Machine-generated data is increasingly gaining in importance and relevance to business activities.
Cloud services, online and mobile user activities, server logs, vehicle telemetry, car-sharing services, sensor data, processes in the manufacturing and transport industry generate huge amounts of data. In Germany, a prominent buzzword for this is Industrie 4.0. The internet of things and smart devices are moving from buzzwords to actual facts of daily life. Big data thus generated can be mined and analyzed, and may form the basis for data-driven innovations in new commercial products and services, enabling customized information products and concepts like predicting consumer behavior, predictive maintenance and precision logistics and stock-keeping. Such data may become a business asset in itself and may become a valuable commodity.
This raises the question of data ownership, that is, if and how such data can be legally protected.
German and European law does not recognize ownership in data as such. Instead, data may be protected in various ways and in certain aspects.
Personal data may of course be subject to privacy laws and data protection laws. German data protection law traditionally is relatively strict, and much is harmonized under European data protection laws. Business seeking to use and exploit personal data of users, customers or other people in general need to act in compliance with data protection laws.
The integrity of the data may be protected under criminal law. Data tampering is a criminal offense according to section 303a of the German Criminal Code (StGB).
The same goes for data espionage and trafficking (sections 202a ff. StGB).
Cease and desist orders may be sought and damages claimed under German civil law (sections 823 subsection 2 German Civil Code).
Data may qualify as a trade secret and industrial secret under section 17 of the German Act Against Unfair Competition and the EU Directive on the protection of undisclosed know-how and business information.
While creative works and databases as such are protected under applicable copyright law (in particular databases according to section 87a ff. German Copyright Act)
, accumulated sets of bulk data as such and the findings and algorithms derived from this data as such are not specially protected per se. Since machine-generated data by definition is not generated by a person it cannot be considered a creative work and thus is not copyright protected.
As such, there can be no absolute ownership in such sets of machine-generated data under German law. While the issue is recognized and discussed among jurists and in legislative circles there is no definite regulation yet.
Companies and entrepreneurs seeking protection of valuable data and know-how, therefore, must rely mainly on technical and organizational means of data protection like encryption and limitations on access. If they want to commercialize the data and its use, they must rely on contractual solutions such as non-disclosure agreements and license agreements. These offer a wide range of legal instruments, though issues of safeguarding rights in cases of insolvency or third party interference may pose a challenge.
Creative solutions in industrial data may require creative approaches in contract negotiations and legal strategies. German law offers a wide range of choices and flexibility in contract law and an efficient system of laws and courts to protect innovation, even with new, ground-breaking developments.
If you have any questions please feel free to contact:
Last updated 14 July 2016