Fintech Data Contracts
Chris Hill
15 years: Financial technology law
Data is a valuable resource, and is beset by the complexity of being governed by a number of different areas of law. Chris attempts to answer the essential question of “what can I do with the data?” by explaining how a contract can be used to determine the legal default positions.
Data is a valuable resource, and is beset by the complexity of being governed by a number of different areas of law. Chris attempts to answer the essential question of “what can I do with the data?” by explaining how a contract can be used to determine the legal default positions.
Subscribe to watch
Access this and all of the content on our platform by signing up for a 7-day free trial.
Fintech Data Contracts
10 mins 15 secs
Key learning objectives:
How can we determine what the default position is?
What is a “new” data set, and how can it be managed?
What other issues need to be thought through before drafting a contract?
Overview:
In order to answer the essential question of “what can I do with the data?”, you need to understand the position under each area of law individually, this includes IP, privacy and data protection, regulation and confidentiality. Moving forward to put together a contract that takes you away from the default legal position and builds the rules to get you to the set of powers you need.
Subscribe to watch
Access this and all of the content on our platform by signing up for a 7-day free trial.
What is a data contract?
They act as a means for two parties to agree where and how they are going to move away from the “natural order” of how the law would otherwise dictate how the subject matter of the contract is treated.How can we determine what the default position is?
In order to work out the overall default position, first you have to understand the position under each area of law on its own, and then you have to work out which takes precedence over which:
- Intellectual Property
- Who has created the data, who owns the IP rights in it, and who therefore has a right, by virtue of that intellectual property law to prevent others from using that data?
- Privacy and Data Protection
- Is this personal data, and if so, have you established the relevant legal basis in place to do with the data what you wish?
- Financial Regulation
- For example, parts of the open banking regime in relation to account information service providers, dictate that data has to be used and disseminated only for the provision of the account information service that the customer has explicitly asked for
- Confidentiality
- Using data may breach confidentiality obligations, whether these are under a Non-Disclosure Agreement, a confidentiality clause in a contract, or an unwritten, common law duty of confidentiality
What is a “new” data set?
The core principle behind creating new datasets is that you are taking one or more sets of “ingredient” data and carrying out some sort of analysis on them, or mingling them together, to get you to a position where you have a new data set that helps you understand something different.How is this “new” data managed?
In order to understand what you can and can’t do with this new data set, you have to analyse the rights and rules in both the ingredient data and the new data, so you can then put the relevant contracts in place to allow you to do what you need to:
- Work out who owns the IP rights
- Assuming that the new data set does constitute some form of IP, the default position under English law is that it is usually the creator of the IP that is the owner of it. Secondly, you need to establish whether you had the necessary license rights in place to create it in the first place. Also, where did you get the constituent parts of the new data from - the ingredients - and did the license under which you received it allow you to create new data using it?
- Check the Privacy of the Data
- If the ingredient data is itself personal data, then you will need to establish a legal basis (such as consent, contractual performance) in order to carry out the aggregation itself. Also, does the new data set you are creating still tie back to an individual, such that it is still personal data and you need to establish a legal basis to use it further?
- Check the Confidentiality
- Was there some kind of confidentiality restriction in place which would have prevented the creation of the new data? Or, does the new data set still reveal so much about the party from whom you obtained the ingredient data, that to disseminate it in the way you intend would in itself be a breach of confidentiality obligation to that party?
- Have you complied with any relevant regulatory restrictions in creating the data?
What other issues need to be thought through before drafting a contract?
Whenever new data is being created, it is worth thinking through the different rights and commercial sensitivities that this new data brings with it. For example:
- What could you do with the new data that the other party doesn’t want you to do?
- What could the other party do with the data that would harm your business?
- What other mechanisms could you take advantage of to get hold of and use the data in the way that you wish to?
- Can you use open banking to get hold of transactional data?
- It is also worth mentioning that “who owns the customer” really means which party has the power to market to the customer during and after the term of the contract, and which party can re-use data created or received in relation to that customer during this commercial relationship and after the contract is terminated
Subscribe to watch
Access this and all of the content on our platform by signing up for a 7-day free trial.
Chris Hill
There are no available Videos from "Chris Hill"