The document discusses the legal and organizational essentials related to APIs in the public sector, emphasizing their role as products and services, and the importance of adhering to various legal frameworks. It analyzes terms of service, focusing on aspects such as transparency, liability, and the influence of governing laws on the API ecosystem. It highlights the challenges of processing terms of service agreements and their implications for innovation and data value chains.

1. 1
API4IPS
API essentials for public sector innovation
Legal and organisational essentials
December 2021
European Commission – Joint Research Centre
Katarzyna Pogorzelska
Monica Posada-Sanchez

2. 2
Legal essentials
- ANALYSIS OF THE LEGAL FRAMEWORK FOR APIS
- STRUCTURE AND ANALYSIS OF API TERMS OF SERVICE

3. 3
1. Designing and developing dimension (API developer perspective)
à API as a product: code or software products (digital assets)
− Industry standards (self-regulation and co-regulation)
− Protection under IPR: copyrights, patents, trade secrets (?):
− API licences
− Design must integrate data legal constrains (if developed for third party: constrains should be
a part of a contract)
2. Operational dimension (Service provider)
à API as a service
− SLA and governing laws: ToS
− Laws relating to the information society services, consumer protection, Platform2Business
Applicable legal framework

4. 4
3. Data sharing dimension (data holder perspective)
à technical tool to share data
− Data sharing and data protection laws
− Data constrains must be reflected in the contract with API developer
− Data licences (propagated across value chain)
4. Ecosystem dimension (systemic perspective)
à enablers of the integration into digital ecosystems
− Coordination responsibilities/accountabilities linked to all digital chains and ecosystem at
large
Applicable legal framework

5. New York
JULY
Australia
SEPTEMBER
Singapore
APRIL
Helsinki & North
MARCH
Paris
DECEMBER
London
OCTOBER
Jakarta
FEBRUARY
Hong Kong
AUGUST
JUNE
India
MAY
Check out our API Conferences here
50+ events since 2012, 14 countries, 2,000+ speakers, 50,000+ attendees,
300k+ online community
Want to talk at one of our conferences?
Apply to speak here

6. 5
Legal empirics: ToS analysis
Analysis of API Terms of Service

7. 6
Analysis of API Terms of Service
Subject of analysis
Terms of Service (unilateral legal offer)
Acceptance
Contract by adhesion

8. 7
Analysis of API Terms of Service
Perspective of the analysis: ecosystem enabling
• Nature of ToS (API-specific or service-specific)
• Transparency
• Termination conditions
• Governing laws and jurisdiction
• Liability/warranty

9. 8
Description of Dataset
- snapshot in 2019 provided
- self-declared ToS Documents: 4287
- downloads succeeded with content: 2800
NLP analysis on practices of active players
- Analysis of the structure
- Analysis of the conditions
Methodology

10. 9
Systemic perspective – robustness – technical and legal stability
- Is there homogeneity in API ToS contracts?
- Are the practises encoded in ToS:
1. Compliant with governing laws?
2. Fostering/ Hindering cooperation and/or fair competition?
Exploratory legal empirics: what is there?

11. 10
Homogeneity of ToS
STRUCTURE API SPECIFICITY Big API PROVIDERS
Found structural commonalities
⎻ Contracting parties to the agreement
⎻ Start of the contract
⎻ Termination/suspension/modification/restriction
of service provision
⎻ Payment
⎻ Governing Law
⎻ Liability
⎻ Indemnification
⎻ Warranty
⎻ Privacy
⎻ Severability
⎻ License of the generated content (IPR)
36.7% do not mention API
75 % mention API 5 or less
Multi-layered ToS structure:
- ToS defining terms of horizontal
API services (e.g.: authentication)
- ToS specific to the functionality
they are providing (e.g.: google
maps, google ads, …)
à Focus on one single application
vs API as access point
to multiple potential applications
à Are we missing opportunities,
lack of systemic vision?

12. 11
111 legal documents worlwide:
⎻ Acts, regulations, directives, ordinances
& decrees
⎻ Most of them late 90s and after
⎻ ~60% from EMEA region
⎻ USA laws appear often (data set is US
skewed)
⎻ GDPR being the most prominent
Mentions to soft regulatory actions
[*not in the graph]
⎻ Standards
⎻ Code of conduct
⎻ Code of practice
Compliance with governing laws
[1] Legal documents found in ToS ordered by year of appearance & enforcement regional AREA

13. 12
Governing laws categories
111 legal documents identified
DIGITAL GOVERNANCE
⎻ Almost a quarter on privacy
13 areas: national, regional and pluri-national (EU)
⎻ ICT regulation
⎻ Data Base Directive, Platform to Business regulation
⎻ Intellectual property
⎻ Contracts Consumer protection
SECTOR SPECIFIC
⎻ Environment
⎻ Hearth
⎻ Finance
⎻ Tax, trade/export, antifraud

14. 13
Are jurisdiction clauses a legal barrier to innovation?
- Due to geographic distance to court of dispute for settlement
- Different languages, lack of knowledge à discouraging interactions
Jurisdiction

15. 14
Cooperation and/or fair competition
Transparency Termination conditions Liability, Warranties
How difficult is
to process and understand
a ToS contract by a human being?
No surprise:
Legal documents are yet (2019)
difficult to read
35.7% of 2800 ToS documents
declare unbalanced termination conditions
If those are API specific ToS
àpotential discontinuities in data value chains. This
generates uncertainty on viability and continuity of
services and possibly discourages innovation.
Liability
14% total exclusion
5% exclude liability as permitted by law
Some state a financial cap
Warranties
296 ToS offer some warranty
71 ToS exclude all warranties to the extent
permitted by governing law
1399 ToS (~50%) provide no warranty on the
quality of the service
⎻ Inclusion of definitions (absent 80%)
⎻ Sentence’s word count
⎻ Readibility: Flesch–Kincaid test

16. 15
Publication coming - Q1 2022
We also work on:
⎻ Indemnification
⎻ Out of court dispute settlement
⎻ Payment conditions
⎻ Suspension/modification/restriction of service provision
⎻ IPRs
Work in progress…

17. 16
Thank you!
© European Union 2020
Unless otherwise noted the reuse of this presentation is authorised under the CC BY 4.0 license. For any use or reproduction of
elements that are not owned by the EU, permission may need to be sought directly from the respective right holders.
EU Science Hub: ec.europa.eu/jrc
@EU_ScienceHub
EU Science Hub – Joint Research Centre
EU Science, Research and Innovation
Eu Science Hub
CONTACT us at
JRC-APIS4DGOV@ec.europa.eu

18. New York
JULY
Australia
SEPTEMBER
Singapore
APRIL
Helsinki & North
MARCH
Paris
DECEMBER
London
OCTOBER
Jakarta
FEBRUARY
Hong Kong
AUGUST
JUNE
India
MAY
Check out our API Conferences here
50+ events since 2012, 14 countries, 2,000+ speakers, 50,000+ attendees,
300k+ online community
Want to talk at one of our conferences?
Apply to speak here