Legal Frameworks for Smart City Data as Common Pool Resource

A Smart City's digital infrastructure shares an abundance of non-personal and anonymized personal data. While it has been so far a business model to collect, process, and sell these data under market conditions, a Smart City's infrastructure in its ideal form intends to effect an automatic and free pooling of these data within the entire network, making them in that point legally and economically comparable to common pool resources. Even though the sharing/pooling of data among market players will often ease access, innovation and synergies among competitors, there is – as in all pooled data – also an inherent risk of anti-competitive measures taken by the members of the network, for instance if competitors are legally or factually denied access to the pool, if granular data is coarsed before shared, or when the granting of access to data on nonFRAND terms results in an exploitative abuse. It has always been controversial how a coherent and flexible legal framework for the management of common pool resources ought to be set up, and it is even more so for the copious data shared in Smart Cities. Both national and EU legislators are thus put to the challenge to provide for rules granting to all market players fair participation in this resource.

To cope with the above-mentioned challenges, this PhD thesis has the following targets:

• Determine GDPR-compliant structures within a Smart City at the example of the FINEST Twins concept, analyse cyber security gaps putting the compliance of Smart Cities with the GDPR and other (national and EU) law at risk and propose respective legal reforms
• Analyse from a competition law perspective conflicts of interest concerning the use of pooled data and propose respective legal reforms on national and EU level
• Analyse from an IP law perspective conflicts of interest (IP assets as business secrets etc.) of non-personal data as common pool resource and propose respective legal reforms on national and EU level
• Analyse in these fields mandatory and voluntary data sharing of digital evidence between the private and public sector in enforcement proceedings and develop respective legal adaptations for cross-jurisdictional challenges in Smart Cities
• Analyse the impact of Smart City data management on the private autonomy of its users/inhabitants

Responsibilities and tasks:

• Develop a proper, state-of-the-art research agenda on the procured topic and publish respectively 
• Contribute to and further develop the joint research, training and networking activities of the department of law and the school of business and governance
• Plan and deliver courses and seminars for BA and MA relating to IT law, contract law, data protection and competition law
• Supervise theses on BA and MA level
• Contribute to the preparation and performance of the department’s research grants

Qualifications
We are looking for motivated individuals with a strong background in private law and IT law. Proficience in cyber security and business law as well as practical experiences are highly welcome.
Candidates are expected to have the following core skills:

• MA with distinction in the field of law
• Very good knowledge on practices and national/EU regulation of digital data sharing and fair understanding of its underlying technologies
• Good level of understanding of EU and international contract law and the GDPR
• Good understanding of the legal framework of national and EU competition and IP law
• Strong analytical, writing and communicating skills (English) that are compatible with an entry-level research position