Preiskel & CoPreiskel & Co
Preiskel & Co
A boutique law firm in London
  • Home
  • About Us
    • Diversity, Social Responsibility, and Pro Bono
  • Services
    • Corporate
    • Commercial
    • Regulatory
    • Competition & Antitrust
    • Data Protection, Privacy, and Retention
    • Intellectual Property
    • Dispute Resolution
    • Employment
  • Sectors
    • Telecommunications
    • IT, Technology, & Internet
    • Media and Broadcasting
    • Websites, Blogging, & Social Media
    • Film & Television
    • Gambling & Online Gaming
    • Leisure & Retail
    • Energy & Minerals
    • Cryptocurrency & Blockchain
    • Creative Industries
  • People
    • Daniel Preiskel
    • Ronnie Preiskel
    • Tim Cowen
    • Jose Saras
    • Robert Dougans
    • Karthyaeni Vittala
    • Tina Cowen
    • Xavier Prida
    • Martina Raciti
    • Ewelina James
    • Rachael Machado
    • Maria Constantin
    • Peter Dally
    • Richard Stewart
    • Joanna Coombs-Huang
    • Paul Stelges
    • Hannah Leader
    • Alison MacFarlane
    • Ilanit Appelfeld
    • Daniel Oakland
    • Sophia Yakhno
    • Sue Warwick
    • D A T Green
    • Antony Corel
    • Stewart White
    • Mor Swiel
    • Stephen Hornsby
    • Tony Curzon-Price
    • Robert Harvey
    • Shardi Shameli
  • International
  • Blog
  • News
    • Publications
  • Contact
Menu back  

New EU rules to boost IoT data sharing: the EU Data Act

March 30, 2023By Preiskel & Co

On 14 March 2023, the European Parliament adopted the Data Act, which regulates the fair access and use of data that is generated from connected devices to boost innovation by removing barriers that obstruct access to Internet of Things (“IoT”) data.

The Data Act predominantly focuses on the untapped potential of industrial data, 80% of which the European Commission estimates is left unused. The Commission believes that, across the digital economy, data re-use is hampered by the lack of clarity of data rights, imbalances in negotiating power, limited access to fair and trustworthy cloud services, and a lack of cross-sector data interoperability.

The Data Act sets out the following rules to promote data sharing.

Business-to-Business and Business-to-Consumer Contracts

Article 3 of the Data Act attempts to govern data-sharing contracts between the company and manufacturer, by ensuring that both manufacturers and designers design products and provide services in a way that makes the data easily accessible by default.

Article 4 further governs the business-to-consumer contract, allowing consumers to be granted access to their generated data without delay, free of charge, and where applicable, continuously, and in-real time. This obligation extends to allow the user to request for their generated data to be made available to a third party. These pro-competitive provisions ensure that consumers have access to data portability and unrestricted choice.

This will help alternative providers and also aftermarket services providers, who can gain access to the trove of mostly unused information, to offer more personalised services and compete on an equal footing with comparable services that are offered directly by manufacturers.

The Data Acts complements: (i) the recently adopted Data Governance Act, which aims to facilitate the voluntary sharing of data by individuals and businesses and harmonises conditions for the use of certain public sector data; and (ii) the Digital Markets Act, which will requires a small number of very large providers of core platform services (“gatekeepers”) to provide, more effective portability of data generated through business and end users’ activities.

Start-ups, small and medium-sized enterprises and companies from traditional sectors with less-developed digital capabilities struggle to obtain access to relevant data. The Data Act aims to facilitate access to data for small and medium-sized enterprises and companies from traditional sectors with less-developed digital capabilities that currently struggle to obtain access to relevant data.

On the other hand, the gatekeepers leverage considerable power in the market, and accumulate and aggregate immense volumes of data, with the technological infrastructure to monetise such data. Therefore, gatekeepers providing core platform services are not able to rely on the Data Act to request or obtain access to users’ data that is generated by the use of a product or related service or by a virtual assistant.

Trade Secrets

The Data Act Article 4(3) sets out that information that is “trade secrets” shall only be disclosed provided that all specific necessary measures are taken to preserve its confidentiality. The data holder and the user can agree such measures, particularly when information is to be shared with third parties.

