The Data Act, often described as the "GDPR of industrial data," was adopted on January 11, 2024, by the Council of the European Union.
This law aims to establish a more equitable distribution of the economic value generated by the use of data. It also aims to balance the sharing of benefits among various actors in the digital economy.
Background
The regulation on harmonized rules for fair access and use of data, known as the Data Act, is crucial for the European data strategy and aims to accelerate digital transformation in the context of the digital decade.
The Data Act complements the Data Governance Act (DGA), which has been in effect since September 2023 and governs processes facilitating voluntary data sharing.
While the DGA structures data sharing, the Data Act defines the conditions and beneficiaries of value creation from data.
Together, these two laws ensure secure access to data, stimulate its use in key sectors and areas of public interest, and contribute to the establishment of a single data market in the EU, beneficial to the European economy and society.
The Data Act establishes clear rules for fair distribution of data value, crucial with the rise of the Internet of Things (IoT). It requires connected products to enable secure access, use, and sharing of data for users. This legislative framework, applicable to all sectors, sets principles that any future legislation must comply with.
What are the new measures?
The Data Act facilitates access to data for businesses, citizens, and public administrations through the following measures:
Enhanced legal certainty
- Strengthening legal certainty for businesses and consumers in data production, especially for the Internet of Things (IoT), by establishing clear rules on data use and associated conditions.
- Maintaining incentives for investment in high-quality data. Facilitating the transfer of valuable data while ensuring confidentiality.
- Encouraging increased participation in the data economy, regardless of the size of the actors.
- The Commission will develop standard contractual clauses for equitable data sharing agreements.
Limiting contractual imbalances
Reducing the abuse of contractual imbalances that impede fair data sharing. This includes protecting businesses against unfair contract terms imposed by dominant market players.
Access to data for the public sector
Providing guidelines that allow public authorities to access private sector data for specific public interest objectives. For example, these authorities could request necessary data to effectively and without excessive disruption respond to public emergencies.
Facilitating cloud provider transitions
New regulations creating a framework to facilitate smooth migration of customers between different data processing service providers, aiming to boost the European cloud computing market and promote optimal data interoperability.
Reviewing the Database Directive
A reassessment of certain aspects of the Database Directive, with particular emphasis on clarifying the sui generis right of databases. This right aims to protect the contents of specific databases and extend it to databases derived from data generated or acquired via Internet of Things (IoT) devices. This initiative aims to ensure that the balance between data holders' and users' interests is in line with the broader goals of EU data policy.
How does the Data Act work in practice?
The Data Act represents a powerful lever to stimulate innovation and job creation. It allows the EU to maintain its position as a leader in data-based advances. Here are some concrete examples of the impact of the new rules on access and use of data generated by Internet of Things devices.
When purchasing a 'traditional' product, you receive all its components and accessories. In the case of connected devices, especially in the Internet of Things (IoT), new data is generated during their normal use. This data becomes essential components of the product. The Data Act guarantees individuals and businesses the right to access data produced through the use of objects, machinery, and smart devices.
Users of connected products have the opportunity to share this data with third parties. This allows after-sales service providers, such as repair services, to improve and innovate their offerings, thereby promoting fair competition with similar services offered by manufacturers. As a result, users of connected products, whether consumers, farmers, airlines, construction companies, or building owners, will have a choice of more competitive repair and maintenance service providers (or may even perform these tasks themselves), potentially leading to lower prices in the market. This could also extend the lifespan of connected products, contributing to the goals of the Green Pact.
Access to data on the performance of industrial equipment opens up opportunities for improving efficiency. Sectors such as manufacturing, agriculture, and construction can optimize their operations, production lines, and supply chain management using machine learning technologies.
In the field of precision agriculture, analyzing data from interconnected equipment through the IoT allows farmers to analyze real-time information such as weather conditions, temperature, humidity, market prices, and GPS data. This analysis provides crucial insights for optimizing agricultural yields. Better understanding of real-time data promotes more effective agricultural planning and helps farmers make informed decisions regarding resource allocation.
Differences between the Data Act and the GDPR
Type of data: The GDPR concerns personal data, while the Data Act focuses on non-personal data.
Objectives: The GDPR aims to protect individuals' privacy rights, while the Data Act seeks to promote access and use of data to stimulate economic innovation.
Scope: The GDPR applies to any organization processing personal data of EU residents, while the Data Act primarily targets industrial data and IoT data.
Sanctions and obligations: The GDPR imposes strict obligations and severe sanctions for non-compliance, while the details of sanctions under the Data Act are still being developed, with a focus on fair access and data sharing.
Conclusion
The European Data Act, with its innovative rules, aims to redistribute economic value of data fairly, stimulate competitiveness and innovation, and strengthen the rights of users and public authorities. The complementary SREN bill reflects the French ambition to proactively and fairly regulate the digital space.