With a view to making the EU a leader in our data-driven society, member states’ representatives (Coreper) reached a common position (“negotiating mandate”) allowing the Council to enter negotiations with the European Parliament on the proposed legislation regarding harmonised rules on fair access to and use of data (data act).

“Today’s (24/3/2023) agreement will facilitate the digital transformation of our societies and economies. The data act will unlock the economic and societal potential of data and technologies in line with EU rules and values. It will contribute to creating a single market to allow data to flow freely within the EU and across sectors for the benefit of businesses, researchers, public administrations, and society at large.” Erik Slottner, Swedish minister for public administration, said. 

The data act will give both individuals and businesses more control over their data through a reinforced portability right, copying or transferring data easily from across different services, where the data are generated through smart objects, machines, and devices. The new legislation will empower consumers and companies by giving them a say on what can be done with the data generated by their connected products.

Main issues maintaining the general thrust of Commission’s proposal

The regulation proposes new rules on who can use and access data generated in the EU across all economic sectors. It aims to ensure fairness in the digital environment, stimulate a competitive data market, open opportunities for data-driven innovation and make data more accessible to all.

The proposal also aims to ease the switching of providers of data processing services, puts in place safeguards against unlawful data transfer by cloud service providers and provides for the development of interoperability standards for data to be reused between sectors.

The Council’s common position maintains the general thrust of the Commission’s proposal, namely as regards:

  • measures to allow users of connected devices, ranging from smart home appliances to smart industrial machinery, to gain access to data generated by them, which is often exclusively harvested by manufacturers
  • measures to prevent abuse of contractual imbalances in data sharing contracts due to unfair contractual terms imposed by a party with significantly stronger bargaining position
  • means for public sector bodies to access and use data held by the private sector that is necessary in exceptional circumstances, particularly in case of a public emergency, such as floods and wildfires, or to implement a legal mandate if data are not otherwise available
  • new rules allowing customers to effectively switch between different cloud data-processing service providers and putting in place safeguards against unlawful data transfer

Main amendments to the Commission’s proposal

The Council’s text amends various parts of the Commission’s proposal, including on the following aspects:

  • a clearer definition of the scope of the regulation, especially with regard to Internet of Things (IoT) data, where focus was moved to the functionalities of the data collected by connected products instead of the products themselves
  • some clarifications on the interplay between the data act and existing horizontal and sectoral legislation, such as the data governance act and the general data protection regulation (GDPR)
  • the protection of trade secrets and intellectual property rights, accompanied by appropriate safeguards against abusive behaviour
  • additional guidance with regard to reasonable compensation for making the data available and dispute settlement mechanisms
  • some fine-tuning on data sharing requests by public sector bodies based on exceptional needs
  • clearer and more widely applicable provisions with regard to effective switching between data processing services

Next steps

Today’s agreement on the Council’s common position will allow the Swedish presidency to enter negotiations with the European Parliament (“trilogues”) on the final version of the proposed legislation.

Background

Following the data governance act adopted by the co-legislators in 2022, the data act regulation is the second main legislative initiative resulting from the Commission’s February 2020 European strategy for data, which aims to make the EU a leader in our data-driven society.

While the data governance act creates the processes and structures to facilitate data sharing by companies, individuals and the public sector, the data act clarifies who can create value from data and under which conditions. This is a key digital principle that will contribute to creating a solid and fair data-driven economy and guide the EU’s digital transformation by 2030. It will lead to new, innovative services and more competitive prices for aftermarket services and repairs of connected objects (“Internet of Things” / IoT).

In its conclusions of 25 March 2021, the European Council underlined the importance of digital transformation for EU’s growth, prosperity, security, and competitiveness, as well as for the well-being of our societies. In light of these ambitions and challenges, the Commission proposed on 23 February 2022 measures for a fair and innovative data economy (Data Act), as a follow-up to its communication of February 2020 on the European strategy for data.

Source: consilium.europa.eu