Blog

EU Data Act: New rules proposed on data access

This regulation looks to mold a standard for data sharing and use across the EU

February 23, 2022

N/A

On February 23, 2022, the European Commission proposed a new set of rules on the use and access of data stemming from the EU. As the amount of data generated and accessed continues to grow astronomically, the EU Data Act looks to set a regulatory standard around the access of data by different parties. 

The goal is to empower consumers, businesses, and public sector bodies with data access rules. 

Maragrethe Vestager, EVP, A Europe Fit for the Digital Age, said: “We want to give consumers and companies even more control over what can be done with their data, clarifying who can access data and on what terms…”

What are the key highlights of the EU Data Act?

This new regulation comes on the heels of the Data Governance Act launched in December 2021, as the second legislative initiative under the European Strategy for Data, which, as the European Commission states, “focuses on putting people first in developing technology and defending and promoting European values and rights in the digital world”. 

The press release from the European Commission mentions the points below as key inclusions of the Data Act.

  • Device users (individual or enterprise) will have access to data generated by their devices, with manufacturers transparent about this information. 
  • These users can also enable third parties to access their data for value-added services (predictive maintenance, energy management, etc.), but are restricted from creating competing products or services from the data. 
  • Data controllers will be incentivized to generate and provide high-quality data to their consumers. Contract standards are also set to prevent the exploitation of businesses.  
  • In the case of a public emergency, such as a natural disaster or national security threat, public sector bodies will have easier access to the necessary private sector data.  
  • New rules will facilitate customers switching between cloud-based data processing services, easing this process, along with safeguards to prevent unlawful data transfers. 


Who does the EU Data Act affect?

 The Data Act applies to the following parties:

  • IoT and other connected products/services manufacturers in the EU 
  • Users (Individual and Enterprise) of these products and services 
  • Data recipients in the EU 
  • Public sector bodies in the EU 
  • Providers of data processing services who offer these services in the EU


What does this mean for businesses?

With more control over their data and more avenues to share data, businesses will now be empowered to innovate around the data-driven aspects of their products/services. 

The new standard contractual clauses in place will also allow for more balanced data-sharing contracts.

Overall, companies that offer connected products or services will need to look at the effects that increased user access and third-party sharing will have and focus on enabling processes to facilitate these new movements of data as stipulated by the EU Data Act. 

Further resources on legislation related to the European Strategy on Data: 

Follow OneTrust on LinkedInTwitter, or YouTube for the latest on the EU Data Act and related legislation.


You may also like

Webinar

Responsible AI

Unpacking the EU AI Act

Prepare your business for EU AI Act and other AI regulations with this expert webinar. We explore the Act's key points and requirements, building an AI compliance program, and staying ahead of the rapidly changing AI regulatory landscape.

July 12, 2023

Learn more

Webinar

Responsible AI

Unpacking the EU AI Act

Prepare your business for EU AI Act and other AI regulations with this expert webinar. We explore the Act's key points and requirements, building an AI compliance program, and staying ahead of the rapidly changing AI regulatory landscape.

July 12, 2023

Learn more

Webinar

Consent & Preferences

Live demo: How to automate consent and preference management with OneTrust

In this webinar, we demonstrate how OneTrust Consent and Preferences helps build stronger customer relationships by providing transparency, giving users control over their data use, and delivering personalized experiences.

June 29, 2023

Learn more

Webinar

Consent & Preferences

Live demo: How to automate consent and preference management with OneTrust

In this webinar, we demonstrate how OneTrust Consent and Preferences helps build stronger customer relationships by providing transparency, giving users control over their data use, and delivering personalized experiences.

June 29, 2023

Learn more

Webinar

Privacy Management

Unpacking the EU-US DPF

In this webinar, we cover the new EU-US Data Privacy Framework (EU-US DPF) and what privacy program managers need to know for post-Schrems II data transfers.

June 28, 2023

Learn more

Webinar

Privacy Management

Unpacking the EU-US DPF

In this webinar, we cover the new EU-US Data Privacy Framework (EU-US DPF) and what privacy program managers need to know for post-Schrems II data transfers.

June 28, 2023

Learn more

Webinar

Data Discovery

Live demo: OneTrust Data Discovery

See how OneTrust Data Discovery can help your organization achieve complete data visibility to empower your security program and reduce risk.

June 22, 2023

Learn more

Webinar

Data Discovery

Live demo: OneTrust Data Discovery

See how OneTrust Data Discovery can help your organization achieve complete data visibility to empower your security program and reduce risk.

June 22, 2023

Learn more

Webinar

Privacy Management

New states, new dates: Preparing for Indiana, Montana, Tennessee and Florida state privacy laws

Join our expert panel where we examine upcoming privacy legislation in Indiana, Montana, Tennessee, and Florida and the key requirements of each law.

June 20, 2023

Learn more

Webinar

Privacy Management

New states, new dates: Preparing for Indiana, Montana, Tennessee and Florida state privacy laws

Join our expert panel where we examine upcoming privacy legislation in Indiana, Montana, Tennessee, and Florida and the key requirements of each law.

June 20, 2023

Learn more

Webinar

Data Discovery

Data responsibility: The information security professional’s higher purpose

Join OneTrust and KPMG for a dialogue with Information Security leaders on managing the balance between risk and reward when handling sensitive customer information.

June 20, 2023

Learn more

Webinar

Data Discovery

Data responsibility: The information security professional’s higher purpose

Join OneTrust and KPMG for a dialogue with Information Security leaders on managing the balance between risk and reward when handling sensitive customer information.

June 20, 2023

Learn more

Webinar

Privacy Automation

US privacy laws on the horizon: Which states will be next?

Join our live webinar as OneTrust DataGuidence and privacy experts examine new privacy legislation in Indiana, Montana, Tennessee, Florida, and Texas.

June 15, 2023

Learn more