¹ United Nations Conference on Trade and Development (UNCTAD), “Digital Economy Report – Cross-border data flows and development: For whom the data flow” (2021) 32–35 <https://unctad.org/system/files/official-document/der2021_en.pdf> (all the links given in the footnotes were last accessed on 8 February 2023).

² Statista, “Transforma Insights: Number of Internet of Things (IoT) connected devices worldwide from 2019 to 2030, by use case (in millions)” (2020) <https://www.statista.com/statistics/1194701/iot-connected-devices-use-case/>.

³ N Fildes, “Battle intensifies to unlock value in the Internet of Things” (Financial Times, 18 June 2019), <https://www.ft.com/content/a10a52a4-789f-11e9-b0ec-7dff87b9a4a2>.

⁴ McKinsey & Company, “The Internet of Things: Catching up to an accelerating opportunity” (2021) 13 <https://www.mckinsey.com/business-functions/mckinsey-digital/our-insights/iot-value-set-to-accelerate-through-2030-where-and-how-to-capture-it>.

⁵ There are indications that consumers are wary of the risks posed by the lack of interoperability: see Eurostat, “Data browser: Internet of Things – barriers to use” (2020) <https://ec.europa.eu/eurostat/databrowser/view/isoc_iiot_bx/default/table?lang=en>, reporting that 5% of individuals in the EU cited a lack of compatibility with other devices or systems as their reason for not using IoT.

⁶ See, for example, Bundeskartellamt, “Sector inquiry smart TVs – Conclusion and recommendations for action” (2020) <https://www.bundeskartellamt.de/SharedDocs/Publikation/EN/Others/Sector_inquiry_smart_TVs_conclusion.pdf?__blob=publicationFile&v=2>; Hadopi and CSA, “Assistants vocaux et enceintes connectées – l’impact de la voix sur l’offre et les usages culturels et medias” (2019) <https://www.hadopi.fr/ressources/etudes/etude-hadopi-csa-assistants-vocaux-et-enceintes-connectees-limpact-de-la-voix-sur>.

⁷ O Borgogno and G Colangelo, “Data sharing and interoperability: Fostering innovation and competition through APIs” (2019) 35 Computer Law & Security Review 105314.

⁸ Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regards to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC [2016] OJ L 119/1, Art 20.

⁹ Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC, [2015] OJ L 337/35, Art 67.

¹⁰ Regulation (EU) 2018/1807 of the European Parliament and of the Council of 14 November 2018 on a framework for the free flow of non-personal data in the European Union, [2018] OJ L 303/59.

¹¹ Directive (EU) 2019/1024 of the European Parliament and of the Council of 20 June 2019 on open data and the re-use of public sector information, [2019] OJ L 172/56.

¹² Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance and amending Regulation (EU) 2018/1724 (Data Governance Act), [2022] OJ L 152/1.

¹³ European Commission, Commission Staff Working Document accompanying the “Final Report - Sector inquiry into consumer Internet of Things” COM(2022) 10 final, 41, acknowledging that Amazon, Google and Apple “have become the leading technology companies and built their own ecosystems within and beyond the consumer IoT sector”.

¹⁴ See European Commission, “A European strategy for data” COM(2020) 66 final, 10; and European Commission, “Towards a common European data space” COM(2018) 232 final, 10.

¹⁵ See European Commission, Commission Staff Working Document accompanying the Communication on the Digitising European Industry Reaping the full benefits of a Digital Single Market, SWD(2016) 110 final, 9, targeting the lack of common standards and interoperable solutions throughout the products and services life cycles as one of the main hurdles facing IoT innovation.

¹⁶ European Commission, supra, note 14.

¹⁷ ibid, 8. See also European Commission, Proposal for a Regulation laying down harmonised rules on artificial intelligence (Artificial Intelligence Act) COM(2021) 206 final, Recital 81, referring to the possibility of developing further measures aimed at “lowering technical barriers hindering cross-border exchange of data for AI development, including on data access infrastructure, semantic and technical interoperability of different types of data”.

¹⁸ Regulation (EU) 2022/1925 on contestable and fair markets in the digital sector and amending Directives (EU) 2019/1937 and (EU) 2020/1828 (Digital Markets Act), (2022) OJ L 265/1.

¹⁹ ibid, Arts 6(4), 6(7) and 7.

