The European Data Governance Act (DGA)


Training program 1

Preparing for the European Data Governance Act (DGA), for EU and non-EU firms (tailored-made training).

Possible modules of the tailor-made training program

- Introduction.

- Improving the conditions for data sharing in the EU market.

- Creating a harmonised framework for data exchanges.

- Laying down requirements for data governance.


- Subject matter and scope.

- Important definitions.


- Categories of data.

- Prohibition of exclusive arrangements.

- Conditions for re-use.

- Fees.

- Competent bodies.

- Single information points.

- Procedure for requests for re-use.


- Data intermediation services.

- Notification by data intermediation services providers.

- Conditions for providing data intermediation services.

- Competent authorities for data intermediation services.

- Monitoring of compliance.

- Exceptions.


- National arrangements for data altruism.

- Public registers of recognised data altruism organisations.

- Registration of recognised data altruism organisations.

- Transparency requirements.

- Specific requirements to safeguard rights and interests of data subjects and data holders with regard to their data.

- Rulebook.

- Competent authorities for the registration of data altruism organisations.

- Monitoring of compliance.


- Competent authorities and procedural provisions.

- Requirements relating to competent authorities.

- Right to lodge a complaint.

- Right to an effective judicial remedy.


- The European Data Innovation Board.

- Tasks of the European Data Innovation Board.


- International access and transfer.


- Penalties.

- The European Data Governance Act (DGA) applies from 24 September 2023.


- What is extraterritoriality?

- Extraterritorial application of EU law.

- Risk and compliance management challenges for firms established in non-EU countries.


- Master plan and list of immediate actions, for firms established in EU and non-EU countries.

- Closing remarks.


Target Audience, duration.

We offer a 60-minute overview for the board of directors and senior management of EU and non-EU firms, tailored to their needs. We also offer 4 hours to one day training for risk and compliance teams, responsible for the implementation of the EU directives and regulations.


Instructor.

Our instructors are working professionals that have the necessary knowledge and experience in the fields in which they teach. They can lead full-time, part-time, and short-form programs that are tailored to your needs. You will always know up front who the instructor of the training program will be.

George Lekatis, General Manager of Cyber Risk GmbH, can also lead these training sessions. His background and some testimonials: https://www.cyber-risk-gmbh.com/George_Lekatis_Testimonials.pdf


Terms and conditions.

You may visit: https://www.cyber-risk-gmbh.com/Terms.html


Training program 2

Preparing for the European Data Act and the European Data Governance Act (DGA), for EU and non-EU firms (tailored-made training).

Possible modules of the tailor-made training program:


Part 1. The European Data Act.

- Introduction.

- Ursula von der Leyen: Europe must ‘balance the flow and use of data while preserving high privacy, security, safety and ethical standards’.

- The EU broader policy goals.


- Subject matter and scope.

- Harmonised rules on making data generated by the use of a product or related service available to the user of that product or service.

- Harmonised rules on making data available by data holders to data recipients and to public sector entities.

- How the European Data Act affects manufacturers of products and suppliers of services, and the users of such products or services.

- How the European Data Act affects data holders that make data available to data recipients in the EU.

- How the European Data Act affects data processing services, offering such services to customers in the EU.

- When can public sector bodies and EU institutions, agencies or bodies, request data holders to make data available?


- Important definitions.


- Obligation to make data generated by the use of products or related services accessible.

- The right of users to access and use data generated by the use of products or related services.

- Right to share data with third parties.

- Obligations of third parties receiving data at the request of the user.

- Scope of business to consumer and business to business data sharing obligations.


- Conditions under which data holders make data available to data recipients.

- Compensation for making data available.

- Dispute settlement.

- Technical protection measures and provisions on unauthorised use or disclosure of data.

- Scope of obligations for data holders legally obliged to make data available.


- Unfair contractual terms unilaterally imposed on a micro, small or medium-sized enterprise.


- Obligation to make data available based on exceptional need.

- Exceptional need to use data.

- Relationship with other obligations to make data available to public sector bodies and Union institutions, agencies and bodies.

- Requests for data to be made available.

- Compliance with requests for data.

- Obligations of public sector bodies and Union institutions, agencies and bodies.

- Compensation in cases of exceptional need.

- Mutual assistance and cross-border cooperation.


- Removing obstacles to effective switching between providers of data processing services.

- Contractual terms concerning switching between providers of data processing services.

- Gradual withdrawal of switching charges.

- Technical aspects of switching.


- International access and transfer.


- Essential requirements regarding interoperability.

- Interoperability for data processing services.

- Essential requirements regarding smart contracts for data sharing.


- Competent authorities.

- Right to lodge a complaint with a competent authority.

- Penalties.

- Model contractual terms.


- The European Data Act and its connection to other directives and regulations.

- The General Data Protection Regulation (GDPR).

- The ePrivacy Directive.

- The Data Governance Act.

- The Digital Markets Act.

- Other directives and regulations, including the NIS 2 Directive, the European Cyber Resilience Act, the Digital Operational Resilience Act (DORA), the Critical Entities Resilience Directive (CER).


- What is extraterritoriality?

- Extraterritorial application of EU law.

- Risk and compliance management challenges for firms established in non-EU countries.


- Master plan and list of immediate actions, for firms established in EU and non-EU countries.

- Closing remarks.



Part 2. The European Data Governance Act (DGA).

- Introduction.

- Improving the conditions for data sharing in the EU market.

- Creating a harmonised framework for data exchanges.

- Laying down requirements for data governance.


- Subject matter and scope.

- Important definitions.


- Categories of data.

- Prohibition of exclusive arrangements.

- Conditions for re-use.

- Fees.

- Competent bodies.

- Single information points.

- Procedure for requests for re-use.


- Data intermediation services.

- Notification by data intermediation services providers.

- Conditions for providing data intermediation services.

- Competent authorities for data intermediation services.

- Monitoring of compliance.

- Exceptions.


- National arrangements for data altruism.

- Public registers of recognised data altruism organisations.

- Registration of recognised data altruism organisations.

- Transparency requirements.

- Specific requirements to safeguard rights and interests of data subjects and data holders with regard to their data.

- Rulebook.

- Competent authorities for the registration of data altruism organisations.

- Monitoring of compliance.


- Competent authorities and procedural provisions.

- Requirements relating to competent authorities.

- Right to lodge a complaint.

- Right to an effective judicial remedy.


- The European Data Innovation Board.

- Tasks of the European Data Innovation Board.


- International access and transfer.


- Penalties.

- The European Data Governance Act (DGA) applies from 24 September 2023.


- What is extraterritoriality?

- Extraterritorial application of EU law.

- Risk and compliance management challenges for firms established in non-EU countries.


- Master plan and list of immediate actions, for firms established in EU and non-EU countries.

- Closing remarks.


Target Audience, duration.

We offer a 60-minute overview for the board of directors and senior management of EU and non-EU firms, tailored to their needs. We also offer 4 hours to one day training for risk and compliance teams, responsible for the implementation of the EU directives and regulations.


Instructor.

Our instructors are working professionals that have the necessary knowledge and experience in the fields in which they teach. They can lead full-time, part-time, and short-form programs that are tailored to your needs. You will always know up front who the instructor of the training program will be.

George Lekatis, General Manager of Cyber Risk GmbH, can also lead these training sessions. His background and some testimonials: https://www.cyber-risk-gmbh.com/George_Lekatis_Testimonials.pdf


Terms and conditions.

You may visit: https://www.cyber-risk-gmbh.com/Terms.html


Cyber Risk GmbH, some of our clients