In search of a new balance between data sharing and data protection in light of semantic interoperability

The functioning of the (personal) Data Spaces infrastructure proposed by the EU, structured as a collection of distributed (scattered) but linked storage locations, depends on the speed with which computer systems can collect and process relevant data for a specific context of use as well as understand the relevant relationships between data in such infrastructure. From a technical perspective, data entered into computer systems must be in an interoperable format so that it can be shared efficiently across different infrastructures (syntactic interoperability). To provide more accurate and tailored information to users of Data Spaces, as well as to map the interrelationships between data, computer systems should further understand the meaning of shared data (semantic interoperability).

By linking different pieces of data together and allowing computer systems to understand their interrelationships and their specific meaning on a more abstract level (regardless of the specific context of use), pieces of data scattered across distributed storage locations can be easily integrated with each other in ways that the GDPR could not foresee. The balance between data sharing and data protection as laid down in the GDPR is therefore under pressure. Principles, concepts and rights implementing that balance only take into account a context of syntactic interoperability and central data silos and may need to be revised to reflect the widespread use of semantic interoperability tools in a Data Spaces context. However, semantic interoperability tools and their concrete impact on the balance as laid down in the GDPR remain underexplored by legal scholars.