Legal Building Block Questions

Applicable Legal Frameworks

Purpose: Identify and monitor all relevant EU and national laws to guarantee that operations remain legally sound.

  1. Which EU and national regulations (e.g. GDPR, Data Act, competition law, sectoral directives) are directly relevant?

  2. How should the governance authority keep track of evolving regulatory obligations?

Compliance Responsibilities

Purpose: Clarify which compliance duties belong to the governance authority versus individual participants to ensure accountability.

  1. What compliance obligations should rest with the data space authority versus the individual participants?

  2. Should there be baseline legal compliance requirements for all participants before joining the initiative?

  3. How can legal obligations be clearly communicated to all participants?

  4. What support is needed to help participants meet compliance effectively?

Risk and Liability

Purpose: Establish a fair distribution of liability and safeguards to minimize legal and operational risks.

  1. How should liability be distributed in case of breaches of regulatory obligations (e.g. data protection violations, misuse of data)?

  2. What safeguards or monitoring mechanisms are necessary to minimize compliance risks?

  3. How can compliance checks be automated to reduce manual effort?

  4. Which tools help monitor ongoing regulatory adherence?

Certification and Assurance

Purpose: Determine the most effective mechanisms for verifying ongoing compliance and trustworthiness of participants

  1. Should compliance be verified through certification, attestation, or self-declaration?

  2. How frequently should compliance checks or audits be carried out?

Sector-Specific Rules

Purpose: Integrate sectoral requirements while ensuring alignment with overarching EU legal frameworks.

  1. Are there additional environmental or sectoral regulations that need to be explicitly incorporated into participation rules?

  2. How should conflicts between sector-specific rules and overarching EU frameworks be managed?

Enforcement Mechanisms

Purpose: Define clear processes and authorities for addressing and resolving compliance breaches.

  1. How should compliance breaches be addressed (warnings, sanctions, suspension, exclusion)?

  2. What governance body or process will be responsible for handling non-compliance cases?

PreviousRegulatory ComplianceNextContractual Framework

Last updated