This short paper will discuss the right to access and port data under EU Competition Law and EU sector-specific regulations. While general Competition Law is not readily available, stipulating a difficult test for the plaintiff, the EU Commission seems very keen on granting access and portability rights to data under newly enacted sector specific regulations, without any scrutiny in reference to the competitive effects of such rights. Indeed, to access and port data under these sector specific regulations are available to any comers. The paper concludes that enacting sector-specific regulations granting access to data without utilizing competition law principles may prove disastrous, and the Commission should rethink the aim of granting access to data to all and everyone.

By Björn Lundqvist1



This short paper will discuss the right to access and port data under EU Competition Law and EU sector-specific regulations. While general Competition Law is not readily available, stipulating a difficult test for the plaintiff, the EU Commission seems very keen on granting access and portability right to data under newly enacted sector specific regulations, without any scrutiny in reference to the competitive effects of such rights. Indeed, to access and port data under these sector specific regulations are available to any comers. The paper concludes that enacting sector-specific regulations granting access to data without utilizing competition law principles may prove disastrous, and the Commission should rethink the aim of granting access to data to all and everyone.



To use general EU competition law doctrines such as the refusal to supply doctrine to gain access to data in the digital economy may be somewhat problematic. Often platforms, such as Google and Amazon, would be the main targets for a claim for access, and the potential accessees would generally be business users of these respective services. But, these claims for access have several hurdles to overcome to become successful: Is the platform or data holder dominant on a relevant market? How should the relevant market be identified? Are there double or multisided markets? Moreover, in reference to the exceptional circumstance doctrine: accessing data, is that such an “exception” situation, where data access is indispensable for pursuing the user’s business? Is there a second (downstream) market that the platform is reserving for itself? Is there an elimination of competition and the prevention of the appearance of a new product? All these requirements can be found in the case law of exceptional circumstance doctrine, i.e. Magill,2 IMS Health3 and Microsoft.4 In the scenario of a competitor wanting access to specific, unique, data sets, indispensable for the business conduct, competition law has an applicability, but, that scenario is perhaps not so common. Multihoming of data makes unique datasets scarce, while from the outset, it may be difficult to find data indispensable for firms that are already active in the relevant market. Indeed, the essential facility, or exceptional circumstance, doctrine sets high thresholds and is very case specific, making it difficult to develop a general doctrine for accessing data in the digital economy under Competition Law.

Notwithstanding the above, the Magill “logic” at first glance works well in a data scenario: entities (in the Magill case the publicly owned BBC and RTE et al), engaging in their primary market or (public) task (producing and distributing TV programmes), create information, (in the form of TV listings) that were copyright protected. They are, under the rules of abuse of dominance, required to give access to this information (the TV listings), due to its indispensability and that a refusal would be unjust, to an undertaking that will create a new product (TV guides). Thus, in the Magill case the appellants were not allowed to reserve for themselves a secondary market. However, it was a very special case.5 Still, Magill may be used to argue access to certain specific kind of datasets under the exceptional circumstance doctrine. As will be discussed infra, it should also be stressed that the Magill logic has inspired sector specific regulation enacting right to access and port public data. To gain access and to port public authority data for business purposes, similar method as under the Magill is used. Indeed, given that the exceptional circumstance doctrine is seldomly applicable, access to competitors’ data are and will be pursued under sector-specific regulations rather than under general competition law.



It seems clear that for business users of platforms, accessing customer or user data relating the business user’s activity on the platforms, or even more broadly, and the right to transfer such data from a platform to another platform, or in-house, could be very beneficial for the business users commercial strategy. A firm active on, for example, Amazon Marketplace would thus through the data it generates on the Amazon Marketplace website gain in-depth knowledge of the customer base. Something it can use to develop its strategy and product line further. Access and portability right to data may also cause competition to thrive between platforms and in the general data industry if business users could easily shift between platforms and port useful data between the same. Presumably, more data would also be generally traded.

