch 2.3
Metzger, A.: Data as Counter-Performance: What Rights and Duties do Parties Have? JIPITEC 8(1) p. 2, para 12 (2017)
Article 29 Working Party: Guidelines on Consent under Regulation 2016/679. WP259 rev.01, pp. 5ff, (2017). https://ec.europa.eu/newsroom/article29/document.cfm?action=display&doc_id=51030. Accessed 24 June 2020
Friedman, D.A.: Free Offers: A New Look. New Mexico L Rev 38(1) pp. 49ff (2008)
Cf Krohm, N., Müller-Peltzer, P.: Auswirkungen des Kopplungsverbots auf die Praxistauglichkeit der Einwilligung: Das Aus für das Modell „Service gegen Daten“? ZD 7(12) pp. 551, 553 (2017); Härting, N.: „Dateneigentum“ – Schutz durch Immaterialgüterrecht? Was sich aus dem Verständnis von Software für den zivilrechtlichen Umgang mit Daten gewinnen lässt. CR 36(10) pp. 646, 648 (2016)
Barocos, S., Nissenbaum, H.: Big Data’s End Run around Anonymity and Consent. In: Julia Lane et al. (eds.), Privacy, Big Data, and the Public Good: Frameworks for Engagement. CUP, Cambridge pp. 44, 61ff (2004) call this phenomenon “the tyranny of the minority”; Hermstrüwer, Y.: Contracting Around Privacy: The (Behavioral) Law and Economics of Consent and Big Data. JIPITEC 8(1) pp. 9, 12ff, paras 11ff (2017). In the context of statistical data, see Nissim, K., et al. (n 16) pp. 700ff
Federal Cartel Office: Big Data und Wettbewerb. In: Federal Cartel Office (ed.), Schriftenreihe Wettbewerb und Verbraucherschutz in der digitalen Wirtschaft, Bonn, p. 9, (2017). http://www.bundeskartellamt.de/SharedDocs/Publikation/DE/Schriftenreihe_Digitales/Schriftenreihe_Digitales_1.pdf?__blob=publicationFile&hx0026;v=3. Accessed 24 June 2020
For instance, Evans, D.S.: The Antitrust Economics of Multi-Sided Platform Markets. Yale Journal on Regulation 20(2) pp. 324ff (2003); Evans, D.S., Noel, M.: Defining Antitrust Markets When Firms Operate Two-Sided Platforms. Colum. Bus. L. Rev. 2005(3) pp. 101ff (2005)
Cf text to n 25 in ch 2.1 of this paper
For Germany see, for instance, Federal Cartel Office: Clearance of Merger of Online Real Estate Platforms. Case summary B6-39/15, p. 3 (2015); Federal Cartel Office: Acquisition of the online comparison platform Verivox by ProSiebenSat.1. approved. Case summary B8-76/15, p. 3 (2015); Podszun, R., Franz, B.: Was ist ein Markt? – Unentgeltliche Leistungsbeziehungen im Kartellrecht. NZKart 3(3) pp. 121ff (2005)
Act against Restraints of Competition in the version published on 26 June 2013 (Federal Law Gazette 2013 I, 1750, 3245), as last amended by art 10 of the law of 12 July 2018 (Federal Law Gazette 2018 I, 1151) (“ARC”), § 18(2a). A translation is provided by the Language Service of the Bundeskartellamt and Renate Tietjen. http://www.gesetze-im-internet.de/englisch_gwb/englisch_gwb.html. Accessed 24 June 2020
Forbes: GLOBAL 2000: The World’s Largest Public Companies. (2020). www.forbes.com/global2000/list/. Accessed 24 June 2020
Federal Cartel Office (n 32) pp. 7f
OECD: Rethinking Antitrust Tools for Multi-Sided Platforms pp. 189f (2018). www.oecd.org/competition/rethinking-antitrust-tools-for-multi-sided-platforms.htm. Accessed 24 June 2020
These feedback loops can be referred to as “snowball effects”; Federal Cartel Office (n 32) pp. 7f
See, for instance, Barwise, T., Watkins, L.: The Evolution of Digital Dominance: how and why we got to GAFA. In: Moore, M., Tambini, D. (eds.), Digital dominance: The power of Google, Amazon, Facebook, and Apple. OUP, New York (2018), pp. 21, 22ff; Federal Cartel Office: Working Paper – The Market Power of Platforms and Networks, Executive Summary, B6-113/15. p. 9 (2016). www.bundeskartellamt.de/SharedDocs/Publikation/EN/Berichte/Think-Tank-Bericht-Zusammenfassung.pdf?__blob=publicationFile&Cv=4. Accessed 24 June 2020
European Commission: AT.39740 Google Search (Shopping); European Commission: Antitrust: Commission fines Google €2.42 billion for abusing dominance as search engine by giving illegal advantage to own comparison shopping service – Factsheet. (2017). https://ec.europa.eu/commission/presscorner/detail/en/MEMO_17_1785. Accessed 24 June 2020
