Luxembourgh Times
Data protection

EU unveils rules to force firms to hand over product data

Proposal outlined on Wednesday aims to introduce regulations on how companies access non-personal data

EU Commissioner for Competition Margrethe Vestager said the plan was to hand people greater control over their data

EU Commissioner for Competition Margrethe Vestager said the plan was to hand people greater control over their data © Photo credit: Aris Oikonomou/AFP

Source: Bloomberg

The European Union has unveiled new rules that will make it easier for users to transfer data generated from products like Amazon’s Alexa or a Tesla vehicle.

The European Commission’s Data Act will set rules on how companies can access so-called non-personal data, or data that does not contain any information that identifies an individual. The proposal will impact a wide variety of sources, including information collected in machinery and connected devices, such as smart home appliances.

For example, under the new rules, the driver of a car could request that any data generated on the performance of the vehicle be sent to a repair shop of their choice. This could help customers get cheaper services rather than being obligated to go directly to the car company, according to the Commission.

Cloud service companies such as Amazon and Microsoft will also be forced to make it easier to switch between providers.

“We want to give consumers and companies even more control over what can be done with their data,” Margrethe Vestager, the Commission’s competition chief, said in a statement on Wednesday.

The proposal will now go to EU countries and the European Parliament for approval but could take years to come into effect.

Companies are already concerned that the new rules would hurt non-EU businesses and make data flows with the EU more difficult. Very large tech companies like Google are unlikely to benefit from the easing of data transfers, according to the proposal.

“The Data Act will serve the EU’s digital ambitions if it protects confidential business information, treats all companies equally, and avoids creating new data flow restrictions,” said Alexandre Roure, public policy director at the Computer and Communications Industry Association.

European regulators have been steadily laying down stricter rules over how companies handle user data. The Irish data protection authority is currently considering the legality of a contract that allows firms to ship vast amounts of commercial data across the Atlantic.

The Data Act will also ask firms to introduce safeguards to stop non-EU governments from accessing data, and force firms to allow users to transfer data between cloud providers at no additional cost.

“Regulation should not institute conflicts of laws nor create obstacles to data transfers,” Emilie Petras-Sohie, IBM Europe’s senior legal and policy manager, said in a statement. “And cloud switching requirements should strike the right balance between avoiding vendor lock-in and allowing cloud providers to offer innovative services.”

©2022 Bloomberg L.P.