²⁰ European Commission, “Final Report – Sector inquiry into consumer Internet of Things” COM(2022) 19 final.

²¹ European Commission, Proposal for a Regulation on harmonised rules on fair access to and use of data (Data Act) COM (2022) 68 final.

²² European Commission, supra, note 20, 5.

²³ European Commission, Commission Staff Working Document, Impact Assessment Report accompanying the Proposal for a Regulation on harmonised rules on fair access to and use of data (Data Act) SWD(2022) 34 final, 10. On the inherent pro-competitive rationale underpinning the right to data portability and the risk of inconsistencies with the overall GDPR framework, see B Koops, “The trouble with European data protection law” (2014) 4 International Data Privacy Law 4, 44, arguing that “[b]y its nature, data portability would be more at home in the regulation of unfair business practices or electronic commerce, or perhaps competition law – all domains that regulate abuse of power by commercial providers to lock-in consumers”.

²⁴ European Commission, Data Act (including the review of the Directive 96/9/EC on the legal protection of databases) – Inception Impact Assessment (2021) 3 <https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/13045-Data-Act-&-amended-rules-on-the-legal-protection-of-databases_en>.

²⁵ See, eg, W Kerber, “Governance of IoT Data: Why the EU Data Act will not Fulfill its Objectives” (forthcoming) GRUR International, arguing that the proposal does not solve the problem of data interoperability with respect to sharing IoT data and noting that the data are also not required to be made available in standardised formats and by using standardised and open technical interfaces.

²⁶ European Commission, Proposal for a Regulation on the European Health Data Space COM(2022) 197 final.

²⁷ ibid, Explanatory memorandum, 9–10.

²⁸ European Council, “Declaration on digital rights and principles: EU values and citizens at the centre of digital transformation” (2022) <https://www.consilium.europa.eu/en/press/press-releases/2022/11/14/declaration-on-digital-rights-and-principles-eu-values-and-citizens-at-the-centre-of-digital-transformation/>.

²⁹ UK Competition and Markets Authority, “Retail banking market investigation: Final report” (2016) <https://www.gov.uk/cma-cases/review-of-banking-for-small-and-medium-sized-businesses-smes-in-the-uk>.

³⁰ See D Schnurr, “Switching and Interoperability Between Data Processing Services in the Proposed Data Act” (2022) CERRE Report, 11 <https://cerre.eu/publications/switching-and-interoperability-between-data-processing-services-in-the-proposed-data-act/>, arguing that the proposal for a Data Act includes rules referring to both data portability and interoperability in the context of data-processing services, without, however, either distinguish between them or making sufficiently clear as to which rules are intended to achieve each of them.

³¹ P Wegner, “Interoperability” (1996) 28 ACM Computing Surveys 285.

³² C Thanos, “Mediation: the technological foundation of modern science” (2014) 13 Data Science Journal 88, 93.

³³ J Crémer, Y-A de Montjoye and H Schweitzer, “Competition policy for the digital era” (2019) 58–59 <https://ec.europa.eu/competition/publications/reports/kd0419345enn.pdf>. See also C Busch, N Fourberg, J Kramer, P Kroon, N Steffen, S Taş, P Thoste and L Wiewiorra, “Interoperability regulations for digital services. Study for the German Federal Network Agency” (2022) <https://www.bundesnetzagentur.de/DE/Fachthemen/Digitalisierung/Technologien/Onlinekomm/Study_InteroperabilityregulationsDigiServices.pdf?__blob=publicationFile&v=1>, distinguishing between compatibility and interoperability by building on the concept of the digital environment: while the former refers to the unimpeded operation and consistent interchangeability of components, applications and systems (especially within an environment), the latter is based on the prerequisite of a common standard as it focuses on the cooperation and combinability of components, applications and systems that may be located in different environments.

³⁴ Busch et al, supra, note 33, 7.

³⁵ See also OECD, “Enhancing Access to and Sharing of Data: Reconciling Risks and Benefits for Data Re-use across Societies” (2019) OECD Publishing, 32, considering APIs as promising mechanisms through which data access can be controlled over time.

³⁶ Schnurr, supra, note 30, 11.

