The Database Directive, AI and the data economy
Does the database directive (Directive 96/9/EC of the European Parliament and of the Council (Database Directive)) protect machine-generated data and AI? That is one of the questions the European Commission considered in its recently published second evaluation of the Database Directive since its adoption in February 1996, the first having been published in December 2005.
The Commission concludes that the Database Directive has effectively harmonised the national protection regimes regarding databases and is still very relevant as it restricts regulatory fragmentation that could be detrimental to the Digital Single Market. However, despite providing some benefits, the sui generis database right was found to have no proven impact on the overall production of databases in Europe, nor on the competitiveness of the EU database industry.
Protection of Databases
The main objectives of the Database Directive are threefold: (1) to harmonise the protection of databases; (2) to stimulate investment in them; and (3) to safeguard the balance between the rights and interests of database producers and users. To achieve these objectives, the Database Directive provides for two types of legal protection: copyright (Chapter II of the Database Directive) and the sui generis right (Chapter III of the Database Directive).
Whereas copyright protects the structure of databases and accordingly the selection or arrangements of their contents (and accordingly the standard of originality applies), the sui generis right protects databases regardless of their originality, as long as there has been substantial investment in obtaining, verifying or presenting the contents.
Judicial Practice Regarding Databases by the CJEU
In 2004, the Court of Justice of the European Union (CJEU) clarified the scope of the sui generis right and held that the sui generis right as provided by the Database Directive does not apply to databases that are merely the by-products of the main activity of an organisation. Instead, the CJEU requires an owner of a database to show that it has spent significant investment on specific activities in order to invoke sui generis right protection. Furthermore, the CJEU narrowed the protection of the sui generis right by holding that an infringement only occurs if the cumulative effect of an extraction or reutilisation enables the reconstruction of the whole or a substantial part of a database.
According to the Commission’s interpretation of the CJEU judgment in the second evaluation of the Database Directive, this means that the sui generis right does not apply broadly to the data economy (in particular machine-generated data, IoT devices, big data, artificial intelligence) and only covers databases that contain data obtained from external sources (for example, industries like publishers, who seek out data in order to commercialise databases).
Changes to the Sui Generis Right
The European Commission considers that engaging in a process of reforming the sui generis right would currently be largely disproportionate to its overall policy potential and value attributed to it by stakeholders. Any meaningful move towards a policy intervention on the sui generis right would need to be substantial and take into account the policy debates around the data economy more generally.
The European Commission’s view that the effect of CJEU decisions is that the sui generis right does not cover many services of the data economy, including services based on artificial intelligence and machine-learning, is potentially concerning for those businesses occupying that domain, who may currently only have a limited armory of legal redress with which to assert rights over their intellectual investment. However, the European Commission also stated that the application of the sui generis right in the data economy context needs to be closely tracked – it is currently discussing a reform of the EU copyright provisions, including in respect of text and data mining.
Such developments in relation to data directly affect the legal framework relating to artificial intelligence, Big Data and other services within the data economy. Accordingly businesses relying on the use of data in such fields should closely monitor the current discussions and consultations by the EU to assess the impact on business models.