they are also a common good, which can solve many problems”

Lhe General Data Protection Regulation (GDPR) has given wings to the European Commission. After the GDPR, there will be the Data Act; the Open Data directive has existed since 2019, the Data Governance Act, applied since June (with a compliance period of 15 months), and others are preparing. There is a risk of overlapping regulations that contradict each other, as well as the authorities that will supervise them. There is a fear of a lack of consistency. The United States is following suit: the powerful competition authority, the Federal Trade Commission, wants to regulate the commercial surveillance that affects the American consumer, while Congress is working on an American GDPR, the American Data Privacy and Protection Act .

But the new European regulations to which the GDPR applies have another purpose: to mitigate, in a way, the effects of the GDPR. Because data is not only personal: it is also a common good that can solve many problems.

Read the column: Article reserved for our subscribers “The Data Act intends to make control and ownership of industrial data free of charge and in real time”

The Data Act concerns the data produced by our devices or by the services that use them. They belong to those who create them, the users, and not just to the manufacturers! The latter will have to make the data available via the device, and, when this is not possible, send them to whom it may concern on request. In return, this data cannot be used to develop a competing product.

The GDPR provided for a right to portability of personal data. But, in practice, the lack of interoperable formats only made it possible to recover them for oneself. This right is extended by the Data Act to non-personal data and data of legal persons, and provides that a user may entrust his data to a third party. But Big Tech is kept out of this regulation. It is so easy for them to collect data that the Commission did not want to give them this additional possibility.

Public bodies can benefit from this data, provided they justify it (public emergency, public service), but not for police or administrative investigations. It is possible to oppose it, if the data is not available or if the request does not comply with the Data Act.

Trusted third party

The Data Act therefore makes it possible to change data processing providers, for example to the cloud. But the rights of users and the obligations of cloud managers in terms of data must be specified in the contract. The Commission will be able to impose interoperability standards. As with the GDPR, manufacturers must prevent any illegal request from authorities outside the European Union to access the data, except in the cases provided for by mutual legal assistance treaties.

You have 60.18% of this article left to read. The following is for subscribers only.

Source link