EU Data Act: New Rules Proposed on Data Access
EU Data Act: New Rules Proposed on Data ...

EU Data Act: New Rules Proposed on Data Access

This regulation looks to mold a standard for data sharing and use across the EU

clock3 Min Read

Featured Image

On February 23, 2022, the European Commission proposed a new set of rules on the use and access of data stemming from the EU. As the amount of data generated and accessed continues to grow astronomically, the EU Data Act looks to set a regulatory standard around the access of data by different parties.  

The goal is to empower consumers, businesses, and public sector bodies with data access rules.  

Maragrethe Vestager, EVP, A Europe Fit for the Digital Age, said: “We want to give consumers and companies even more control over what can be done with their data, clarifying who can access data and on what terms…” 

What are the key highlights of the EU Data Act?

This new regulation comes on the heels of the Data Governance Act launched in December 2021, as the second legislative initiative under the European Strategy for Data, which, as the European Commission states, “focuses on putting people first in developing technology and defending and promoting European values and rights in the digital world”.  

The press release from the European Commission mentions the points below as key inclusions of the Data Act. 

  • Device users (individual or enterprise) will have access to data generated by their devices, with manufacturers transparent about this information. 
  • These users can also enable third parties to access their data for value-added services (predictive maintenance, energy management, etc.), but are restricted from creating competing products or services from the data. 
  • Data controllers will be incentivized to generate and provide high-quality data to their consumers. Contract standards are also set to prevent the exploitation of businesses.  
  • In the case of a public emergency, such as a natural disaster or national security threat, public sector bodies will have easier access to the necessary private sector data.  
  • New rules will facilitate customers switching between cloud-based data processing services, easing this process, along with safeguards to prevent unlawful data transfers.  

Who does the EU Data Act affect?

 The Data Act applies to the following parties: 

  • IoT and other connected products/services manufacturers in the EU 
  • Users (Individual and Enterprise) of these products and services 
  • Data recipients in the EU 
  • Public sector bodies in the EU 
  • Providers of data processing services who offer these services in the EU 

What does this mean for businesses?

With more control over their data and more avenues to share data, businesses will now be empowered to innovate around the data-driven aspects of their products/services. 

The new standard contractual clauses in place will also allow for more balanced data-sharing contracts. 

Overall, companies that offer connected products or services will need to look at the effects that increased user access and third-party sharing will have and focus on enabling processes to facilitate these new movements of data as stipulated by the EU Data Act.  

Further resources on legislation related to the European Strategy on Data:  

Follow OneTrust on LinkedIn, Twitter, or YouTube for the latest on the EU Data Act and related legislation. 

You Might Also Be Interested In

JANUARY 13, 2023

Addressing UK app Code of Practice requirements with OneTrust

JANUARY 12, 2023

Ultimate guide to the EU CSRD ESG regulation for businesses

JANUARY 11, 2023

Continuous improvement: The leading indicator for successful compliance programs

JANUARY 10, 2023

Build trust, promote your program in the Third-Party Risk Exchange

JANUARY 9, 2023

Building trust in a zero trust world

JANUARY 9, 2023

Consent management by the numbers: 2022 DMA report summary

JANUARY 9, 2023

Navigating the California Privacy Rights Act as a HIPAA-compliant business

JANUARY 6, 2023

US state privacy bills on the horizon in 2023

Onetrust All Rights Reserved