This website uses cookies
This website uses cookies necessary for its proper functioning. We respect your privacy and do not collect your data for visit statistics.
Accept Deny all

Our lawyers speak out

New regime for data intermediation services in France under ARCEP supervision

💡LAW no. 2024-449 of 21 May 2024 aimed at securing and regulating the digital space (SREN Law) has been enacted!

This long-awaited law applies the provisions of several European regulations, in particular Regulation (EU) No 2022/868 on European data governance (DGA) and Regulation (EU) No 2023/2854 on data (Data Act).

🔍 The DGA establishes a new regime for providers supplying a data intermediation service (PSID). This service ‘is intended to establish commercial relationships for the purpose of sharing data between an indeterminate number of data subjects and data holders on the one hand and data users on the other (
).’ Exceptions to the PSID regime are specified at a minimum. These exceptions include the sharing of data within a closed group, including in the context of supplier or customer relationships or collaborations established by contract, in particular those whose main purpose is to guarantee the functionalities of objects and devices connected to the Internet of Things.

📌This new regime is associated with strict obligations for PSIDs. In addition to the obligation to notify the competent authority in their Member State, PSIDs must guarantee the neutrality and security of shared data, and transparency vis-à-vis businesses and individuals.

📌This new regime is associated with strict obligations for PSIDs. In addition to the obligation to notify the competent authority in their Member State, PSIDs must guarantee the neutrality and security of the data shared, and transparency vis-à-vis the businesses and individuals using their space. The requirement for neutrality means that the activity must be carried out within a separate legal entity.

The aim is to establish an environment of trust for the development of data marketplaces in Europe.

Designated by the new SREN law, the Autorité de régulation des communications électroniques, des postes et de la distribution de la presse (Arcep) is now the competent authority in France for data intermediation services.

💭 ARCEP will therefore be at the heart of this new system and the questions that arise regarding its scope and application, in particular:

  • is the PSID regime mandatory or optional?
  • What interpretation should be given to the exceptions to this regime, in particular the ‘closed group’ exception?

📄 According to our analysis, the PSID regime is mandatory as soon as the criteria of the definition are met.

🔾The obligations under the regime would therefore apply to any company providing intermediation services in France, even if it fails to notify ARCEP of its activity.

📄 ARCEP will be responsible for verifying the application of the regime on a case-by-case basis and, if necessary, justifying any exceptions.

The ‘closed group’ exception will undoubtedly be frequently invoked by players in the sector to avoid the restrictive PSID regime.One possible interpretation would be that the ‘closed group’ would involve a specific number of companies or individuals concerned, as opposed to a group ‘open to all’.

👉 However, care will have to be taken to avoid the pitfall of an exception which, if applied too widely, ends up destroying the principle.

📈 At a time when the battle for AI, and more broadly for digital technologies, is raging, the development of data marketplaces is a strategic issue for Europe.

Our firm is committed to clarifying these key concepts. Keep up to date with the latest legal developments by following our practice!

Articles

24 . 05 . 2024

New regime for data intermediation services in France under ARCEP supervision

💡LAW no. 2024-449 of 21 May 2024 aimed at securing and regulating the digital space (SREN Law) has been enacted! This long-awaited law applies the provisions of several European regulations, in particular Regulation (EU) No 2022/868 on European data governance (DGA) and Regulation (EU) No 2023/2854 on data (Data Act). 🔍 The DGA establishes a […]

24 . 05 . 2024

Nouveau rĂ©gime de service d’intermĂ©diation de donnĂ©es en France sous le contrĂŽle de l’ARCEP

💡La LOI n° 2024-449 du 21 mai 2024 visant Ă  sĂ©curiser et Ă  rĂ©guler l’espace numĂ©rique (Loi SREN) a Ă©tĂ© promulguĂ©e ! Cette loi tant attendue applique les dispositions de plusieurs rĂšglements europĂ©ens, notamment le rĂšglement (UE) n° 2022/868 portant sur la gouvernance europĂ©enne des donnĂ©es (DGA) et le rĂšglement (UE) n° 2023/2854 sur les […]

