EU rules take aim at illegal data transfer to non-EU governments

Companies will be obliged to provide certain data to governments during public emergencies such as floods or wildfires.

February 23, 2022 07:07 pm | Updated 07:07 pm IST

European Union flags flutter outside the European Commission headquarters in Brussels, Belgium

European Union flags flutter outside the European Commission headquarters in Brussels, Belgium | Photo Credit: Reuters

Amazon, Microsoft and other providers of cloud and data processing services will have to set up safeguards to prevent non-EU governments gaining illegal access to EU data, according to draft legislation from the European Commission.

(Sign up to our Technology newsletter, Today’s Cache, for insights on emerging themes at the intersection of technology, business and policy. Click here to subscribe for free.)

The Data Act, published on Wednesday, lays out rights and obligations on the use of EU consumer and corporate data generated in smart gadgets and machinery as well as consumer goods.

This confirms a Reuters report earlier in February that the Commission aimed to tighten curbs on data transfers.

The draft law is part of a series of rules aimed at curbing the power of U.S. tech giants and to help the EU achieve its digital and green objectives.

"We want to ensure greater fairness in the allocation of value created by data," the Commission's digital chief Margrethe Vestager told a news conference.

"We are buying more and more products that generate data from smartwatches to connected cars and currently it's mainly the manufacturer of these products who holds and uses the data," she said.

The EU executive said the new rules will free up a huge volume of data for use and which is expected to add 270 billion euros of additional gross domestic product by 2028.

The Data Act also imposes contractual requirements and interoperability standards on cloud and edge services to make it easier for companies to switch to a rival and for data to be used between sectors.

Users of connected devices will be able to access data generated by them, which typically is only accessible to the device makers, and share it with other companies providing aftermarket or other data-driven innovative services.

Companies will be obliged to provide certain data to governments during public emergencies such as floods or wildfires.

EU concerns about data transfers have grown since former U.S. intelligence contractor Edward Snowden in 2013 revealed mass U.S. surveillance.

This led Europe's top court to outlaw a transatlantic data transfer pact known as the Privacy Shield which thousands of companies depended on for services ranging from cloud infrastructure to payroll and finance.

The United States and the EU have since then been struggling to find a new data agreement.

The Data Act will need to be thrashed out with EU governments and lawmakers before it can become law.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.