<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=5678177&amp;fmt=gif">

EU Commission Publishes Overview on Data Act

eu-commission-overview-data-act

On April 17, 2024, the European Commission published an overview of the Data Act, to help both individuals and businesses understand its objectives and how it will work in practice. Published in the Official Journal of the EU on December 22, 2023, and coming into effect on September 12, 2025, the Data Act aims to foster a competitive data economy, increase data availability, and ensure fairness in the data market.

 

What is the Data Act? 

The EU's Data Act, effective from September 2025, provides more control over data from devices like smartphones and smart homes. It allows people to access their data easily and share it with others if they choose to, under fair and clear rules. This is especially important for small businesses because it helps them compete with bigger companies by giving them access to valuable data they wouldn't have otherwise.

The Data Act also ensures that personal data is protected, working alongside the General Data Protection Regulation (GDPR), which already protects personal data in the EU and mandates that the rules for using data are transparent and that data is kept safe from unauthorized access or misuse.

Overall, the Data Act aims to make the digital market fairer and more innovative. By making data more accessible and secure, it supports new technologies and services. This not only helps businesses grow but also ensures that customers have better and safer digital services.

 

Overview Summary

The overview published by the EU Commission looks at each chapter of the Data Act and explains it in simpler terms, also including examples. 

Chapter I: General Provisions

  • Overview: Sets the scope and key terms of the regulation.
  • Purpose: To provide a legal framework for data sharing, ensuring that all terms and definitions are clearly outlined for consistency across the EU.
  • Example: The chapter defines "connected products" as any product connected to the internet, such as smart appliances and IoT devices. This helps ensure that everyone understands the terms used throughout the Act.

Chapter II: Business-to-Business and Business-to-Consumer Data Sharing in IoT

  • Overview: Focuses on how users of IoT devices can access and use the data they generate.
  • Details: Ensures that users can access data from their devices, like connected cars or smart appliances, and use it to create new services or improve existing ones. This chapter supports the fair sharing of data between businesses and consumers.
  • Example: A user with a smart fitness device can access the data generated during workouts to monitor health trends. Additionally, they can allow a health app to use this data to offer personalized fitness advice.

Chapter III: Business-to-Business Data Sharing

  • Overview: Clarifies conditions under which businesses must share data with each other.
  • Details: Covers legal obligations for businesses to share data and allows for reasonable compensation to be requested by the data provider.
  • Example: If a company provides IoT sensors for logistics, the data generated can be shared with the logistics firm under specified conditions that ensure fairness and data security, with the sensor provider receiving compensation for sharing its data.

Chapter IV: Unfair Contractual Terms

  • Overview: Protects businesses, especially SMEs, from unfair terms imposed by more powerful partners.
  • Details: Includes provisions to prevent and rectify the imposition of unfair contractual terms in data-sharing agreements.
  • Example: An SME entering a data sharing agreement is protected against a dominant partner enforcing a 'take-it-or-leave-it' clause that limits the SME's rights over its own data or unfairly exempts the other party from liability.

Chapter V: Business-to-Government Data Sharing

  • Overview: Allows public sector bodies to access data from businesses under specific conditions.
  • Details: Supports data sharing with the government for public interest tasks and emergencies, ensuring that such sharing is transparent and proportionate.
  • Example: During a natural disaster, a public sector body can request data from telecommunications companies to track population movements and better coordinate emergency responses, ensuring the request is limited to what is necessary and proportionate.

Chapter VI: Switching between Data Processing Services

  • Overview: Facilitates easy switching between data service providers to enhance competition.
  • Details: Addresses barriers like high costs and technical difficulties that users face when switching providers, promoting a more dynamic and competitive market.
  • Example: A small business using cloud storage services can switch to another provider with better rates or services without facing prohibitive costs or losing data, thanks to standards that require interoperability and prohibit egress fees after 2027.

Chapter VII: Unlawful Third Country Government Access to Data

  • Overview: Protects data within the EU from unlawful access and transfer requests by governments outside the EU.
  • Details: Establishes safeguards to prevent non-EU government bodies from accessing EU data unlawfully, ensuring the protection of fundamental rights and national security.
  • Example: If a government of a non-EU country requests access to data stored in the EU for a legal case, the EU data holder must first ensure that such a transfer complies with EU standards of data protection and that the request does not infringe on EU citizens' rights.

Chapter VIII: Interoperability

  • Overview: Ensures that data can be easily shared and used across different platforms and sectors.
  • Details: Sets standards for data interoperability to facilitate the development of new products and services, enhancing the overall efficiency and utility of data spaces.
  • Example: A European data space for health allows different healthcare providers and research institutions to share medical data seamlessly, using standardized data formats and structures that ensure data from one hospital is compatible with another's systems.

Chapter IX: Enforcement

  • Overview: Details the enforcement mechanisms of the Data Act.
  • Details: Assigns responsibilities to national authorities to monitor compliance and enforce the Act effectively, with provisions for cross-border coordination and dispute resolution.
  • Example: If a business feels that its rights under the Data Act are violated due to unfair data sharing practices, it can contact the national data coordinator, who will guide them through the process of filing a complaint with the competent authority.