This study provides recommendations on how to make personal data portability more effective. This will truly empower consumers to use the services they want and share their data with whoever they wish and stimulate innovation in Europe. With the entry into force of the GDPR, European citizens gained new rights, notably with data portability. But two years later, there is still little sign of people exercising this right, and of companies offering an easy and convenient service for data portability. While the European Commission is finalising its evaluation of the GDPR and closes its consultation on the European data strategy, the authors, professors Jan Krämer, Pierre Senellart and Alexandre de Streel*, warn that the current legal framework requires clarifications to better empower European citizens in a data-driven society. In this study, they identify barriers to data portability, including the lack of possibilities to import data as well as the lack of common standards and tools to access data as easy as the click of a button. The ability to provide users with a centralised dashboard for monitoring and controlling the flow of their data is also critically missing. “Today, consumers do not widely use data portability for reasons that can and should be overcome. Making data portability more effective is better for competition, for innovation and to empower users,” stress the authors. “There should be no second-guessing on whether to make data portability more effective, the time to act is now.” The current EU framework encourages data portability, but there are legal gaps that the EU should fill. The authors insist on the need for detailed guidance on how data portability can be facilitated and on which data is subject to data portability without violating privacy rights. They advocate that data provided by users when using a service, such as search history (i.e. “observed data”) should clearly be included under the scope of data portability. The authors consider it essential that the obligation to offer standardised Application Programming Interfaces (APIs) be much more widespread to enable consumers to continuously port their data. “We believe that standardised APIs that enable continuous data portability is a prerequisite for encouraging more organisations to import personal data, and for encouraging more consumers to initiate such transfers,” explain the authors. Projects, such as the Data Transfer Project have highlighted that continuous data portability is technically feasible. The authors argue that Personal Management Information Systems (PIMSs) facilitate the complex consent management and offer users a centralised dashboard for monitoring and controlling the flow of their data will have a crucial role to play for the wider adoption of data portability. “It must be as easy as clicking a button for consumers to continuously share data they created with one provider to another provider. This may also require educating and informing users on their rights through information campaigns alongside clear policy measures,” explain the authors. Nevertheless, they stress that PIMSs are not likely to find a sustainable business model, and thus, policy makers should support the emergence of open-source projects by setting common standards for data transfers, consent management, and identity management.

The right to privacy is a fundamental right. Along with the related right to personal data protection, it has come to take a central place in contemporary employment relations and shows significant relevance for the future of work. This thoroughly researched volume, which offers insightful essays by leading European academics and policymakers in labour and employment law, is the first to present a thoroughly up-to-date Europe-wide survey and analysis of the intensive and growing interaction of workplace relations systems with developments in privacy law. With abundant reference to the EU’s General Data Protection Regulation, the case law of the European Court of Human Rights, and the work of the International Labour Organisation, the book proceeds as a series of country chapters, each by a recognised expert in a specific jurisdiction. Legal comparison is based on a questionnaire circulated to the contributors in advance. Each country chapter addresses the national legal weight of such issues and topics as the following: interaction of privacy and data protection law; legitimacy, purpose limitation, and data minimisation; transparency; role of consent; artificial intelligence and automated decision-making; health-related data, including biometrics and psychological testing; monitoring and surveillance; and use of social media. A detailed introductory overview begins the volume. The research for this book is based on a dynamic methodology, founded in scientific desk research and expert networking. Recognising that the need for further guidance for privacy at work has been demonstrated by various European and international bodies, this book delivers a signal contribution to the field for social partners, practitioners, policymakers, scholars, and all other stakeholders working at the crossroads of privacy, data protection, and labour law.

Across the world, regulators and policy makers are grappling with how to establish a competitive, safe and fair online environment that also safeguards users’ fundamental rights as citizens. Ahead of the European Commission’s Digital Markets Act (DMA), this book “Digital markets and online platforms: new perspectives on regulation and competition law“, presents CERRE’s latest contribution to the debate with concrete policy recommendations. Together, the policy recommendations in this book present a roadmap that should be pursued for EU policy makers to safeguard competition and innovation in digital platform markets. They can be organised into three key areas for action: (i) More effective enforcement, (ii) increased transparency and switching easiness, and (iii) providing access to key innovation capabilities. “The need to safeguard fair and vibrant competition, which is also seen as an important driving factor for innovation, is nothing new for policy makers. However, the characteristics and complexities of digital markets have challenged some of the traditional approaches.” – Jan Krämer, editor of the book and CERRE Academic Co-Director The book’s recommendations highlight that platform transparency and associated data collection by authorities, as well as data sharing by platforms (initiated through consumers or authorities), are the two most important overarching policy measures for platform markets in the near future. They facilitate enforcement, consumer choice, and innovation capabilities in the digital economy. The contents of this book were presented and debated during a CERRE live debate with guest speakers Anne Yvrande-Billon (Arcep’s Director of Economic, Market and Digital Affairs), MEP Stéphanie Yon-Courtin (Vice-President of the European Parliament’s Committee on Economic and Monetary Affairs) and Javier Espinoza (Financial Times’ EU Correspondent covering competition and digital policy).

