Creating Innovations within the Framework of Scientific and Industrial Consortia and Compliance with Data Protection Obligations
DOI:
https://doi.org/10.15290/eejtr.2024.08.01.07Słowa kluczowe:
personal data, GDPR, innovation, consortium agreement, science and business cooperationAbstrakt
One of the elements of building a competitive advantage is the development of innovations. With this objective in mind, market players cooperate with other businesses, but also with entities in the science sector, including research institutes and universities. One of the instruments used for this purpose is a consortium agreement, Such cooperation requires defining, first of all, issues related to intellectual property rights. Since personal data may be processed as part of such agreements, it is important to bring these processes in line with legal requirements under data protection laws, particularly the GDPR. The article analyzes first of all what personal data processing processes may be applicable in cooperation between science and business in the field of innovation, what roles in terms of personal data protection are played by the various entities and what obligations they entail, what special obligations in terms of personal data protection arise from the establishment of international consortia, including with entities from countries outside the European Economic Area, and are the rules that govern the responsibility of these entities for the fulfillment of their obligations under personal data protection regulations. Alignment of the collaborations carried out by consortium members with applicable legal requirements not only safeguards them legally, but also affects the economic and commercialization potential of the results generated in the course of such collaboration. These entities are thus seen as socially responsible, which fosters trust among science and business partners, public bodies, as well as customers benefiting from the innovations created.
Pobrania
Bibliografia
Colcell, V. (2019). Joint Controller Agreement under GDPR. EU and Comparative Law Issues and Challenges Series (ECLIC), 3, 1030-1047. https://doi.org/10.25234/eclic/9043.
Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council (Text with EEA relevance), C/2021/3972 (OJ L 199, 7.6.2021), p. 31–61.
Commission Implementing Decision EU 2023/1795 of 10 July 2023 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate level of protection of personal data under the EU-US Data Privacy Framework (notified under document C(2023)4745) (Text with EEA relevance), C/2023/4745 (OJ L 231, 20.9.2023), p. 118–229.
DESCA – Model Consortium Agreement for Horizon Europe, ver. 2.0, February 2024. Accessed August 2, 2024: https://www.desca-agreement.eu/desca-model-consortium-agreement/.
Detlev, G., & Hickman, T. (2019). Obligations of controllers - Unlocking the EU General Data Protection Regulation: A practical handbook on the EU’s new data protection law. https://www.whitecase.com/insight-our-thinking/chapter-10-obligations-controllers-unlocking-eu-general-data-protection.
Directive (EU) 2016/943 of the European Parliament and of the Council of 8 June 2016 on the protection of undisclosed know-how and business information (trade secrets) against their unlawful acquisition, use and disclosure (Text with EEA relevance) (OJ L 157, 15.6.2016), p. 1–18.
European Commission (2024). European Innovation Scoreboard. https://op.europa.eu/en/publication-detail/-/publication/8a4a4a1f-3e68-11ef-ab8f-01aa75ed71a1/language-en/format-PDF/source-search.
European Data Protection Board. Guidelines 07/2020 on the concepts of controller and processor in the GDPR adopted on 07.07.2021 r., v. 2.1. https://www.edpb.europa.eu/our-work-tools/documents/public-consultations/2020/guidelines-072020-concepts-controller-and_en.
European Parliament (2020). The impact of the General Data Protection Regulation (GDPR) on artificial intelligence. https://www.europarl.europa.eu/stoa/en/document/EPRS_STU(2020)641530.
European Research Area. https://www.consilium.europa.eu/en/policies/european-research-area/.
Fajgielski, P. (2022). Komentarz do rozporządzenia nr 2016/679 w sprawie ochrony osób fizycznych w związku z przetwarzaniem danych osobowych i w sprawie swobodnego przepływu takich danych oraz uchylenia dyrektywy 95/46/WE (ogólne rozporządzenie o ochronie danych) [A commentary to Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). In: Ogólne rozporządzenie o ochronie danych osobowych. Ustawa o ochronie danych osobowych. Komentarz (2nd ed., art. 26) Warsaw: Lex.pl.
Guarda, P. (2015). Consortium Agreement and Intellectual Property Rights within the European Union Research and Innovation Programme. European Intellectual Property Review, 37, 161-171.
Hintze, M. (2018). Data Controllers, Data Processors, and the Growing Use of Connected Products in the Enterprise: Managing Risks, Understanding Benefits, and Complying with the GDPR. Journal of Internet Law (Wolters Kluwer), 1-21. http://dx.doi.org/10.2139/ssrn.3192721.
Horizon Europe Programme. https://www.consilium.europa.eu/en/policies/horizon-europe/.
Judgment in Case C-683/21, NACIONALINIS VISUOMENĖS SVEIKATOS CENTRAS PRIE SVEIKATOS APSAUGOS MINISTERIJOS v. VALSTYBINĖ DUOMENŲ APSAUGOS INSPEKCIJA, ECLI:EU:2024:914.
Judgment of the CJEU of December 21, 2023 in the case ZQ v. MEDIZINISCHER DIENST DER KRANKENVERSICHERUNG NORDRHEIN, KÖRPERSCHAFT DES ÖFFENTLICHEN RECHTS, C-667/21, www.eur-lex.europa.eu (accessed on August 4, 2024).
