The Data Act: What is it about?
The Data Act, a proposed regulation of the European Union, establishes a comprehensive legal framework for the sharing of data - personal and non-personal - generated by the use of products and related services (e.g. vehicles, household appliances, consumer goods, medical and health products). In particular, the Data Act regulates the relationship between data owners (mostly product manufacturers), users of the products and data recipients (third parties). Other goals of the Data Act are to simplify the switching of data processing services and to improve the interoperability of data.
The central element of the Data Act is the obligation of the data owner to make generated data available to the user, a third party designated by the user or public bodies. This is flanked by the obligation to design and manufacture products in such a way that the data generated during their use are by default easily, securely and directly accessible to the user, and to inform users before the conclusion of a contract about the type and scope of the data likely to be generated by the product and how to access the data.
Of particular practical relevance is the interplay between the obligation to create data access for users and third parties and its limitation due to data protection and the protection of trade secrets and intellectual property rights.