This book analyzes the business model of enterprises in the digital economy by taking an economic and comparative perspective. The aim of this book is to conduct an in-depth analysis of the anti-competitive behavior of companies who monopolize data, and put forward the necessity of regulating data monopoly by exploring the causes and characteristics of their anti-competitive behavior. It studies four aspects of the differences between data monopoly and traditional monopolistic behavior, namely defining the relevant market for data monopolies, the entry barrier, the problem of determining the dominant position of data monopoly, and the influence on consumer welfare. It points out the limitations of traditional regulatory tools and discusses how new regulatory methods could be developed within the competition legal framework to restrict data monopolies. It proposes how economic analytical tools used in traditional anti-monopoly law are facing challenges and how competition enforcement agencies could adjust regulatory methods to deal with new anti-competitive behavior by data monopolies.

In the dynamic landscape of EU digital platforms regulation, we are at a focal point of discussions shaping the future of implementation of the Digital Markets Act – arguably one of the most important pieces of legislation of the current times’ digital policy sphere. With the DMA aiming for contestability and fairness in digital markets, designated gatekeeper platforms are set to unveil their compliance plans on March 2024. The European Commission, in its unique role as an enforcer, will lead the work of determining non-compliance and ensure that the DMA fulfils its ambitious goals. However, the success of implementation will depend on the principles on which the new law will be applied. This CERRE report recommends that the DMA implementation process should be guided by the substantive principles of effectiveness, proportionality, non-discrimination, legal predictability, and consistency with other EU laws. Furthermore, the Commission will have to approach enforcement taking into account the procedural principles of responsive regulation and participation, due process, and ex ante and ex post evaluation. The report then applies those principles to series of specific DMA obligations: choice architecture, horizontal and vertical interoperability and data related obligations. It is also essential to agree on how the Commission, gatekeepers, and third parties will engage with each other. The DMA provides a model of compliance which is not based solely on deterrence; instead, the gatekeepers are encouraged to and will comply by engaging co-operatively with the Commission and third parties. However, it is still up for question how this principle will be applied, what it expects from the stakeholders, and how the Commission itself will exercise its deterring powers to enforce compliance. On top of it all, this CERRE DMA edition is also proposing a set of quantitative measurement indicators, so-called output indicators, each relating to a particular obligation or set of obligations, in order to better understand the impact of obligations on the relations between gatekeepers and third parties. These quantitative indicators will not represent specific targets or thresholds against which compliance should be assessed. They will neither attempt to measure the effect of changes in conduct on market outcomes for users nor, more generally, competition. These quantitative measures will be added to other evidence, such as complaints or qualitative representations from affected parties, including gatekeepers, which the Commission will consider in its compliance assessments. This report was written in the framework of a 8-months-long, multi-stakeholder CERRE initiative entitled the ‘DMA Compliance Forum’ that created a neutral and trusted platform and facilitated dialogue among CERRE members and academics to contribute to the effective and proportionate enforcement of the regulation.

Analyzes the regulation of data access and transfer to understand how internet users can obtain the data they generate.

Today’s unprecedented growth of data and their ubiquity in our lives are signs that the data revolution is transforming the world. And yet much of the value of data remains untapped. Data collected for one purpose have the potential to generate economic and social value in applications far beyond those originally anticipated. But many barriers stand in the way, ranging from misaligned incentives and incompatible data systems to a fundamental lack of trust. World Development Report 2021: Data for Better Lives explores the tremendous potential of the changing data landscape to improve the lives of poor people, while also acknowledging its potential to open back doors that can harm individuals, businesses, and societies. To address this tension between the helpful and harmful potential of data, this Report calls for a new social contract that enables the use and reuse of data to create economic and social value, ensures equitable access to that value, and fosters trust that data will not be misused in harmful ways. This Report begins by assessing how better use and reuse of data can enhance the design of public policies, programs, and service delivery, as well as improve market efficiency and job creation through private sector growth. Because better data governance is key to realizing this value, the Report then looks at how infrastructure policy, data regulation, economic policies, and institutional capabilities enable the sharing of data for their economic and social benefits, while safeguarding against harmful outcomes. The Report concludes by pulling together the pieces and offering an aspirational vision of an integrated national data system that would deliver on the promise of producing high-quality data and making them accessible in a way that promotes their safe use and reuse. By examining these opportunities and challenges, the Report shows how data can benefit the lives of all people, particularly poor people in low- and middle-income countries. .