Yet, the exceptional circumstance doctrine, including the essential facility doctrine, is not readily available for gaining access to data, and to port the same. The recent Google Search (Shopping) case of the Commission regarding the practice of self-referencing6 may however reveal a different path to gain data access and be allowed to port data from a platform or competitor. It is worth noting that, notwithstanding the fact that the Commission relied on the argument that the loss of traffic from Google’s general search results pages represents a large proportion of competing comparison shopping services’ traffic which could not effectively be replaced, the Commission framed this case under a standard leverage theory of harm, rather than the more challenging refusal to supply access to an essential facility, or even under a broader theory of exclusionary discrimination under Article 102(c) TFEU. Indeed, the Commission relied on TeliaSonera7 to argue that it is sufficient to establish that Google’s conduct was capable of making it more difficult (i.e. short of impossible) for competing comparison shopping services to access their separate but adjacent markets. This hurdle is clearly lower than a requirement to prove that access to Google’s general search pages is indispensable, which would have been required had Google’s conduct qualified as a vertical foreclosure case akin to a refusal to supply (the Oscar Bronner conditions).8 Could a self-preferencing or leveraging test be used also to gain access to data?

Generally, the requirements for finding abuse under the monopoly-leveraging, or self-preferencing, concept would then need a finding of two separate markets (data market and device market). The dominant intermediate must adopt a business strategy outside the notion of competition on the merits (e.g. non-access to data or discrimination in access to data) on the primary data market. It must subsequently enter onto the (competitive) secondary market or support a proxy’s entry. Entry must cause an exclusionary effect on that market by potentially foreclosing equally efficient, existing competitors due to the lack of access to necessary data held by the dominant platform. Last, the dominant intermediate must have no objective justification for not giving access to the data.9

A leveraging test following the steps above implies that certain features need not be present or, for that matter, identified. The service provided, e.g. the platform service, does not need to be indispensable, and neither dominance on the secondary market nor elimination of competition on that market need be proven. It should be admitted that the steps for a general leveraging test are, by the best estimate, ambiguous. Moreover, the Google case is not resolved yet, and it is even more ambiguous whether the Commission, in the end, will be successful it its line of argument. Indeed, it is very uncertain whether the leveraging doctrine could develop into a general doctrine for accessing and porting data.

The issues regarding obstruction, leveraging and self-preferencing have been discussed in great detail in various reports.10 However, while obstruction of interoperability, data collection and the subsequent use by gatekeeper to enter their customers markets could be addressed as leveraging, self-preferencing or obstruction under Article 102 TFEU, access to, and the right to port of, data is not the natural remedy in these cases. For the porting of and access to data, the exceptional circumstance doctrine is exclusively available, and, as discussed above, not an effective way to pursue.

Forcing porting of data would imply the obligation to collaborate between the platform and the business user. Mandating firms to collaborate is difficult, if they do not want to collaborate. The only case where firms were mandated to collaborate is the US Aspen skiing case which, required ski slopes firms to collaborate for the production of joint ski passes. The EU Microsoft case did include a requirement for Microsoft to share source code etc., but not to collaborate, yet still it was a very difficult remedy to uphold.11

Generally, the right to access and port data under competition law seems difficult.



An alternative route is granting access and portability right under sector specific regulations. To grant access to data, the EU Commission seems keen on using sector-specific regulations Indeed, it seems that rules regarding certain providers, regarding use and access of data (ex ante regulations) are currently seeping in as sector or industry specific regulations, implying an obligation to either share data or to grant open and somewhat non-discriminatory access to platforms and devices, which collects the data.12 However, the sector-specific regulations often address old economy, e.g. banks and transport services, while in reference to regulations for platforms13 and the free flow or data,14 no hard rules on access to data is available.

Firstly, the EU Commission did introduce a platform-to-business (“P2B”) regulation in 2019, which target the platform-business interface.15

The P2B regulation mostly focuses on rules regarding transparency, and it seems clear that the P2B regulation will not directly address access issues. The Commission was somewhat reluctant and hesitant to regulate the P2B in detail. However, the Commission in the P2B addressed the issue with Internet intermediates having access to more data than its customers. The P2B regulation oblige providers of online intermediation services to provide business providers with a clear description of the scope, nature and conditions of their access to and use of customer data generated by the business users’ activities on the platform. Moreover, the P2B regulation states that platforms need to be transparent if they intend to discriminate in reference to access to data, by giving better access to affiliated firms then to the business user. Online search engines and platforms should be transparent about any preferential treatment they give to their own products and services offered through their sites. The P2B regulation thus addresses the issue of data and who has access to, while only providing rules regarding transparency.

