EU countries and EU lawmakers agreed on Tuesday on rules governing how Big Tech and other companies use European consumer and corporate data, with safeguards against non-EU governments gaining access. illegal.
The European Commission proposed the Data Act last year to cover data generated in smart devices, machinery and consumer products, part of a series of laws aimed at reining in the power of American tech giants.
EU concerns about data transfers have increased following former US intelligence contractor Edward Snowden’s 2013 revelations about US mass surveillance.
The agreement was reached after seven hours of talks.
“Tonight’s agreement on the Data Law is a milestone in reshaping the digital space…we are on the path to a thriving EU data economy that is innovative and open, on our terms,” said the chief of the EU industry, Thierry Breton, in a tweet.
The new legislation gives individuals and companies greater control over their data generated through smart objects, machines and devices, allowing them to easily copy or transfer data from different services.
It also gives consumers and businesses a say in what can be done with the data generated by their connected products.
The Law makes it easier to switch to other data processing service providers, introduces safeguards against illegal data transfer by cloud service providers, and provides for the development of interoperability standards for data reuse across sectors.
Manufacturers watered down an attempt to force them to share data with third parties to provide after-sales or other data-driven services. Siemens and SAP had expressed fears about data leaks related to trade secrets.
Such data sharing requests can be denied in exceptional circumstances where operators could face “serious and irreparable economic losses” that undermine their economic viability under the new law.
Lawmaker Damian Boeselager said this created a loophole for some companies.
“This worries me deeply. But at least one national authority can review and overturn such a unilateral decision by the operator in a timely manner,” he said.
Lobbying group The Information Technology Industry Council (ITI) criticized the broad scope of the law.
“We have ongoing concerns regarding the Law’s broad and ambiguous approach to data sharing, including the expansion of products and services originally in scope and guarantees for the protection of trade secrets, as well as rules affecting transfers. international non-personal data, said its general director for Europe, Guido Lobrano.
© Thomson Reuters 2023