3.2 Consortium agreement

The consortium agreement (CA) sets out the legal relationship between the consortia partners, detailing their responsibilities and agreed terms of collaboration. The CA should also include the terms governing data sharing and re-use of the data. The issues which should be clarified and between the partners or parties to the agreement are included below in Table 1, which provides guidance in identifying the issues relevant to sharing and re-using the data after the project. The text of the CA should be broad. Finer details relating to data sharing can be reflected in a data management plan. Before the project ends, it is important to have a comprehensive written agreement for how the data should be handled after the project.

Table 1: Data-sharing topics within the consortium agreement

TopicIssues to be considered
Ownership and access to data and data toolsWho owns the data? Is it necessary to add a specific ownership clause for the collected data? How could the data be used and on which conditions? Will all partners have access to all/part of the data? May the data be licensed to third parties? May third parties have access to the data and on what conditions? Will any data become publicly available (with or without any license) and how will this data be provisioned? Are there constraints related to personal data, especially video and tracked location data or location data in general? Are there future agreements with data providers to take into account? Who will own the analysis tools and on what conditions are they licensed during and after the project? Does any partner have any intellectual property rights over tools which may impact their use? How can data be re-used if the data is owned by one partner and this partner ceases operation or leaves the project? Will the data generated be subject to proposed frameworks such as the EU Data Act or EU AI act which may require that data be provided to users and third parties
Storage and download of dataHow will the data be stored during and after the project – centrally, distributed, by a third party, or combinations? What are the general requirements for data protection and how are they assured? Shall all/part of the data be downloadable for all partners and if so, under which conditions? Shall all/part of the data be downloadable for third parties and if so, under which conditions? Is there a time limit for requesting data for download? Is there a time limit for keeping the data?
Access methodsCan the data be downloaded, remotely accessed, accessed using connector within a data space, or only accessed at the premises of any partner? Shall a specific access procedure be used, and if so by whom? Who shall govern the access procedure? How will the data be accessed?
CybersecurityHow is the data infrastructure protected from both a technical and organisational perspective?Is there a plan to prevent and respond to a data leak, phishing attempt, or attack (i.e., encrypting files)?
Areas of useShall it be possible to use the data for education, research and commercial purposes? Are there special conditions for commercial use? Can predefined licenses be applied? In which research/commercial areas could the data be used? (i.e., safety, mobility, etc.)
Post-project re-use of dataWhich partner is responsible for maintaining the data after the project? Shall a non-partner be the provider of the project data after the project? Which application procedure shall be used? Who will grant access to the data after the project? Are there conditions, such as legal and ethical constraints and availability of funding for data storage and access services, to be considered? Are there time limits after which the data need to be deleted?
Post-project financingHow will the storage and support services for data re-use be financed after the project? Known or to be decided? How will this funding be distributed?