20 . 05 . 2024

Conférence sur le pouvoir et le design

Rendez-vous le 20 juin Ă  l’Ă©cole de droit HEAD, 18h30 pour assister Ă  une ConfĂ©rence sur le pouvoir et le design. En prĂ©sence de Jacques Hervouet, directeur de la Galerie HERVOUET, nous explorerons la relation entre les objets de design et le pouvoir, et comment ce dernier s’est appropriĂ© ces Ă©lĂ©ments pour asseoir son prestige, […]

09 . 05 . 2024

Survey-Magazine

Ravi de partager mon analyse rĂ©cente sur les enjeux cruciaux de l’intelligence artificielle gĂ©nĂ©rative et les droits d’auteur dans un monde juridique en pleine Ă©volution. Dans cet article pour Survey-Magazine, il est question des rĂ©ponses – et des limites – apportĂ©es par la Directive e-copyright et le nouveau IA Act aux dĂ©fis de la transparence […]

09 . 05 . 2024

Survey-Magazine

Delighted to share my recent analysis on the crucial issues of generative artificial intelligence and copyright in a rapidly changing legal world. In this article for Survey-Magazine, I discuss the responses – and limitations – of the e-copyright Directive and the new IA Act to the challenges of transparency and remuneration for authors whose content […]

08 . 03 . 2024

Intervention au forum de leaders européen

InvitĂ© par CEO CF au forum de leaders europĂ©ens qui se tenait Ă  Milan du 6 au 8 mars, Constantin PavlĂ©as a prĂ©sentĂ© l’IA Act, les opportunitĂ©s qu’il recĂšle mais Ă©galement les nombreuses questions d’application et de dĂ©savantage concurrentiel pour les petites et moyennes entreprises europĂ©ennes, par rapport aux acteurs amĂ©ricains, indiens ou chinois de […]

06 . 03 . 2024

Lex inside : les enjeux du Data Privacy Framework

J’ai eu l’occasion de m’exprimer dans l’Ă©mission Lex Inside prĂ©sentĂ©e par Arnaud Dumourier Ă  propos des enjeux du Data Privacy Framework. J’ai notamment rappelĂ© que cet accord Ă©tait susceptible d’ĂȘtre invalidĂ© pour des raisons Ă  la fois politiques et juridiques. Regardez l’interview pour comprendre les implications politiques et juridiques de cet accord : https://www.linkedin.com/posts/adumourier_lexinside-droit-activity-7170726954097070080-3NaD?utm_source=share&utm_medium=member_desktop

06 . 03 . 2024

Lex inside : the implications of the Data Privacy Framework

I had the opportunity to speak on the Lex Inside program presented by Arnaud Dumourier about the challenges of the Data Privacy Framework. I pointed out that this agreement is likely to be invalidated for both political and legal reasons. Watch the interview to understand the political and legal implications of this agreement : https://www.linkedin.com/posts/adumourier_lexinside-droit-activity-7170726954097070080-3NaD?utm_source=share&utm_medium=member_desktop

06 . 03 . 2024

BETWEEN EFFECTIVENESS AND LIMITS: NETWORK MODERATION IN THE GARE DE LYON CASE

The case of the attacker at the Gare de Lyon train station raises a number of questions, including the responsibility of social networks and their moderation systems. The alleged assailant, originally from Mali, had posted several videos on TikTok in French and in his native language. In these videos, he expressed his hatred of France […]

09 . 02 . 2024

Entre efficacité et limites : la modération sur les réseaux dans l'affaire de la gare de Lyon

L’affaire de l’agresseur de la gare de Lyon soulĂšve plusieurs questions, dont celle de la responsabilitĂ© des rĂ©seaux sociaux et de leurs systĂšmes de modĂ©ration. L’agresseur prĂ©sumĂ©, originaire du Mali, aurait diffusĂ© plusieurs vidĂ©os sur TikTok en français et dans sa langue natale. Dans ces vidĂ©os, il exprimait des propos haineux, dont sa dĂ©testation de la France […]

27 . 01 . 2024

DĂ©cryptage : le Data Privacy Framework

Le Data Privacy Framework (DPF) est le dispositif mis en place par la Commission europĂ©enne et la Federal Trade Commission pour faciliter le transfert de donnĂ©es depuis l’Espace Ă©conomique europĂ©en vers les Etats-Unis. Il succĂšde au Privacy Shield invalidĂ© par la Cour europĂ©enne de justice en juillet 2020 Ă  la suite de l’action intentĂ©e par Max Schrems, tenant notamment aux moyens […]