³⁷ See, eg, M Bourreau, J Krämer and M Buiten, “Interoperability in Digital Markets” (2022) <https://cerre.eu/wp-content/uploads/2022/03/220321_CERRE_Report_Interoperability-in-Digital-Markets_FINAL.pdf>; J Mancini, “Data Portability, Interoperability and Digital Platform Competition” (2021) OECD Background Paper <https://www.oecd.org/daf/competition/data-portability-interoperability-and-digital-platform-competition-2021.pdf>; C Riley, “Unpacking interoperability in competition” (2020) 5 Journal of Cyber Policy 94; W Kerber and H Schweitzer, “Interoperability in the digital economy” (2017) 8 Journal of Intellectual Property, Information Technology and Electronic Commerce Law 39.

³⁸ J Crémer, P Rey and J Tirole, “Connectivity in the Commercial Internet” (2000) 48 Journal of Industrial Economics 433.

³⁹ GS Crawford, D Dinielli, A Fletcher, P Heidhues, M Schnitzer, FM Scott Morton and K Seim, “Equitable Interoperability: The “Super Tool” of Digital Platform Governance” (2021) <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3923602>.

⁴⁰ M Bourreau, “DMA: Horizontal and Vertical Interoperability Obligations” (2022) CERRE Issue Paper <https://cerre.eu/wp-content/uploads/2022/11/DMA_HorizontalandVerticalInteroperability.pdf>.

⁴¹ Busch et al, supra, note 33, 58.

⁴² M Bourreau and J Krämer, “Interoperability in Digital Markets: Boon or Bane for Market Contestability?” (2022) <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4172255>.

⁴³ D Awrey and J Macey, “Open Access, Interoperability, and DTCC’s Unexpected Path to Monopoly” (2022) 132 Yale Law Journal 1.

⁴⁴ Bourreau et al, supra, note 37, 24.

⁴⁵ Bourreau, supra, note 40, 10; Schnurr, supra, note 30, 9.

⁴⁶ European Commission, “Non-paper from the Commission services on interoperability for messenger services and online social networks in the DMA” (2022) <https://www.iccl.ie/wp-content/uploads/2022/03/wk03135.en22.pdf>. See also Bundesnetzagentur für Elektrizität, Gas, Telekommunikation, Post und Eisenbahnen, “Interoperability between messaging services – an overview of potential and challenges” (2021) 18 <https://www.bundesnetzagentur.de/SharedDocs/Pressemitteilungen/EN/2021/20211209_Messenger.html>, pointing out that “an increasing depth of technical implementation of interoperability (for example, due to increased standardisation) may restrict options for expanding the scope of functions and innovation”.

⁴⁷ Under EU law, formal SDOs are those recognised by Regulation (EU) No 1025/2012 on European standardisation [2012] OJ L 316/12.

⁴⁸ Kerber and Schweitzer, supra, note 37, 58, stressing that uncertainty regarding the appropriate standards and other interoperability solutions calls for caution in imposing top-down public policy solutions.

⁴⁹ J Kramer, “Personal Data Portability in the Platform Economy: Economic Implications and Policy Recommendations” (2020) 17 Journal of Competition Law & Economics 2, arguing for a more widespread obligation to offer standardised APIs to enable consumers to continuously port their data according to Art 20 GDPR.

⁵⁰ European Commission, supra, note 20, 71.

⁵¹ ibid, 6.

⁵² European Commission, supra, note 13.

⁵³ ibid, 98–99.

⁵⁴ See Hellenic Competition Commission, “Final Report on the Sector Inquiry into Financial Technologies” (2022) <https://epant.gr/en/enimerosi/press-releases/item/2460-press-release-publication-of-the-final-report-of-the-fintech-sector-inquiry.html>; Autorité de la Concurrence, “Opinion on the sector of new technologies applied to payment activities” (2021) <https://www.autoritedelaconcurrence.fr/en/opinion/sector-new-technologies-applied-payment-activities>.

⁵⁵ European Commission, supra, note 20, 58.

⁵⁶ ibid, 71 and 101–02.

⁵⁷ DMA, supra, note 18, Art 48.

⁵⁸ ibid, Art 7.

⁵⁹ Data Act, supra, note 21, Art 28(4).

⁶⁰ ibid, Art 28(5).

⁶¹ UK Competition and Markets Authority, supra, note 29.

⁶² O Borgogno and G Colangelo, “Consumer Inertia and Competition-sensitive Data Governance: The Case of Open Banking” (2020) 9 Journal of European Consumer and Market Law 4.