European Commission: Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions: A European strategy for data. COM(2020) 66 final, pp. 12ff
ARC, § 18(3a). A new draft proposal for further amendments to the ACR puts even more emphasis on data access; see Federal Ministry for Economic Affairs and Energy: Referentenentwurf des Bundesministeriums für Wirtschaft und Energie, Entwurf eines Zehnten Gesetzes zur Änderung des Gesetzes gegen Wettbewerbsbeschränkungen für ein fokussiertes, proaktives und digitales Wettbewerbsrecht 4.0, GWB-Digitalisierungsgesetz. (2020). https://www.bmwi.de/Redaktion/DE/Downloads/G/gwb-digitalisierungsgesetz-referentenentwurf.pdf?__blob=publicationFile&hx0026;v=10. Accessed 24 June 2020. For more details, see Mischau, L.: Market Power Assessment in Digital Markets – a German Perspective. GRUR Int. 69(3), pp. 233, 245ff (2020)
Regarding data and the “essential facilities doctrine”, see, for instance, Graef, I.: EU competition law, data protection and online platforms: Data as Essential Facility. Kluwer Law International, Alphen aan den Rijn, pp. 249ff (2016); Drexl, J.: Designing Competitive Markets for Industrial Data – Between Propertisation and Access. JIPITEC 8(4) pp. 257, 278ff (2017); Schweitzer, H. et al.: Modernisierung der Missbrauchsaufsicht für marktmächtige Unternehmen: Endbericht. DICE Consult, pp. 131ff (2018). https://www.bmwi.de/Redaktion/DE/Publikationen/Wirtschaft/modernisierung-der-missbrauchsaufsicht-fuer-marktmaechtige-unternehmen.pdf?__blob=publicationFile&hx0026;v=15. Accessed 24 June 2020
Cf Regulation (EU) 2018/858 of the European Parliament and of the Council of 30 May 2018 on the approval and market surveillance of motor vehicles and their trailers, and of systems, components and separate technical units intended for such vehicles, amending Regulations (EC) No 715/2007 and (EC) No 595/2009 and repealing Directive 2007/46/EC OJ L 151/1, art 61(1) (2018); Kerber, W., Gill, D.: Access to Data in Connected Cars and the Recent Reform of the Motor Vehicle Type Approval Regulation. JIPITEC 10(2), pp. 244ff (2019)
Cf Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC OJ L 337/35, art 66(1) (2015), (4)(b), art 67(1), (3)(b)
Crémer, J., de Montjoye, Y.-A., Schweitzer, H. (n 15) pp. 77ff; Bourreau, M., de Streel, A., Graef, I.: Big Data and Competition Policy: Market Power, Personalised Pricing and Advertising: Project Report. CERRE, pp. 15ff (2017). https://www.cerre.eu/sites/cerre/files/170216_CERRE_CompData_FinalReport.pdf. Accessed 24 June 2020
Crémer, J., de Montjoye, Y.-A., Schweitzer, H. (n 15) pp. 77ff; Federal Ministry for Economic Affairs and Energy: A new competition framework for the digital economy: Report by the Commission Competition Law 4.0. BMWi, Berlin, pp. 56ff (2019). https://www.bmwi.de/Redaktion/EN/Publikationen/Wirtschaft/a-new-competition-framework-for-the-digital-economy.pdf?__blob=publicationFile&v=3. Accessed 24 June 2020
Federal Cartel Office: B6–22/16 Facebook, paras 136ff; Federal Cartel Office: Bundeskartellamt prohibits Facebook from combining user data from different sources: Background information on the Bundeskartellamt’s Facebook proceeding, p. 5 (2019). www.bundeskartellamt.de/SharedDocs/Publikation/EN/Pressemitteilungen/2019/07_02_2019_Facebook_FAQs.pdf?__blob¼publicationFile&v¼6. Accessed 24 June 2020
Düsseldorf CA, 26 August 2019, Kart 1/19 (V) Facebook
Directive 2019/770/EU of 20 May 2019 on certain aspects concerning contracts for the supply of digital content and digital services OJ L 136/1 (2019) (“DCSD”)
European Data Protection Supervisor: Opinion 4/2017 on the Proposal for a Directive on certain aspects concerning contracts for the supply of digital content. paras 14ff (2017). https://edps.europa.eu/sites/edp/files/publication/17–03-14_opinion_digital_content_en.pdf. Accessed 24 June 2020
DCSD, art 3(1), recital 24. Metzger, A. et al.: Data-Related Aspects of the Digital Content Directive. JIPITEC 9(1), pp. 90, 93ff, paras 12ff (2018)
