Regulating access to Open Data – free access to data held by public bodies.

Current legal framework…

The Luxembourg Government’s Open Data strategy addresses the following situation: “The public sector gathers and stores large quantities of data that could be of interest to individuals and businesses, but the data is not often accessible to the public. Yet unimpeded access to such data constitutes one of the fundamental principles of democracy, and is a vital element in a policy of transparency and openness.1

Open Data essentially consists of freely accessible documents and/or statistical data produced by public sector bodies of the Member States.2

In Luxembourg, the amended Law of 4 December 2007 on the re-use of public-sector information (the “2007 Law”) currently regulates Open Data. The 2007 Law transposed into Luxembourg Law Directive 2003/98/EC of 17 November 2003 on the re-use of public sector information (the “Open Data Directive”), amended by Directive 2013/37/EU of 26 June 2013.

soon to be repealed…

On 25 April 2018, as part of a package of measures aiming to facilitate the creation of a common data space in the EU, the European Commission (EC) proposed to review the Open Data Directive. According to an impact assessment by the EC and given the further amendments to be made, a recast of the amended Open Data Directive was adopted on 20 June 2019 resulting in Directive (EU) 2019/1024 on open data and the re-use of public sector information (the “New Open Data Directive”).

The New Open Data Directive repeals the Open Data Directive from 17 July 2021 and focuses notably on:

  • reducing market entry barriers, in particular for SMEs, by limiting the exceptions that allow public bodies to charge more for the re-use of their data than the marginal costs of dissemination;
  • increasing business opportunities by encouraging the dissemination of dynamic data via application programming interfaces (APIs).

The Luxembourg Parliament is currently discussing Bill of Law No. 7643 (“BoL 7643”) with a view to transposing the New Open Data Directive into Luxembourg law. BoL 7643 intends to repeal the 2007 Law.

On 20 January 2021, the Commission Nationale pour la Protection des Données (CNPD)3 issued its opinion on BoL 7643. While globally welcoming the proposed objectives, the CNPD insists on the need to ensure the protection of personal data and right to privacy when granting access to public sector documentation. In particular, based on Recital 154 of GDPR4 to be read in conjunction with Article 25 of the GDPR, the CNPD recommends assessing access rights under certain sector-specific laws while public entities should consider issuing documents containing, by default, a minimum level of personal data or even anonymised data. Indeed, the CNPD notes that certain pieces of legislation may contradict each another to a certain extent as, for instance, it cannot be excluded that the said sector-specific laws5 may permit access to documents containing personal data, while general access rules, as provided under the amended Law of 14 September 2018 on transparent and open administration, lays down the common general principles and limits on such access right.

and complemented by rules on data sharing

In contrast with Open Data, the Proposal for a Regulation on European data governance 6(the “Data Governance Act”) intends to govern access to existing documents held by public sector bodies of the Member States. In a way, it complements the New Open Data Directive by addressing sharing mechanisms for data held by public sector bodies that is subject to rights of others (such as documents on which third parties hold intellectual property rights) and therefore falls outside the scope of the latter.

Read more about the Data Governance Act.

Sign In

Lost Password