Second, in the Data Free Flow Regulation, the European Commission has specifically addressed the issue that firms should be given the right to port non-personal data – especially vis-à-vis cloud providers. In the regulation, the cloud industry should, through self-regulation, come up with a procedure and standard technology so that data can be ported. The proposed regulation contains a call for self-regulation of the right to port data.16 It should be acknowledged that a standardisation organisation now has produced a code of conduct for porting data from cloud to cloud. The code is very detailed and applicable for the members of the organisation. It can be difficult for firms to penetrate.17 Whether the code actually will create a right (erga omnes) to port data between clouds seems unclear at this stage. Yet, it is an indication that self-regulation may work.

The result of the Data Free Flow initiative is somewhat surprising, given the enthusiasm the Commission showed in early policy papers towards implementing a mandatory right to port data for business provider vis-à-vis cloud providers,18 and begs the question whether the right to port should be included in some other legislative effort by the Commission, such as the modernization of the database directive.19

The P2B and Free Flow regulations do not stipulate any hard rules that would enable a more equal playing filed. Access and portability are not legal rights, rather topics for contractual discussions.

Access to data is however enacted under sector specific regulations such as the directive for public data,20 in the field of transport and financial services,21 and in other legislative initiatives.22

The PSI Directive23 already mentioned, stipulates route for accessing public (government) data.24 The main focus of the PSI Directive is very specific. It is to create a levelled playing field when making available PSI as input to a commercial activity, i.e. when the PSI is used as components to new products and services. This should then release the full economic potential of a new emerging area of the ICT sector.25 The PSI Directive is triggered by three prong test:

  1. Are the data created (supplied) inside the public task of the Public Sector Body? If yes, the second question is:
  2. Are the data being re-used by the PSB or some other body on its behalf? In other words, will the data be used for another purpose than the initial purpose? Moreover, does the re-use constitute a commercial activity, e.g. giving access to the dataset to paying subscribers?
  3. If the two first questions are answered in the affirmative, then a number of requirements of requirements for the public authority will apply, including that third parties have the right to access the dataset providing remuneration to the PSB, so to enable the third parties to commercially utilize the data in competition with the PSB and other firms having access to the dataset.

The PSI directive bears similarities even to the Magill case, discussed above. Also, under the Magill, the dominant firm create data (TV-listings) in its primary markets, which access is denied to create a business in a secondary market. Yet, the PSI directive seems also to include a non-discriminatory exclusion rules, similar to the ideas put forward in the French competition law cases GDF26 and EDF.27 Indeed, the PSI directive stipulates a prohibition for Governments and Government Authorities to abuse or discriminate using the power inherent in the data collected, without the need to identify dominance in reference to the Authority or the database.

A similar principle for accessing data can be seen in the EU Regulation on providing multimodal travel information services,28 and to some extent under Directive on Payment Services (“PSD2”) that requires banks to provide data access to third parties. PSD2 is well known, however few know about the Regulation on providing multimodal travel information services. The Regulation requires both private and public transport service providers to grant access to travel data at any time in a machine-readable format through the National Access Point (NAP);29 Those NAPs will gather travel and traffic data from all type of transport from both private and public entities within and, eventually, outside the borders of an EU Member States. The Regulation stipulates that firms have a right to access transport data at any time.

