South China Morning Post
Advertisement
Advertisement
Cybersecurity
Get more with myNEWS
A personalised news feed of stories that matter to you
Learn more
European Union industry chief Thierry Breton speaks during a press conference in Brussels, Belgium, on June 15, 2023. Photo: Christophe Licoppe/European Commission/dpa
TechPolicy

EU countries, lawmakers reach data rule deal targeting Big Tech

  • The European Commission proposed the Data Act last year to cover data generated in smart gadgets, machinery and consumer products
  • The new legislation also gives consumers and companies a say on what can be done with the data generated by their connected products
Cybersecurity
Reuters
Reuters
Why you can trust SCMP

European Union countries and EU lawmakers on Tuesday agreed on rules that govern how Big Tech and other companies use consumer and corporate data in the continent, with safeguards against non-EU governments gaining illegal access.

The European Commission proposed the Data Act last year to cover data generated in smart gadgets, machinery and consumer products, part of a raft of legislation aimed at curbing the power of US tech giants.

EU concerns about data transfers have grown, following revelations by former US intelligence contractor Edward Snowden in 2013 of mass US surveillance.

The agreement was reached after seven hours of talks.

China’s Li Qiang warns of ‘de-risking’ risks during Germany, France visits

“Tonight’s agreement on the Data Act is a milestone in reshaping the digital space … we are on the way of a thriving EU data economy that is innovative and open – on our conditions,” EU industry chief Thierry Breton said in a tweet.

The new legislation gives both individuals and businesses more control over their data generated through smart objects, machines and devices, allowing them to copy or transfer data easily from across different services.

It also gives consumers and companies a say on what can be done with the data generated by their connected products.

The Act makes it easier to switch to other providers of data processing services, introduces safeguards against unlawful data transfer by cloud service providers and provides for the development of interoperability standards for data to be reused between sectors.

Manufacturers watered down an attempt to force them to share data with third parties to provide aftermarket or other data-driven services. German multinational firms Siemens and SAP had voiced fears about trade secret-related data leaks.

Such data sharing requests can be rejected under exceptional circumstances where operators could face “serious and irreparable economic losses” undermining their economic viability under the new law.

Extortion demands feared after hacking spree hits British Airways, BBC

Lawmaker Damian Boeselager said that created a loophole for some companies.

“I find this deeply concerning. But at least a national authority can review and annul such a unilateral decision by the operator in a timely manner,” he said.

Lobbying group The Information Technology Industry Council has criticised the wide scope of the Act.

“We have ongoing concerns regarding the Act’s broad and ambiguous approach to data sharing, including on the expansion of the products and services originally in scope and the safeguards for trade secrets protection, as well as the rules impacting international transfers of non-personal data,” the council's director general for Europe, Guido Lobrano, said.

Post