MONOLITH LAW OFFICE+81-3-6262-3248Weekdays 10:00-18:00 JST


General Corporate

What are the Key Points to Check When Entering into a Data Provision Agreement?

General Corporate

What are the Key Points to Check When Entering into a Data Provision Agreement?

With the advancement of AI technology, there has been an increase in data provision transactions. In such cases, it is necessary to conclude a data provision contract. However, since data transactions themselves are a new type of transaction, there are several points to be careful about when creating a contract.

In this article, we will explain the points to check when concluding a data provision contract.

What is a Data Provision Contract?

The Ministry of Economy, Trade and Industry (METI) established the “AI and Data Usage Contract Guidelines” (hereinafter referred to as “the Guidelines”), which outlines the matters that should be stipulated in contracts related to data usage. This article will explain in accordance with these guidelines.

AI and Data Usage Contract Guidelines[ja]

According to the Guidelines, data contracts are classified into three types:

  • Data provision type
  • Data creation type
  • Data sharing type (platform type)

A data provision contract is a contract that is concluded to stipulate the conditions for data provision when the data provider provides data to the data recipient, in cases where there is no dispute between the contracting parties about the factual situation that only the data provider holds the data in question.

Furthermore, data provision contracts are classified into the following three types:

  • Data transfer
  • Data license (usage permission)
  • Data joint use (mutual usage permission)

Key Points to Check When Concluding a Data Provision Contract

When concluding a data provision contract, it is important to pay attention to the following points.

Identification of the Data to be Provided

Firstly, it is crucial to clearly define the data that will be the subject of the transaction. Data is not visible like general goods and is not physically exchanged, so if it is not properly defined, there can be a discrepancy in understanding between the parties, which could lead to trouble.

Before concluding the contract, discuss in detail what kind of data the data provider can provide and what kind of data the data recipient wants, and clearly state this in the contract. Also, define the format, frequency, and method of data provision.

Handling of Derived Data

There is a possibility that derived data may be generated when the data recipient processes and analyzes the provided data within the scope of the contract’s purpose. It is necessary to define who has the right to use this derived data.

In the case of data transfer, the data recipient can use the derived data. However, in the case of data usage licenses and mutual usage licenses, it is not clear who has the right to use the derived data and other results. Define the derived data and other results in the contract, and clearly state whether there is a right to use them, and if usage is permitted, the compensation and scope.

Handling of Intellectual Property Rights Created Based on the Provided Data

There is also a possibility that intellectual property rights may be created in the process of the data recipient processing and analyzing the provided data. It is necessary to define the ownership of these intellectual property rights in the contract. If the intellectual property rights belong to one party, determine whether the other party is permitted to use them, and if so, define the scope and compensation.

Note that if copyrights are shared, the consent of all copyright holders is required for use, which may make it difficult to use, so be careful when considering sharing.

About the Quality of the Provided Data

It is considered that the data provider bears the warranty liability if there is a problem with the quality of the provided data, such as inaccuracy. However, there are various types of problems that can occur with data quality, such as accuracy and completeness. Therefore, clearly define the scope of the data provider’s responsibility for the accuracy, completeness, validity, safety, and non-infringement of third-party intellectual property rights of the provided data through representations and warranties.

About Damages Arising from Data Use

If damages occur, such as legal disputes with third parties related to the use of the provided data, define who will bear the costs and compensation that become necessary. If the data provider bears this obligation, it is possible to set a limitation provision such as “limited to damages incurred when the data recipient uses the data within the scope of the contract”. Also, provisions such as setting the compensation as the upper limit for damage liability are effective.

Use of Data for Purposes Other Than Intended, Provision to Third Parties

To prevent unlimited use of the data, establish a provision prohibiting the use of data for purposes other than intended. In this case, you must carefully consider the purpose of data use. If the purpose of data use is too narrowly defined, even a slight deviation will result in use for purposes other than intended, so consider carefully.

Also, if there is a possibility of providing the provided data to a third party, add a restriction provision such as requiring the data recipient to report to the data provider in advance and obtain consent.

When the Provided Data Includes Personal Data

Personal data refers to personal information that constitutes a personal information database, etc. If the provided data includes personal data, define the handling of personal information based on the Personal Information Protection Law. In principle, the consent of the individual is required to provide personal data included in the provided data to a third party.

If the data is anonymized to create anonymized information, it can be provided without the consent of the individual under certain rules. When providing anonymized information to a third party, there are restrictions such as:

  • Publicizing in advance the items of personal information included in the anonymized information and the method of provision
  • Explicitly indicating to the third party recipient that the provided information is anonymized information

and so on.

Summary: Data Provision or Data Transaction Contracts should refer to AI and Data Usage Contract Guidelines

Given that the subject of data provision contracts is data, an intangible entity, there are considerations that differ from those of typical contracts. While legal issues are outlined in the guidelines of the Ministry of Economy, Trade and Industry (Japanese Ministry of Economy, Trade and Industry), it is necessary to examine them in line with specific cases. To ensure the effectiveness of the contract and to avoid any trouble, it is recommended to create the contract in consultation with a lawyer who is knowledgeable about laws related to data transactions.

Introduction to Our Firm’s Measures

Monolith Law Office is a legal office with high expertise in both IT, particularly the Internet, and law. Specialized knowledge is required when creating contracts for data provision. Our firm handles the creation and review of contracts for various cases, ranging from companies listed on the Tokyo Stock Exchange Prime Market to venture startups. If you have any concerns about contracts, please refer to the article below.

Managing Attorney: Toki Kawase

The Editor in Chief: Managing Attorney: Toki Kawase

An expert in IT-related legal affairs in Japan who established MONOLITH LAW OFFICE and serves as its managing attorney. Formerly an IT engineer, he has been involved in the management of IT companies. Served as legal counsel to more than 100 companies, ranging from top-tier organizations to seed-stage Startups.

Return to Top