PhD thesis defence by Tommaso Fia
This thesis scrutinises the governance of non-personal data in the European Union. First, it shows that the fundamental dimension of data governance is data access, which is a relation of power of someone (an access granter) over something (non-personal data), and between an access granter and someone who seeks to access data (an access seeker). Large access seekers such as machinery manufacturers, OEMs and big techs restrict access to non-personal data by utilising private law modules such as IP standards, contracts, and TPMs. These form ‘unilateral data control’, and ultimately cause interpersonal and social injustices. The central inquiry driving the research is then how non-personal data should be regulated to address interpersonal and social injustices in data governance.
To answer this question, it is shown that there exist various normative approaches to data governance, ranging from more market-friendly ones (eg libertarian, liberal-egalitarian, and welfarist data governance) to those emphasising human flourishing and political participation (eg communitarian, institutionalist, republican and critical data governance).
Examining the EU data governance laws, the thesis then finds that they primarily focus on market completion. This perspective overlooks other rationales for regulation. Contractually constructed collaborative forms of data governance (such as data sharing pools, data commons, and data trusts) in smart agriculture, smart manufacturing, and the smart city, on the other hand, show that there exist practical ways to open up data access and increase participation and democratic representation for access seekers.
Lastly, the thesis proposes a just data governance system for the EU. Its core components include treating non-personal data as a commons, valuing democratic participation in data governance, positing access rights for seekers, circumscribing data uses, and enhancing fair value distribution.