Judgment of the CJEU of January 25, 2024 in the case BL v. MEDIAMARKTSATURN HAGEN-ISERLOHN GMBH, ANCIENNEMENT SATURN ELECTRO-HANDELSGESELLSCHAFT MBH HAGEN, C-687/21, www.eur-lex.europa.eu (accessed on August 4, 2024).
Judgment of the CJEU of July 29, 2019 in the case C-40/17, Fashion ID GmbH & Co.KG v. Verbraucherzentrale NRW eV, ECLI:EU:2018:1039.
Judgment of the CJEU of June 20, 2024 in the case AT I BT AGAINST PS GBR AND IN., C-590/22, www.eur-lex.europa.eu (accessed on August 4, 2024).
Judgment of the CJEU of June 20, 2024 in the case JU I SU v. SCALABLE CAPITAL GMBH, C-182/22, www.eur-lex.europa.eu (accessed on August 4, 2024).
Judgment of the CJEU of June 5, 2018 in the case C-210/16, UNABHÄNGIGES LANDESZENTRUM FÜR DATENSCHUTZ SCHLESWIG-HOLSTEIN v. WIRTSCHAFTSAKADEMIE SCHLESWIG-HOLSTEIN GMBH, CLI:EU:C:2018:388.
Juliussen, B.A., Kozyri, E., Johansen D., & Rui, J.P. (2023). The third country problem under the GDPR: enhancing protection of data transfers with technology. International Data Privacy Law, 13, 225-243. https://doi.org/10.1093/idpl/ipad013.
Lavikka, R., Seppänen, O., Peltokorpi, Lehtovaara, J. (2020). Fostering process innovations in construction through industry–university consortium. Construction Innovation, 20(4), 569-586. https://doi.org/10.1108/CI-08-2019-0081.
List of decisions issued by the European Commission establishing an adequate level of data protection. https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en (accessed on August 3, 2024).
Organisation for Economic Co-operation and Development (2018). Oslo Manual. Guidelines for Collecting, Reporting and Using Data on Innovation, 4th Edition. https://www.oecd.org/en/publications/oslo-manual-2018_9789264304604-en.html.
Phillips, M. (2018). International data-sharing norms: from the OECD to the General Data Protection Regulation (GDPR). Open access, 137, 575-582.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).
Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence and amending Regulations (EC) No 300/2008, (EU) No 167/2013, (EU) No 168/2013, (EU) 2018/858, (EU) 2018/1139 and (EU) 2019/2144 and Directives 2014/90/EU, (EU) 2016/797 and (EU) 2020/1828 (Artificial Intelligence Act), OJ L, 2024, p. 1689.
Sheryl Sandberg at MIT Commencement 2018. https://news.mit.edu/2018/sheryl-sandberg-commencement-address-0608.
Taieb, S.H. (2024). Measuring the third mission of European Universities: A systematic literature review. Society and Economy, 2, 147–167. https://doi.org/10.1556/204.2023.00030.
Treaty of March 25, 1957 on the Functioning of the European Union (consolidated Version), OJ C 326/47, 26.10.2012, p. 47-390.
Treaty of March 25, 1957 on the Functioning of the European Union (consolidated Version), OJ C 326/47, 26.10.2012, p. 47-390.
Zawadzka, N. (2018). In: E. Bielak-Jomaa & D. Lubasz (Eds.), RODO. Ogólne rozporządzenie o ochronie danych. Komentarz (art. 82) [GDPR. General Data Protection Regulation. A commentary]. Warsaw: Lex.pl.
Pobrania
Opublikowane
Numer
Dział
Licencja
Utwór dostępny jest na licencji Creative Commons Uznanie autorstwa 4.0 Międzynarodowe.
1. The Author declares that he or she has created the written work and holds exclusive and unlimited copyright /both moral and property rights/ and guarantees that no third parties have rights to the work.
2. In the view of the Copyright and Related Rights Act, a work must fulfill the following criterion:
a) be a manifestation of creative work,
b) have an individual character („author’s personal stamp”),
c) have a set form.
3. The Author declares that the text has not been previously published (under the same or different title, or as a part of another publication).
4. The Author allows (grants a non-exclusive license) the publishing house of University of Białystok to use the scholarly text to:
- preserve and multiply by means of any technique; save in a digital form with no limitations as to the manner and form of digital preservation;
- upload online with no limitations as to the place and time of access.
5. The Author grants consent for editorial changes made in the work.
6. The Author grants the University of Białystok rights free of charge for the duration of property copyright with no territory limits. The University has the right to grant sublicenses in the acquired rights.
7. Granting a non-exclusive license allows the Author to preserve their rights and allows other parties to make use of the work according to sublicensing agreement with provisions identical as those of Attribution 4.0 Internacional License (CC BY 4.0), available online at: https://creativecommons.org/licenses/by/4.0/. License to all its content published from 2023 and CC BY-NC-ND 4.0 to all its content published from 2017 to 2022.
8. The Agreement has been concluded for an indefinite period of time.
9. Because of costs born in preparation of the work for publishing, the Parties oblige themselves to act in good faith and refrain from declining to grant licenses.
10. To all matters not settled herein, provisions of the Civil Code and Copyright and Related Rights Act of 1994, February 4 shall apply.
11. All disputes shall be resolved by a court of local jurisdiction for the place of seat of University of Białystok.
