Update: EU Data Act is officially approved and adopted
The journey of the EU Data Act began with its initial proposal by the European Commission in February 2022, showcasing the EU's proactive approach in shaping the digital economy. On 27 November 2023 the Council approved the Data Act, after the European Parliament (EP) adopted the EU Data Act on November 9, 2023. This marks a significant milestone in the European Union's journey towards a cohesive digital economy. This piece of legislation, rooted in the EU's ambition to create a robust data economy and a unified Digital Single Market, establishes a new framework for data management and access across the EU.
What is the Data Act?
The Data Act aims to democratize data access, enhance competition in digital markets, and strengthen the position of small and medium-sized enterprises (SMEs) in the digital landscape. For SMEs, this Act means not only enhanced access to valuable data but also a reduced dependency on larger tech conglomerates, leveling the playing field in the digital market.
It also addresses a range of issues from data access rights to interoperability standards for cloud services. Given the importance and sensitivity of the subject, there have been extensive negotiations since its proposal by the European Commission in February 2022. Now, the Council has approved the text of the Data Act, which you can read here.
Key features and impact
Broad scope
The Data Act's reach extends beyond the EU borders, impacting manufacturers and service providers in the digital sphere, regardless of their location, as long as they operate within the EU market. This extends the Act's influence to non-EU companies, requiring them to comply with these regulations when operating within the EU market.
Rights and obligations
The Act grants users, from individuals to enterprises, the right to access and reuse data generated from their use of connected products, empowering them in the digital ecosystem. Some relevant rights and obligations under the Data Act are:
- Data access by default: it ensures that connected products and services are designed to provide default access to data;
- Third-party data sharing: it mandates data holders to share data with third parties upon request. This opens doors for innovative applications, such as in healthcare for patient data analysis or in smart cities for urban planning;
- Transparency and fairness: it prohibits unfair contract terms and requires clear information provision before contract conclusion;
- Interoperability and penalties: it enforces interoperability in cloud services to prevent lock-in effects and non-compliance with the Data Act is subjected penalties, under the enforcement of EU Member States. The enforcement of interoperability standards aims to facilitate seamless data integration across platforms, while penalties for non-compliance will ensure strict adherence to these new norms.
The road ahead
Now that the approval of the Council is gathered, it will be officially published and formally enter into force 20 days post-publication. Its provisions, however, will become applicable 20 months later, around mid-2025. This timeline offers businesses the time to align with the new regulation.
Stay tuned for more updates and discussions on specific provisions of the Data Act.