Introduction
In the rapidly changing landscape of digitization, the European Union took a groundbreaking step in data regulation with the introduction of the Data Act.
Published in the EU’s official journal on Dec. 22, 2023, the law will enter into force on Jan. 11, 2024, ushering in a new era of harmonized rules for fair data access and use.
In this blog post, we address the key aspects and implications of the Data Act, shining the spotlight on its main goals, scope, obligations and implementation timeline.
Main goals and scope
At its core, the Data Act aims to regulate the access and use of data generated within the European Union. Both personal and non-personal data are covered by the regulation, distinguishing it from the General Data Protection Regulation (GDPR ) by focusing primarily on the functionalities of data collected by connected products. While the GDPR prioritizes non-personal data, the Data Act provides crucial rules regarding safeguards against unlawful international government access and transfer of such data.
One of the main goals of regulation is to facilitate the seamless transition between data processing service providers, fostering a more dynamic and competitive digital environment.
Obligations
Manufacturers and service providers now face a series of obligations under the Data Act. Users should be granted free access, reuse and sharing rights to data collected through products and related services. This should be achieved by designing products and services so that users can access data without obstacles.
Moreover, data holders are required to provide data to users upon request, and third-party access must be granted upon user request or when a legal obligation exists. The law emphasizes the importance of fair, reasonable and non-discriminatory conditions for making data available to third parties. The compensation for this access is determined by factors such as cost, investment, volume, format and nature of the data.
Switching between Cloud service providers and other data processing services is also covered by the Data Act. Customers should be provided with contractual terms for switching before signing a contract, including information on switching costs, which should be eliminated by 2027.
Timeline
The journey of the Data Act begins on Jan. 11, 2024, and its provisions take effect from Sept. 12, 2025. However, the obligation for data to be accessible by default applies to connected products and associated services that are marketed after Sept. 12, 2026.
Conclusion
As we enter this new era of data regulation, the EU Data Act marks a commitment to promote a digital environment that prioritizes fairness, accessibility and competition. The identified commitments and timelines provide a roadmap for businesses and service providers to adapt to the changing landscape, ensuring a smooth transition to a transparent and user-centric digital future. Stay tuned for further insights as we navigate through the intricate details of the EU’s Digital Decade Strategy and the transformative impact it has for both businesses and individuals.