⁶³ Financial Conduct Authority, “Open finance – Feedback Statement” (2021) <https://www.fca.org.uk/publication/feedback/fs21-7.pdf>.

⁶⁴ Department for Business, Energy and Industrial Strategy, “Smart Data Working Group” (2021) <https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/993365/smart-data-working-group-report-2021.pdf>.

⁶⁵ UK Competition and Markets Authority, supra, note 29.

⁶⁶ O Borgogno and G Colangelo, “Data, Innovation and Transatlantic Competition in Finance: The Case of the Access to Account Rule” (2020) 31 European Business Law Review 4.

⁶⁷ Portuguese Competition Authority, “Sector inquiry on FinTech” (2021) <https://www.concorrencia.pt/en/articles/adcs-sector-inquiry-fintech-74-companies-operating-portugal-consider-there-are-barriers#:∼:text=The%20findings%20of%20the%20sector,a%20closed%20ecosystem%20as%20barriers>.

⁶⁸ UK Competition and Markets Authority, “The Retail Banking Market Investigation Order 2017” (2017) <https://www.gov.uk/government/publications/retail-banking-market-investigation-order-2017>.

⁶⁹ UK Competition and Markets Authority, “Agreed Timetable and Project Plan” (2020) <https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/885537/Notice_of_proposed_changes_to_the_open_banking_roadmap_-_web_publication_-_cma_gov_uk_---_May_2020_-.pdf>.

⁷⁰ Payments Cards & Mobile and Mastercard, “The future of open banking in Europe” (2021) <https://openbanking.mastercard.com/readiness-index/open-banking-readiness-index/>.

⁷¹ Open Banking Implementation Entity, “Open Banking Impact Report” (2021) <https://openbanking.foleon.com/live-publications/the-open-banking-impact-report-october-2021-ug/home/>.

⁷² Treasury Laws Amendment (Consumer Data Right) Act 2019 (Cth).

⁷³ Australian Competition and Consumer Commission, “Competition and Consumer (Consumer Data Right) Rules 2020” (2020) <https://www.accc.gov.au/media-release/consumer-data-right-rules-made-by-accc>.

⁷⁴ Some late and light-touch attempts to ensure API interoperability were taken by the European Payment Council (“Terms of reference of the SEPA Payment Account Access Multi-Stakeholder Group” (2021) <https://www.europeanpaymentscouncil.eu/sites/default/files/kb/file/2021-08/EPC166-21v1.0%20-%20ToR%20SEPA%20Payment%20Account%20Access%20MSG.pdf>) and the European Banking Authority (establishing an industry working group on APIs and publishing seven sets of clarifications in response to its requests <https://www.eba.europa.eu/regulation-and-policy/payment-services-and-electronic-money/eba-working-group-on-apis-under-psd2>). In January 2019, the Euro Retail Payments Board established a new working group tasked with defining key elements of a potential Single Euro Payments Area API Access Scheme (Euro Retail Payments Board, “Report on a Single Euro Payments Area (SEPA) Application Programming Interface (API) Access Scheme” (2019) <https://www.ecb.europa.eu/paym/groups/erpb/shared/pdf/11th-ERPB-meeting/Report_from_the_ERPB_WG_on_a_SEPA_API_Access_Scheme.pdf>). Its mandate was renewed in June 2021, and a work block, consisting of experts and representatives of interested European standardisation initiatives in the field of PSD2 APIs, was established with the goal of developing “minimum requirements that ensure pan-European harmonisation and interoperability as well as the integrity of the scheme” (European Payment Council, “Call for European standardisation initiatives in the field of PSD2 API’s to participate in the API Work Block of the SEPA Payment Account Access Multi-Stakeholder Group” (2022) <https://www.europeanpaymentscouncil.eu/news-insights/news/call-european-standardisation-initiatives-field-psd2-apis-participate-api-work>).

⁷⁵ European Commission, “Digital Finance Strategy for the EU” COM (2020) 591 final, 14; European Commission, “Retail Payments Strategy for the EU” COM (2020) 592 final, 15.

⁷⁶ D Evans, “Governing Bad Behavior by Users of Multi-sided Platforms” (2012) 27 Berkeley Technology Law Journal 1201.

