Recital 33

It is important to enable a competitive environment for data sharing. A key element by which to increase the trust and control of data holders, data subjects and data users in data intermediation services is the neutrality of data intermediation services providers with regard to the data exchanged between data holders or data subjects and data users. It is therefore necessary that data intermediation services providers act only as intermediaries in the transactions, and do not use the data exchanged for any other purpose. The commercial terms, including pricing, for the provision of data intermediation services should not be dependent on whether a potential data holder or data user is using other services, including storage, analytics, artificial intelligence or other data-based applications, provided by the same data intermediation services provider or by a related entity, and if so to what degree the data holder or data user uses such other services. This will also require structural separation between the data intermediation service and any other services provided, so as to avoid conflicts of interest. This means that the data intermediation service should be provided through a legal person that is separate from the other activities of that data intermediation services provider. However, the data intermediation services providers should be able to use the data provided by the data holder for the improvement of their data intermediation services.

Data intermediation services providers should be able to put at the disposal of data holders, data subjects or data users their own or third-party tools for the purpose of facilitating the exchange of data, for example tools for the conversion or curation of data only at the explicit request or approval of the data subject or data holder. The third-party tools offered in that context should not use data for purposes other than those related to data intermediation services. Data intermediation services providers that intermediate the exchange of data between individuals as data subjects and legal persons as data users should, in addition, bear fiduciary duty towards the individuals, to ensure that they act in the best interest of the data subjects. Questions of liability for all material and immaterial damage and detriment resulting from any conduct of the data intermediation services provider could be addressed in the relevant contract, on the basis of national liability regimes.