Attention, EU citizens! Are you curious about how your personal data is being protected and utilised in the digital age? Get ready to discover the transformative power of the EU Data Act, a groundbreaking legislation that safeguards your privacy rights and empowers you in the digital realm. On 27 June 2023, EU policymakers reached a political agreement on the Data Act.
If you’re like most people, the idea of sharing your data with strangers can be a little daunting. But thanks to the EU Data Act, data sharing, interoperability standards, and cloud switching are set to undergo a massive overhaul. With implications for a wide range of industries and sectors, from service providers and gatekeepers to device manufacturers and public authorities, the Data Act is poised to revolutionise the way we think about data ownership and sharing.
On 23 February 2022, the European Commission published the long-awaited Data Act, a proposal for regulation aimed at establishing a harmonised framework for industrial, non-personal data sharing in the European Union. According to the Commission, the new rules are expected to create €270 billion of additional GDP by 2028.
In this blogpost, Publyon’s consultant Sarah Hautier will guide you through the political agreement for:
- Improved access to private sector data for the public sector(B2G);
- Fairness of data access and use in business relationships(B2B);
- New rules allowing customers to effectively switch between different cloud data-processing services providers.
Decoding the EU Data Act: what you need to know
The Data Act has the vital goal to put users and providers on equal footing when it comes to accessing data. It serves as a complementary piece of the Data Governance Act which, in turn, aims at strengthening trust and facilitating seamless data sharing across various EU sectors.
In concrete terms, Publyon envisions a world where every entity that contributes to the creation of data can also access data. This means that users will get standard access to the generated data on any of their integrated tools. These could be virtual assistants, connected home appliances and so forth. The data should be easily and freely accessible and shareable with third parties.
Furthermore, the text sets out provisions to ensure interoperability, cloud switching and safeguards for international data transfers.
Brace for Change: what the EU Data Act means for your business
Because of the targets of the proposed regulation, which range from service providers to device manufacturers, companies and public authorities, the Data Act will have implications of data sharing, interoperability standards and cloud switching for many industries and sectors of the society.
A piece of horizontal legislation, the Data Act will apply to device manufacturers, providers of digital services and connected products (such as IoT) as well as public authorities in the EU.
To share or not to share
The proposed legislation mandates data sharing requirements to allow data sharing among businesses, public authorities and users established in the EU. This data results from the users’ interaction with connected devices. In compliance with GDPR, any personal data must be anonymised and shared in a standardised and real-time way.
The EU Data Act also establishes data markets. In the text, provisions allow companies, such as product manufacturers, and users, like owners of connected devices, to monetise from the generated data by sharing, selling or licensing it to other companies, such as start-ups. Furthermore, data holders will be entitled to compensations for sharing data with another company.
Certain limits will be put in place to guarantee that third party access to shared data remains safe and harmless to the parties involved. This entails agreed upon measures to protect confidentiality, privacy and trade secrets as well as restrictions on the use of the data by market competitors of the data holder.
To ensure that data sharing does not lead to the disclosure of trade secrets, the text introduces an ‘emergency break’. In case data sharing poses serious economic losses or safety risks, companies could decline access to trade secret related data.
The Data Act also provides requirements to makes it easier to switch from one cloud provider to another. Cloud receiving service should provide a “materially comparable outcome in response to the same input”.
Moreover, the agreement introduces the Data Coordinator as single point of contact for companies and national authorities.
Lastly, in case of public emergencies, public bodies can request access to personal and non-personal data to private companies. In other circumstances, private data holders would have to provide only industrial data.
What can you expect?
The Data Act holds immense significance for EU citizens by establishing a framework that enhances transparency, consent, and control over personal data. By ensuring that companies are accountable for their data practices, this legislation offers EU citizens the tools to actively manage their online presence, make informed choices, and protect their privacy rights in the ever-evolving digital landscape.
Following this agreement, the text will need to be formally approved by the Council of the EU and European Parliament. A first vote in Coreper and ITRE Committee could be expected by September.
The Data Act will start to apply 20 months following its entry into force, expected by the end of the year, and design requirements for new products will apply after one year. Existing contracts on Internet of Things products will change after five years.
Learn more about our EU data-related services
Publyon closely follows legislative developments regarding the Data Act and other data-related policy issues. Thanks to its expertise and wide range of clients in the digital sector, Publyon is expertly placed to assist your company in identifying the impact of and leveraging the opportunities offered by the Data Act.
Would you like to know more about how your organisation can make the most out of this Regulation? Subscribe to Publyon’s newly launched service for EU digital-related policies or get in touch with our Managing Partner Jasper Nagtegaal.