Langhanke, C., Schmidt-Kessel, M.: Consumer Data as Consideration. EuCML 4(6), pp. 218, 219f (2015). Regarding the complex interplay between the DCSD and the GDPR, see Metzger, A.: A Market Model for Personal Data: State of the Play under the New Directive on Digital Content and Digital Services. In Lohsse, S., Schulze, R., Staudenmayer, D. (eds.), Data as Counter-Performance – Contract Law 2.0? Münster Colloquia on EU Law and the Digital Economy V, Nomos, Baden-Baden (2020)
DCSD, art 7(a), (d), art 8(1)(b), (2), art 19, recitals 42, 47
Directive (EU) 2019/771 (n 3), arts 6(a), (d), 7(1)(d), (3), recitals 28, 30f. In contrast to the DCSD, these rules for IoT products only apply in cases where the consumer has paid a monetary price in exchange for the product
European Commission: Commission Staff Working Document: Guidance on sharing private sector data in the European data economy. SWD(2018) 125 final, pp. 5, 8ff
European Commission (n 58) pp. 3, 6ff
European Commission (n 43) pp. 13, 15
One example is the European eCall regulation, which allows the processing of certain personal data in cases of car accidents in order to accelerate the rescue work of the police and the fire brigarde; see Regulation (EU) 2015/758 of the European Parliament and of the Council of 29 April 2015 concerning type-approval requirements for the deployment of the eCall in-vehicle system based on the 112 service and amending Directive 2007/46/EC OJ L 123/77 (2015); Klink-Straub, J., Straub, T.: Nächste Ausfahrt DS-GVO – Datenschutzrechtliche Herausforderungen beim automatisierten Fahren. NJW 71(44), pp. 3201, 3203 (2018)
Cf, for instance, the German Criminal Code in the version published on 13 November 1998 (Federal Law Gazette I, p. 3322), as last amended by Article 2 of the Act of 19 June 2019 (Federal Law Gazette I, p. 844), §§ 202a-202d. A translation is provided by Prof. Dr Michael Bohlander that is completely revised and regularly updated by Ute Reusch. http://www.gesetze-im-internet.de/englisch_stgb/index.html. Accessed 24 June 2020
These topics are very complex. As a starting point, see Directive (EU) 2019/790 of the European Parliament and of the Council of 17 April 2019 on copyright and related rights in the Digital Single Market and amending Directives 96/9/EC and 2001/29/EC OJ L 130/92 (2019); see also Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases OJ L 77/20 (1996); see also Directive (EU) 2016/943 of the European Parliament and of the Council of 8 June 2016 on the protection of undisclosed know-how and business information (trade secrets) against their unlawful acquisition, use and disclosure OJ L 157/1 (2016). Cf, for instance, Wiebe, A.: Protection of industrial data – a new property right for the digital economy? GRUR Int. 65(10), pp. 877, 879ff (2016)
European Commission: Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions: “Building a European Data Economy”. COM(2017) 9 final, p. 13. Cf, for instance, Zech, H.: Information as Property. JIPITEC 6(3), pp. 192, 196f, paras 31ff (2015); Wiebe, A. (n 63) pp. 881ff. However, the focus of the debate has in the meantime shifted towards the question of data access, and the introduction of new data property rights has become rather unlikely; see Mischau, L. (n44) pp. 237f with further references
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 IFIP International Federation for Information Processing
About this paper
Cite this paper
Mischau, L. (2020). The Laws of Big Data. In: Kreps, D., Komukai, T., Gopal, T.V., Ishii, K. (eds) Human-Centric Computing in a Data-Driven Society. HCC 2020. IFIP Advances in Information and Communication Technology, vol 590. Springer, Cham. https://doi.org/10.1007/978-3-030-62803-1_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-62803-1_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-62802-4
Online ISBN: 978-3-030-62803-1
eBook Packages: Computer ScienceComputer Science (R0)