INFORMATION TECHNOLOGY
European Commission published an overview of the European Union’s Data Act, with information about its objectives and how it will work in practice.
The EU Regulation 2854/2023 (Data Act) officially entered into force on January 11th, 2024. It introduces harmonized rules on fair access to and use of data, in particular related to connected devices. It shall become operable on September 12nd, 2025.
The EU Commission provided this set of practical guidelines on how the Data Act gives users of connected products greater control over the data they generate while maintaining incentives for those who invest in data technologies. It also lays down general conditions for situations where a business has a legal obligation to share data with another business.
Specifically, the overview provides information on the following issues: (1) business-to-business and business-to-consumer data-sharing in the context of the Internet of things; (2) business-to-business data-sharing; (3) unfair contractual terms; (4) business-to-government data-sharing; (5) switching between data processing services; (6) unlawful third-country government access to data; (7) interoperability; and (8) enforcement.
As further development, the EU Commission anticipated a set of model contractual terms to help businesses conclude data-sharing contracts that are fair, reasonable, and non-discriminatory. These terms will also provide guidance on reasonable compensation and the protection of trade secrets.
Regarding the cloud, the EU Commission also will recommend a set of non-binding standard contractual clauses for cloud computing contracts between cloud service users and providers. An expert group has been set up to help the EC draft such terms and clauses, and it plans to recommend them by autumn 2025.
Within three years of its entry into application, the EC will carry out an evaluation of the impact of the Data Act, and, if necessary, may propose amendments.
The EU Commission provided this set of practical guidelines on how the Data Act gives users of connected products greater control over the data they generate while maintaining incentives for those who invest in data technologies. It also lays down general conditions for situations where a business has a legal obligation to share data with another business.
Specifically, the overview provides information on the following issues: (1) business-to-business and business-to-consumer data-sharing in the context of the Internet of things; (2) business-to-business data-sharing; (3) unfair contractual terms; (4) business-to-government data-sharing; (5) switching between data processing services; (6) unlawful third-country government access to data; (7) interoperability; and (8) enforcement.
As further development, the EU Commission anticipated a set of model contractual terms to help businesses conclude data-sharing contracts that are fair, reasonable, and non-discriminatory. These terms will also provide guidance on reasonable compensation and the protection of trade secrets.
Regarding the cloud, the EU Commission also will recommend a set of non-binding standard contractual clauses for cloud computing contracts between cloud service users and providers. An expert group has been set up to help the EC draft such terms and clauses, and it plans to recommend them by autumn 2025.
Within three years of its entry into application, the EC will carry out an evaluation of the impact of the Data Act, and, if necessary, may propose amendments.
