Fintech Data Contracts

Fintech Data Contracts

Chris Hill

15 years: Financial technology law

Data is a valuable resource, and is beset by the complexity of being governed by a number of different areas of law. Chris attempts to answer the essential question of “what can I do with the data?” by explaining how a contract can be used to determine the legal default positions.

Data is a valuable resource, and is beset by the complexity of being governed by a number of different areas of law. Chris attempts to answer the essential question of “what can I do with the data?” by explaining how a contract can be used to determine the legal default positions.

Speak to an expert

Speak to an expert today to access this and all of the content on our platform.

Fintech Data Contracts

10 mins 15 secs

Overview

In order to answer the essential question of “what can I do with the data?”, you need to understand the position under each area of law individually, this includes IP, privacy and data protection, regulation and confidentiality. Moving forward to put together a contract that takes you away from the default legal position and builds the rules to get you to the set of powers you need.

Key learning objectives:

  • How can we determine what the default position is?

  • What is a “new” data set, and how can it be managed?

  • What other issues need to be thought through before drafting a contract?

Speak to an expert

Speak to an expert today to access this and all of the content on our platform.

Summary

What is a data contract?

They act as a means for two parties to agree where and how they are going to move away from the “natural order” of how the law would otherwise dictate how the subject matter of the contract is treated.

How can we determine what the default position is?

In order to work out the overall default position, first you have to understand the position under each area of law on its own, and then you have to work out which takes precedence over which:

  1. Intellectual Property
    • Who has created the data, who owns the IP rights in it, and who therefore has a right, by virtue of that intellectual property law to prevent others from using that data?
  2. Privacy and Data Protection
    • Is this personal data, and if so, have you established the relevant legal basis in place to do with the data what you wish?
  3. Financial Regulation
    • For example, parts of the open banking regime in relation to account information service providers, dictate that data has to be used and disseminated only for the provision of the account information service that the customer has explicitly asked for
  4. Confidentiality
    • Using data may breach confidentiality obligations, whether these are under a Non-Disclosure Agreement, a confidentiality clause in a contract, or an unwritten, common law duty of confidentiality

What is a “new” data set?

The core principle behind creating new datasets is that you are taking one or more sets of “ingredient” data and carrying out some sort of analysis on them, or mingling them together, to get you to a position where you have a new data set that helps you understand something different.

How is this “new” data managed?

In order to understand what you can and can’t do with this new data set, you have to analyse the rights and rules in both the ingredient data and the new data, so you can then put the relevant contracts in place to allow you to do what you need to:

  1. Work out who owns the IP rights
    • Assuming that the new data set does constitute some form of IP, the default position under English law is that it is usually the creator of the IP that is the owner of it. Secondly, you need to establish whether you had the necessary license rights in place to create it in the first place. Also, where did you get the constituent parts of the new data from - the ingredients - and did the license under which you received it allow you to create new data using it?
  2. Check the Privacy of the Data
    • If the ingredient data is itself personal data, then you will need to establish a legal basis (such as consent, contractual performance) in order to carry out the aggregation itself. Also, does the new data set you are creating still tie back to an individual, such that it is still personal data and you need to establish a legal basis to use it further?
  3. Check the Confidentiality
    • Was there some kind of confidentiality restriction in place which would have prevented the creation of the new data? Or, does the new data set still reveal so much about the party from whom you obtained the ingredient data, that to disseminate it in the way you intend would in itself be a breach of confidentiality obligation to that party?
  4. Have you complied with any relevant regulatory restrictions in creating the data?

What other issues need to be thought through before drafting a contract?

Whenever new data is being created, it is worth thinking through the different rights and commercial sensitivities that this new data brings with it. For example:

  • What could you do with the new data that the other party doesn’t want you to do?
  • What could the other party do with the data that would harm your business?
  • What other mechanisms could you take advantage of to get hold of and use the data in the way that you wish to?
  • Can you use open banking to get hold of transactional data?
  • It is also worth mentioning that “who owns the customer” really means which party has the power to market to the customer during and after the term of the contract, and which party can re-use data created or received in relation to that customer during this commercial relationship and after the contract is terminated

Speak to an expert

Speak to an expert today to access this and all of the content on our platform.

Chris Hill

Chris Hill

Chris is a commercial technology partner and Head of Fintech at Kemp Little, a specialist technology focused law firm based in London. Chris helps clients negotiate contracts relating to tech-based services, often in the area of fintech.

There are no available videos from "Chris Hill"