The Data Act further sets limitations as to the extent of which public sector bodies can access and use data held by the private sector. The threshold proposed under Article 14 limits public sector access to when there is an “exceptional data need”, such as public emergencies.

Cloud switching and international data transfers

The Data Act positively facilitates switching between providers of cloud, edge and other data processing services, ensuring that there is a “minimum level of functionality” for customers who switch to another service provider.

However, Article 27 of the Data Act controversially limits the scope by which non-EU governments and companies can access data. This provision has been criticised in the digital market as an open invitation to exclude non-EU cloud companies, which may trigger a decline in the availability of cloud technologies in Europe.

Nonetheless, the EU Parliament are confidently optimistic about the Data Act, describing the legislation as “an absolute game changer, providing access to an almost infinite amount of high-quality industrial data”, driven by competitiveness and innovation.

The text has now been officially adopted, with MEPs ready to enter negotiations with the EU Council on the final shape of the law. The Act shall also boast an extra-territorial nature, meaning that entities outside of the EU must be aware, as they too may be bound by its obligations when operating with customers and businesses in the EU.

Find the Data Act here.

Please contact Jose Saras and Xavier Prida if you have any questions regarding the above.

The material in this article is only for general review of the topics covered and does not constitute legal advice. No legal or business decision should be based on its content.

This article is written in English language. Preiskel & Co LLP is not responsible for any translation of all or part of its content into any language.

Latest Preiskel & Co blog posts
  • Apple’s Vision Pro Mixed Reality Headset Unveiled
    June 8, 2023
  • Tired of Cookie Banners? The EU “Cookie Pledge” against Cookie fatigue
    June 7, 2023
  • AI – Cybersecurity and Standardisation – The EU Agency for Cybersecurity (ENISA) Report
    May 30, 2023
  • Important EU Court decision for publishers and AdTech suppliers 
    May 18, 2023
  • Data Subject Access Requests right to a “copy” of personal data, CJEU Ruling
    May 17, 2023
  • GDPR-compensation for non-material damage not automatic, CJEU confirms
    May 17, 2023
  • Overview of the UAS Ofcom Drone Licence
    May 16, 2023
  • French watchdog directs Meta to change its “discriminatory” ad verification criteria
    May 11, 2023
  • Competition authorities around the world versus dominance in digital markets
    May 3, 2023
  • EDPB clarifies personal data breach notification requirements for non-EU controllers
    April 25, 2023
  • CMA probe spurs Google to change billing practices
    April 19, 2023
  • OpenAI’s ChatGPT banned in Italy
    April 18, 2023

The Preiskel Blog

  • Tired of Cookie Banners? The EU “Cookie Pledge” against Cookie fatigue 7 Jun 2023
  • AI – Cybersecurity and Standardisation – The EU Agency for Cybersecurity (ENISA) Report 30 May 2023
  • Important EU Court decision for publishers and AdTech suppliers  18 May 2023
  • Data Subject Access Requests right to a “copy” of personal data, CJEU Ruling 17 May 2023

Preiskel news

  • Preiskel & Co participating as co-sponsor of Corum Group’s upcoming London Merge Briefing event
  • Senior Partner, Danny Preiskel, quoted by IT Pro on the costs incurred by MNOs
  • Senior Partner, Danny Preiskel, a panelist at GCCM Carrier Community 2023 on IOT
  • Jose Saras and Xavier Prida Awarded First Place as Data Protection Thought Leaders in the UK
Preiskel tweets
  • Apple’s Vision Pro Mixed Reality Headset Unveiled. Find out more here: https://t.co/ifWRgSMY1r2 days ago
  • Tired of Cookie Banners? The EU “Cookie Pledge” against Cookie fatigue. Find out more here: https://t.co/1SrcVUKUDB3 days ago
  • AI – Cybersecurity and Standardisation – The EU Agency for Cybersecurity (ENISA) Report findings. Please find out m… https://t.co/7jJApBSkm211 days ago
Preiskel & Co LLP
4 King's Bench Walk,
Temple,
London
EC4Y 7DL
United Kingdom

Tel: +44 20 7332 5640
Email: info@preiskel.com

Find us on:

TwitterLinkedinMail
© Preiskel & Co LLP 2023 | Site map | Legal notices | Cookie Policy | Privacy