The EU Data Act: What You Need to Know
In June 2023, the European Parliament and the Council of the EU agreed to adopt the European Data Act, proposed by the Commission in February 2022. This act, which complements the Data Governance Act of November 2020, clarifies who can create value from data and under which conditions. This stems from the European strategy for data, which was previously announced in February 2020, and was created to help the EU stand out as the frontrunner of a data-driven society.
If you do business in the EU, you might be wondering: how will this impact my business? We’ve got what you need to know and why lineage is an important piece of the puzzle.
What Does the EU Data Act Include?
According to the European Commission:
“The Data Act aims to boost the EU's data economy by unlocking industrial data, optimizing its accessibility and use, and fostering a competitive and reliable European cloud market. It seeks to ensure that the benefits of the digital revolution are shared by everyone.”
The Data Act includes a few key points that set it apart from previous acts, like the GDPR:
- Measures that enable users of connected devices to access the data generated by these devices and by services related to these devices. Users will be able to share such data with third parties, incentivizing manufacturers to invest in high-quality data generation.
- Measures to provide protection from unfair contractual terms that are unilaterally imposed. These aim to safeguard EU companies from unjust agreements, fostering fair negotiations.
- Mechanisms for public sector bodies to access and use data held by the private sector in cases of public emergencies such as floods and wildfires, or when implementing a legal mandate where the required data is not readily available through other means.
- New rules that grant customers the freedom to switch between various cloud data-processing service providers. These rules aim to promote competition and choice in the market while preventing vendor lock-in. Additionally, the Data Act includes safeguards against unlawful data transfers, ensuring a more reliable and secure data-processing environment.
- Measures to promote the development of interoperability standards for data-sharing and data processing, in line with the EU Standardisation Strategy.
How is the European Data Act Different from GDPR?
The European Data Act differs from Europe’s General Data Protection Regulation (GDPR) because GDPR aims to solely protect personal data. That means that GDPR will only protect data that can be traced back to a “natural person” (i.e., a human vs. an AI bot). However, the European Data Act also regulates non-personal data and interconnected devices as part of the Internet of Things (IoT). This includes nearly any form of digitized information, anonymous or not.
In other words, the Data Act will enhance the rights granted under GDPR for connected products so that consumers can access and port any data generated by the product, both personal and non-personal.
Think about it this way: when you sign up for a newsletter, there are very clear regulations governing who can keep your data and for how long. But, let’s say you buy a smart home doorbell camera. You don’t necessarily know who can access the data connected to the interconnected devices. The European Data Act provides protection for your data in that instance while also giving businesses an incentive to use general product data more strategically.
Why Data Lineage Matters for the European Data Act
When we look broadly at the EU Data Act, there is one thing that is made clear: there is a massive amount of data, both from interconnected devices and from databases, that must be regulated. Let’s say your business has 100 smart home cameras, and those cameras are connected to 100 remote modems, which are connected to another 100 databases that contain 1000 data sets in each database. If you thought untangling that drawer full of old cables and cords was difficult, that’s nothing compared to manually untangling – and regulating – all of this data.
Data lineage is the answer to helping you not only untangle the mess of data to stay in compliance with the European Data Act and GDPR, but also to gain insights from this data and how it flows so you can make better business decisions.
Manta’s automated data lineage is a critical part of your data governance and compliance strategy. Whether you do business in the EU or on a global scale, our data governance solution can help you streamline your strategy.
To learn more about how Manta can help, get in touch with our team today.