(BRUSSELS) – A Euro-Parliament committee gave its backing Thursday to the ‘Data Act’, empowering a wider range of private and public entities to share data, while clarifying who can access data and on what terms.
The volume of data generated by humans and machines is increasing exponentially and becoming a critical factor for innovation by businesses (e.g. algorithm training) and by public authorities (e.g. shaping of smart cities).
The proposed act establishes common rules governing the sharing of data generated by the use of connected products or related services (e.g. the internet of things, industrial machines) to ensure fairness in data sharing contracts.
The draft legislation is expected to contribute to the development of new services, in particular in the sector of artificial intelligence where huge amounts of data are needed for algorithm training. It can also lead to better prices for after-sales services and repairs of connected devices.
MEPs adopted measures to allow users to gain access to the data they generate, as 80% of industrial data are never used, according to the European Commission. They also want to ensure contractual agreements are at the centre of business-to-business relations.
Companies could decide what data can be shared, and the manufacturer choose not to make certain data available “by design”. When companies draft their data-sharing contracts, the law will rebalance the negotiation power in favour of SMEs, by shielding them from unfair contractual terms imposed by companies that are in a significantly stronger bargaining position.
The text also defines how public sector bodies can access and use data held by the private sector that are necessary in exceptional circumstances or emergencies, such as floods and wildfires.
MEPs strengthened provisions to protect trade secrets and avoid a situation where increased access to data is used by competitors to retro-engineer services or devices. They also set stricter conditions on business-to-government data requests.
Finally, the proposed act would facilitate switching between providers of cloud services, and other data processing services, and introduce safeguards against unlawful international data transfer by cloud service providers.
The legislation will be put to a vote by the full House during the 13-16 March plenary session.