Main Categories | Law | Data Act

DA.600 Technical protection measures

 

 

Art. 11 Data Act - Trialogue Agreement

 

Technical protection measures and provisions on unauthorised use or disclosure of data

 

1.           A data holder may apply appropriate technical protection measures, including smart contracts and encryption, to prevent unauthorised access to the data, including metadata, and to ensure compliance with Articles 5, 6, 8, and 9, as well as with the agreed contractual terms for making data available. Such technical protection measures shall neither discriminate between data recipients, nor hinder the user’s right to effectively obtain a copy, retrieve, use or access data or provide data to third parties pursuant to Article 5 or any right of a third party under Union law or national legislation implementing Union law as referred to in Article 8(1). Users and third parties shall not alter or remove such technical protection measures unless agreed by the data holder.

 

2.           Where a third party or a data recipient has:

- for the purposes of obtaining data provided false information to a data holder, deployed deceptive or coercive means or abused gaps in the technical infrastructure of the data holder designed to protect the data,

- used the data made available for unauthorised purposes, including the development of a competing product within the meaning of Article 6 (2) (e),

- unlawfully disclosed data to another party,

- not maintained the technical and organisational measures agreed in accordance with Article 5(8), or,

- altered or removed technical protection measures applied by the data holder, in accordance with paragraph 1, without the agreement of the data holder;

the third party or data recipient shall comply  without undue delay with the requests of the data holder or where applicable, the trade secret holder when they are not the same person, or the user to:

(a)     erase the data made available by the data holder and any copies thereof, without undue delay;

(b)     end the production, offering, placing on the market or use of goods, derivative data or services produced on the basis of knowledge obtained through such data, or the importation, export or storage of infringing goods for those purposes, and destroy any infringing goods, where there is a serious risk that the unlawful use of those data will cause a significant harm to the data holder or the user or where such a measure would not be disproportionate in light of the interests of the data holder or the user;

(ba)   inform the user of the unauthorised use or disclosure of the data and measures taken to put an end to the unauthorised use or disclosure of the data;

(c)     compensate the party suffering from the misuse or disclosure of such unlawfully accessed or used data.

 

2a.          Where a user alters or removes technical protection measures applied by the data holder or does not maintain the technical and organisational measures taken by the user in agreement with the data holder or the trade secrets holder, if it is not the data holder, in order to preserve trade secrets, the data holder shall have the same rights against the user's behaviour under paragraph 2. The same shall apply to any other third party having received the data from the user in violation of this Regulation.

 

2b.         Where the data recipient has acted in violation of Article 6(2), points (a) and (b), users shall have the same rights as data holders under paragraph 2.

Authors
Winfried Veil
Related Tiles (0)
Social Media
Last update: 2023-08-06 14:51:59
By: Winfried Veil
Created at: 2022-02-25 21:34:00