These specific legal systems are examples of rules that are, or are close to, requiring public entities and firms to give access to and the right to port data. It is possibly an indication of an interesting underlying current that the EU legislator try to boost competition and markets by granting access to data, while circumventing general competition law. The idea is to boost competition, without making use of any test of antitrust harm, by opening up the device for collecting data to all-and-everyone. The legal systems do not differentiate between sharing with firms that already possess much data or are indeed hoarding data on several markets, with those firms that do not possess or hoard much data. Whether such a policy is pro-competitive may be disputed. Not only new entrants and small entrepreneurs will be able to obtain data, also incumbent platforms and system leaders will be granted access to these devices or, in reference to government data, the PSI. Indeed, opening up for much information to be available for all and everyone can have large effect of competitive structures of markets, both to the better and the worse.

Moreover, it also begs the question, to be put to the legislator, why similar access rules do not exist for transaction platforms or social platforms. Why not for platform providers when large industries such as the bank sector and the transport sector should be required to give access important and large datasets? Indeed, these sector specific regulations may have the effect of benefiting already large platforms.

Giving access to data is generally pro-competitive, yet a problem with the sector-specific regulations for the data-driven economy is that they do not take into consideration the competitive structure of the markets and market power of the firms that demands data access. Firms that have data-driven business strategies, i.e. hold, seek access to data and use data, and are economically powerful such as certain tech platforms should possibly not be subsidies by having access to data for free. Moreover, if the goal of the digital agenda was to benefit start-ups, entrepreneurial competition and innovation, the sector specific regulations granting access to data, may open up for the possibility to collude.



In this paper, I have discussed the right to access and port data under EU Competition Law and EU sector-specific regulations. It seems clear that while general Competition Law is not readily available, stipulating high thresholds for accessing and porting data, the EU Commission seems very keen on granting access and portability right to data under newly enacted sector specific regulations. This is done without any scrutiny in reference to the anticompetitive effects of such rights.

In a recent communication from February 2020, the EU Commission indicates it wants to pursue the strategy of enacting data access regime on a sector specific level even further. It states that the EU will support, with investments and, possibly, sector specific regulations of, so-called “common data spaces.” Common data places where both public and private entities should be encouraged and forced to give up their data in data pools, or data commons.30 According to the Commission the following areas should hold common data spaces:

  • A Common European industrial (manufacturing) data space, to support the competitiveness and performance of the EU’s industry.
  • A Common European Green Deal data space, to use the major potential of data in support of the Green Deal priority actions on climate change, circular economy, zero- pollution, biodiversity, deforestation and compliance assurance.
  • A Common European mobility data space, to position Europe at the forefront of the development of an intelligent transport system, including connected cars as well as other modes of transport.
  • A Common European health data space.
  • A Common European financial data space.
  • A Common European energy data space, to promote a stronger availability and cross-sector sharing of data, in a customer-centric, secure and trustworthy manner.
  • A Common European agriculture data space.
  • Common European data spaces for public administration.
  • A Common European skills data space, to reduce the skills mismatches between the education and training system.

Neither these common data spaces,31 nor the strategy as a whole, seem to take into consideration the competitive structure of the market or the size of the market presence of the entities that should be allowed access to these data spaces. Indeed, all this data may change the structure of these industries radically. They may can become access tools and further fortify the dominance of already powerful platforms or facilitate other forms of anticompetitive conduct. Indeed, enacting sector-specific regulations granting access to data without utilizing competition law principles may prove disastrous.

1 Associate Professor, Stockholm University.

2 Joined cases C-241/91 and C-242/91, RTE, ITP & BBC v. Commission ECLI:EU:C:1995:98.

3 Case C-418/01 IMS Health GmbH & Co. OHG v. NDC Health GmbH & Co. KG. ECLI:EU:C:2004:257.

4 Case T-201/04 Microsoft Corp. v. Commission of the European Communities ECLI:EU:T:2007:289.

5 Moreover, as Drexl points out, the Magill case could no longer arise as a matter of harmonised copyright law. According to the case-law of the CJEU on the concept of a copyrightable work, the mere listings of TV programs, which are defined by the programming schedule, could no longer be considered as protected by copyright. See, Josef Drexl. in “Data Access and Control in the Era of Connected Devices,” Study on behalf of the European Consumer Association BEUC, Brussels 2018, p 32 making reference to inter alia Joined Cases C-403/08 and C-428/08 Football Association Premier League and Murphy ECLI:EU:C:2011:631, paras 96-98 (holding that football matches are not protected by copyright).

