While it was initially concerned with regulating the use of personal data with the General Data Protection Regulation, the European Commission now wants to work towards a society in which non-personal data, particularly industrial data, circulates.

The proposal for a Regulation on harmonised rules on fair access to and use of data, or Data Act, was adopted on 23 February 2022 by the Commission. This piece of work is part of the European Strategy for data adopted in February 2020, following the Data Governance Act adopted in May 2022 (applicable in September 2023). With this strategy, the Commission is hoping to develop a data-driven society and a single market for data. It sets up a framework where data can be easily accessed, shared, and used by others while respecting privacy and business confidentiality.

More and more people use connected objects, which generate data related to their uses and their
environment. Usually, this data is kept by the manufacturer. The Data Act wants to open this market
and distribute the value of this data among all the actors of the economy. The text is creating a new
right for the consumers: the right to recover all the data they have generated through their use of the connected object. The Data should be able to move in business-to-business relations but also in business-to-consumer relations. Businesses would be obligated to share this data in exchange for fair compensation.

The other point is this data will have to be made available for the public services and the administration. In the event of a public emergency, whether it is a sanitary issue or a major natural disaster, businesses that have relevant data would have to share it, against compensation or for free (depending on the severity of the situation).

The last major point of the Act is the “cloud-switching’ issue. In order for the Data to move more easily, the Act is aiming to reduce the cloud exit barriers. In the current system, the major cloud providers charge any data that is leaving the cloud, which can prevent some customers to move. The Data Act wants to make it easier to change cloud providers by requiring the departed cloud to accompany the customer to the new cloud provider. The help provided has to be technical, commercial, organizational, and contractual. For example, the customer’s data has to be handed back in a standard format or a format that would work in the next cloud.

References :
European strategy for data: the CNIL and its counterparts comment on the Data Governance Act and
the Data Act | CNIL
EUR-Lex – 52022PC0068 – EN – EUR-Lex (europa.eu)
Data Act: Proposal for a Regulation on harmonised rules on fair access to and use of data | Shaping
Europe’s digital future (europa.eu)

A propos de Sarah HATAM