⁷⁷ UK Competition and Markets Authority, “Electric Vehicle Charging Market Study” (2021) <https://www.gov.uk/cma-cases/electric-vehicle-charging-market-study>. See G Colangelo and S Ennis, “Energy Data Sharing and the Case of EV Smart Charging” (2022) CERRE Report <https://cerre.eu/publications/energy-data-sharing-and-the-case-of-ev-smart-charging/>.

⁷⁸ For a different proposal drawing on the Open Banking experience, see D Awrey and J Macey, “The Promise and Perils of Open Finance” (2023) 40 Yale Journal on Regulation 1, arguing for a universal access requirement in the context of the US data aggregation market to ensure that firms offering financial products and services enjoy non-discriminatory access to Open Finance platforms.

⁷⁹ R Berner and K Judge, “The Data Standardization Challenge” in DW Arner, E Avgouleas, D Busch and SL Schwarcz (eds) Systemic Risk in the Financial Sector: Ten Years After the Great Crash (Montreal, McGill-Queen’s University Press 2019) p 135.

⁸⁰ European Commission, supra, note 20, 44–47; UK Competition and Markets Authority, “Mobile ecosystems market study” (2022) 50 <https://www.gov.uk/government/publications/mobile-ecosystems-market-study-final-report>.

⁸¹ See Borreau et al, supra, note 37, noting that, in the dynamic context of digital markets, services compete and differentiate themselves by innovating new features, which runs counter to attempts to standardise services, hence mandated horizontal interoperability is probably a harmful remedy in digital markets, as it tends to enshrine existing incumbency, limits firms’ innovation and differentiation capabilities and requires enduring regulation.

⁸² The importance of enforcement and policing against surreptitious forms of non-compliance was recently highlighted by Barclays’ and Lloyds’ breaches of the CMA Open Banking Remedy in relation to open APIs for data access. See UK Competition and Markets Authority, “Lloyds Banking Group’s Breaches of the Retail Banking Market Investigation Order 2017 in Relation to Open APIs under the Open Banking Remedy” (2022) <www.assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/1061956/LBG_Article_12_draft_public_letter__public_version_.pdf>; UK Competition and Markets Authority, “Barclays Bank’s breaches of the Retail Banking Market Investigation Order 2017 in Relation to Open APIs under the Open Banking Remedy” (2022) <https://www.gov.uk/government/publications/cma-letter-to-barclays-about-13-breaches-of-the-retail-banking-order>.

⁸³ See, eg, CEN/TC 294, “Communication systems for meters” <https://standards.iteh.ai/catalog/tc/cen/8ae0124c-2738-411c-a5f8-2f7b4d5721bc/cen-tc-294>; IEC/TC 124, “Wearable electronic devices and technologies” <https://standards.iteh.ai/catalog/tc/clc/ce8f2886-a516-44a2-a821-5f203e0add69/iec-tc-124>; CLC/TC 79, “Alarm Systems” <https://standards.iteh.ai/catalog/tc/clc/fcccb4a0-46bd-4afd-8962-74b1acffe19b/clc-tc-79>.

⁸⁴ <https://csa-iot.org/all-solutions/matter/>.

⁸⁵ <https://www.threadgroup.org/thread-group#OurMembers>.

⁸⁶ <https://developer.amazon.com/en-US/alexa/voice-interoperability>.

⁸⁷ UK Competition and Markets Authority, “Millions of customers benefit as Open Banking reaches milestone” (2023) <https://www.gov.uk/government/news/millions-of-customers-benefit-as-open-banking-reaches-milestone>; UK Competition and Markets Authority, “The Future Oversight of the CMA’s Open Banking Remedies” (2021) <www.gov.uk/government/consultations/future-oversight-of-the-cmas-open-banking-remedies/the-future-oversight-of-the-cmas-open-banking-remedies>.

⁸⁸ UK Finance, “Open Banking Futures: Blueprint and Transition Plan” (2021) <www.ukfinance.org.uk/system/files/Open-Banking-Phase-II-report-FINAL.pdf>.

⁸⁹ Financial Times, “Watchdog Criticised over Plans to Combat Dominance of Big Banks” (Financial Times, 6 June 2021) <www.ft.com/content/c7cba98a-b8fe-415b-9cc9-bfd765b4f7d5>.

⁹⁰ Data Governance Act, supra, note 12, Recitals 53 and 54.