The EU challenges big tech with new data policies

The EU, specifically, has become really concerned over the ways data is being taken from users through their devices and used by corporations.

The EU challenges big tech with new data policies
Romanian President Klaus Iohannis, Danish Prime Minister Mette Frederiksen and President of the European Council Charles Michel attend the European Union leaders summit in Brussels, Belgium June 29, 2023. REUTERS/Johanna Geron

The backstory: As tech becomes more advanced, world governments are playing catch-up in attempts to limit the ways that user data is being shared. Surveillance and data leaks have become more and more rampant. Data transfer concerns have grown after former US intelligence contractor Edward Snowden revealed the reality of US mass surveillance. Another major case of this problem was the Facebook-Cambridge Analytica scandal, when millions of Facebook users had their data collected without their knowledge or consent by Facebook, which handed it over to Cambridge Analytica to use for mostly political advertising.

More recently: The EU, specifically, has become really concerned over the ways data is being taken from users through their devices and used by corporations. In 2018, it passed the General Data Protection Regulation (GDPR), which pushed for more transparency in how user data was being used. The EU has been working on a series of legislation pieces to build up its digital strategy. In 2022, it passed the Digital Markets Act (DMA) and Digital Services Act (DSA). Last year, the European Commission proposed making some legislation to deal with how user data is sometimes exploited through the internet.

The development: The European Parliament and Council of the EU have now reached a provisional agreement on a new Data Act, which is supposed to regulate how user data can be used and accessed in the EU. The idea is to give EU users more control over their digital data. This new legislation would even give users access to the data that their smart objects, machines and devices pick up, and it would give them control over how that data is shared with third parties.

With this agreement, there would also be new freedoms allowing data to move between different cloud providers. There would be a push for developing interoperability standards, making it possible for data to be usable on devices created and operated by different companies. And the agreement also includes rules to give public bodies access to certain data to deal with events in the public interest, like emergencies. And there are new curbs for blocking unlawful data transfers. Following this agreement, the Data Act now must be formally approved by both the Council and the European Parliament before becoming law.

Key comments:

“In the past when you bought an object this was quite simple. You owned the object and you own everything that came with it,” an EU Commission official explained last year ahead of unveiling the new rules. “Data has made it more difficult, because, actually, who’s in control of the data you generate with connected objects?”

"Tonight's agreement on the Data Act is a milestone in reshaping the digital space," EU industry chief Thierry Breton tweeted. "We are on the way of a thriving EU data economy that is innovative and open — on our conditions."

"The Data Act will place European industry at a disadvantage by forcing it to give up hard-earned data and restricting contractual freedom, potentially leading to a new wave of de-industrialization and poses risks to our cybersecurity," said DIGITALEUROPE’s director-general, Cecilia Bonefeld-Dahl, in a statement.