6 Case AT.39740 Google Search (Shopping) Commission Decision, C(2017) 4444 final (June 27, 2017), para 339.

7 Case C-52/09 Konkurrensverket v TeliaSonera Sverige AB ECLI:EU:C:2011:83.

8 Bjorn Lundqvist, Ioannis Lianos, Wang Xianlin, Matt Strader with Igor Nikolic, and the BRICS teams, Chapter 7. Exclusionary and unfair unilateral practices in reference to Platforms, in Digital Era Competition BRICS Report (2019),

9 Ibid.

10 Jacques Crémer, Yves-Alexandre de Montjoye & Heike Schweitzer (2019), Competition policy for the digital era, Publications Office of the European Union; Federal Ministry for Economic Affairs and Energy (2019), A new competition framework for the digital economy. Report by the Commission “Competition Law 4.0”; Furman Report: HM Treasury (2019), Unlocking digital competition, Report of the Digital Competition Expert Panel. Various authors, Digital Era Competition BRICS Report,; Australian Competition and Consumer Commission (2019), Digital Platforms Inquiry. Final Report; BRICS Competition Law and Policy Centre (2019), Digital Era Competition: A BRICS View Committee for the Study of Digital Platforms (2019), Final Report by the Market Structure and Antitrust Subcommittee, George J. Stigler Center for the Study of the Economy and the State.

11 Aspen Skiing Co. v. Aspen Highlands Skiing Corp., 472 U.S. 585 (1985) and Microsoft Corp v Commission (2007) T-201/04, ECLI:EU:T:2007:289.

12 Chisholm, A. & Jung, N., (Spring-Autumn 2015), Platform Regulation — Ex-Ante versus Ex-Post intervention: evolving our antitrust tools and practices to meet the challenges of a digital economy. Competition Policy Int’l. Vol. 11, No. 1, 7-21.

13 The proposed P2B regulation: Brussels, 26.4.2018 COM(2018) 238 final 2018/0112 (COD) Proposal for a regulation on promoting fairness and transparency for business providers of online intermediation services.

14 There are French national initiatives to open e-platforms for third party competitors. See e.g. French Senate Report (March 20, 2013), available at

15 European Commission, Fairness in platform-to-business relations, Ref. Ares(2017)5222469 – 25/10/2017,, accessed May 28, 2018.

16 European Commission, Commission Staff Working Document Impact Assessment, Accompanying the document Proposal for a Regulation of the European Parliament and of the Council on a framework for the free flow of non-personal data in the European Union, SWD/2017/0304 final – 2017/0228 (COD), Brussels, 13 September 2017 (Impact Assessment); Commission Staff Working Document on the free flow of data and emerging issues of the European data economy, COM(2017) 9 Final, January 10, 2017.

17 See the SWIPO Code of Conduct, available at As stated on the EU Commission website, apart from two dedicated Codes of Conduct, respectively on Infrastructure-as-a-Service (IaaS) cloud services and on Software-as-a-Service (SaaS) cloud services, the SWIPO working group also delivered an extensive proposal for a governance structure. This governance structure should make the Codes of Conduct practically enforceable, e.g. through a complaints mechanism for users. The deadline for the implementation of the Codes of Conduct is May 2020, as foreseen by the Regulation on the free flow of non-personal data (FFD). As determined in the FFD Regulation, the European Commission will evaluate the impact of those Codes of Conduct before November 2022. This evaluation will notably focus on the effects that the SWIPO Codes of Conduct will have on the fluidity and competitiveness of the cloud market.

18 European Commission, Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions SWD (2017) 2 Final, COM(2017) 9 Final, 13; European Commission, Commission Staff Working Document on the free flow of data and emerging issues of the European data economy, COM(2017) 9 Final, January 10, 2017, 33, making reference to the works of Zech, who claimed that the right way forward is the creation of a property right to non-personal goods. Cf. Herbert Zech, “Information as a tradable commodity,” in Alberto De Franceschi Ferrara (ed), European Contract Law and the Digital Single Market, 2016, 51-79.

