A joint answer to the European Commission consultation on Data Act
Data is a valuable intangible asset for public or private organisations that use digital services and produce data in the course of their business activities. In order to facilitate access and use of company data, and to review the rules on the legal protection of databases, the European Commission is preparing a proposal for a regulation, known as the ‘Data Act’.
11 / 10 / 21
As our Beltug Priorities Compass shows (available in FR and NL), data is a top priority for our members. Together with our sister CIO associations Cigref (France), CIO Platform (Netherlands) and Voice (Germany), we have worked on a joint answer to the EC’s Consultation request.
An initiative welcomed by the 4 associations
The associations welcome this text, which offers an opportunity to ease intercompany data sharing. It also acts as an essential and coherent complement to other existing or planned regulations, notably: the GDPR, Platform to Business, Digital Markets Act and the Artificial Intelligence Act.
With that in mind, we encourage the Commission to:
- Consider the position of business users when drafting the Data Act and restore a fair balance in the data economy
- Ensure that business users keep full control over their data
- Improve data portability and possibilities to switch cloud providers
- Ensure fair contract terms between providers and business users regarding data
- Protect European business data from extraterritorial access
General considerations on the Data Act
Our four associations see the Data Act as an opportunity to create a framework of trust that allows European companies to enhance and safeguard the value of their data. The twofold challenge of this text is firstly to secure horizontal access and circulation of sensitive company data, and secondly to guarantee the protection of these information assets, particularly in the face of extraterritorial legislation such as, but not limited to, the US CLOUD Act. With data exchanges and processing now largely based on cloud computing services provided by non-European suppliers, the regulation of the practices of these intermediaries is essential.
The specific needs of business users of digital technology
Our members need a strong and fair regulatory framework for data use and sharing; ensuring transparent and communal responsibility between different parties – such as business users of digital technologies and providers of digital solutions and services. Our associations are committed to working to:
- Stop the abuse of vendor lock-in and unfair practices by suppliers of digital solutions and services, and ensure fair market practice in the digital technology markets. Restrictions on access or data transfer are one of the main sources of lock-in.
- Ensure that digital products and services – including software – which enter the European market, are demonstrably safe and comply with European regulations. This compliance covers in particular the field of data, with the GDPR and the future Data Act.
- Make certain that control over data remains with the business users, without this leading to additional costs or being impeded by other practices.
Our four associations are at the disposal of the European Commission to cooperate and exchange experiences and knowledge in order to make sure that the future data regulation delivers on its promises.