Brussels has already set global standards for personal data protection and privacy with the GDPR regulation
Brussels (AFP) - The EU has reached an agreement giving users greater access to their data and control over how the digital information is used by companies.
Brussels has already set global standards for personal data protection and privacy as well as building up its legal armoury to tackle the might of technology companies.
Negotiators from the European Council, which represents the 27 member states, and the European Parliament struck a deal late on Tuesday on the data act, first proposed by the bloc’s executive arm in February 2022.
With the climbing use of internet-connected products, there has been an explosion in how much data is available and the EU says it wants to make sure European citizens wrestle control from companies.
Under the law, data sharing should be made easier between customers and companies, as well as with other firms. Previously, people’s data has remained in the hands of businesses with little chance of users gaining access.
The new rules also include safeguards against unlawful data transfer by cloud service providers and make it easier to switch providers of data processing services, the council said in a statement.
“Once the data act enters into force, it will unlock the economic and societal potential of data and technologies and contribute to an internal market for data,” said Sweden’s minister for public administration Erik Slottner.
The EU’s internal market commissioner, Thierry Breton, hailed the “milestone” agreement “reshaping the digital space”.
He added on Twitter that the bloc was on the path to “a thriving data economy that is innovative & open — on our conditions”.
The new data law was not welcomed by all, especially by the technology industry, while one consumer organisation described it as a “missed opportunity”.
The Computer & Communications Industry Association (CCIA), a big tech lobby, warned the law “risks hampering data-driven innovation” and would “limit consumer choice”.
Alexandre Roure, public policy director for CCIA Europe, said the EU’s aim to encourage “data value creation can only be commended”.
But he said the law was not “enough to enable responsible data sharing by companies, nor does it leave users free to decide how they want to use their exported data”.
European Consumer Organisation deputy director general Ursula Pachl said the EU gave “too much flexibility to companies who can now prevent consumers from sharing data with other service providers on the basis it constitutes a trade secret, for example”.
The data law will come into force from 2025 onwards.
The EU is also currently preparing the world’s first comprehensive law to regulate artificial intelligence, and aims to approve the legislation by the end of the year.