19 It should be mentioned that there is a right for person under certain circumstances to port data according to Article 20 GDPR. Cf. Björn Lundqvist, “Regulating Competition and Property in the Digital Economy – The Interface Between Data, Privacy, Intellectual Property, Fairness and Competition Law,” (January 17, 2018). Faculty of Law, Stockholm University Research Paper No. 55. Available at SSRN:, accessed 25 March 2018.

20 The Directive on the re-use of public sector information Directive (EU) 2019/1024 of the European Parliament and of the Council of 20 June 2019 on open data and the re-use of public sector information, OJ L 172, 26.6.2019, p. 56–83 (The old PSI directive: Directive 2003/98/EC, known as the “PSI Directive”) entered into force on December 31, 2003. It was revised by Directive 2013/37/EU which entered into force on July 17, 2013.

21 In order to accelerate retail banking innovation and simplify payments, the European Commission is mandating standardized API access across the EU. The initiative is part of the European Commission’s update of the Directive on Payment Services (PSD). The revision to the Directive on Payment Services (PSD2) requires banks to provide access to third parties. See Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (Text with EEA relevance). Cf. EU Commission, (2015) A Digital Single Market Strategy for Europe, COM(2015) 192 final.

22 REACH-Regulation, Article 25 Regulation (EC) No 1907/2006 of the European Parliament and of the Council of 18 December 2006 concerning the Registration, Evaluation, Authorisation and Restriction of Chemicals (REACH), establishing a European Chemicals Agency, amending Directive 1999/45/EC and repealing Council Regulation (EEC) No 793/93 and Commission Regulation (EC) No 1488/94 as well as Council Directive 76/769/EEC and Commission Directives 91/155/EEC, 93/67/EEC, 93/105/EC and 2000/21/ EC. See furthermore Article 16 of the new Digital Content and Digital Services Directive making reference to GDPR. See also the new Electricity Directive of June 2019 imposes the sharing of consumer data, including metering and consumption data as well as data required for customer switching, demand response and other services. In order to stimulate competition and innovation among electricity suppliers, Article 23(2) of the Directives provides that porting of data should be required. Finally, the Clinical Trials Regulation 536/2014. on clinical trials on medicinal products for human use, and repealing Directive 2001/20/EC.

23 Directive (EU) 2019/1024 of the European Parliament and of the Council of 20 June 2019 on open data and the re-use of public sector information, OJ L 172, 26.6.2019, p. 56–83.

24 See also the INSPIRE directive regarding spatial data, Articles 5 and 8. For the various legal tools making up the INSPIRE initiative see

25 EU Commission, (1998) Public Sector Information: A Key Resource for Europe, Green Paper on Public Sector Information in the Information Society, COM(1998) 585 final, 5.

26 French Competition Authority, Decision 14-MC-02 of 09.09.2014. The case is discussed in the German and French Competition Authorities joint paper, (10 May 2016) Competition Law and Data, 20, available at

27 French Competition Authority, Decision n°13-D-20 of 17.12.2013, confirmed on that points by the court of appeal on 21.05.2015.

28 Commission Delegated Regulation (EU) 2017/1926 of 31 May 2017 supplementing Directive 2010/40/EU of the European Parliament and of the Council with regard to the provision of EU-wide multimodal travel information services C/2017/3574 OJ L 272, 21.10.2017, p. 1–13. See also Directive 2010/40/EU of the European Parliament and of the Council of 7 July 2010 on the framework for the deployment of Intelligent Transport Systems in the field of road transport and for interfaces with other modes of transport, OJ L 207, 6.8.2010, p. 1–13.

29 See Parliament and Council Regulation (EU) 2017/1926 of 31 May 2017 supplementing Directive 2010/40/EU with regard to the provision of EU-wide multimodal travel information services [2017] OJ L 272/1.

30 EU Commission A European strategy for data, Brussels, 19.2.2020 COM(2020) 66 final, 21 et seq. See also the Appendix Common European data spaces in in strategic sectors and domains of public interest.

31 Also including the Gaia-x initiative, see