EU Data Protection Officers Have Serious Concerns About Planned Data Act

The EU Commission wants to leverage the dormant potential in data, but data protection commissioners are calling for higher barriers in areas such as advertising and scoring.

The EU Commission has overshot the mark with its draft data law. The European Data Protection Supervisor (EDSA) and the EU Data Protection Supervisor Wojciech Wiewiórowski criticize this in a joint opinion. They urge EU lawmakers to ensure that citizens’ vested rights are respected. This is critical, he said, because the proposed Data Act would also apply to highly sensitive personal data.

The core concerns of the Commission’s initiative are to advance the exchange of data between companies and with the public sector, to introduce new data access rights for networked products, and to make the international transfer of data more secure. Each user should have access to all the information he or she has contributed to generating. Providers of connected products and connected services such as virtual voice assistants would have to make corresponding data available to the user in easily accessible form in real time free of charge as standard.

The EDSA and Wiewiórowski advise the EU Parliament and the Council of Ministers to clearly limit the possibilities to use relevant data. This must apply, in particular, when the information would potentially “allow accurate conclusions to be drawn about the private life of the data subjects or otherwise entail high risks for the rights and freedoms of the data subjects.”

The legislators see both institutions in particular demand when products and services involve data processing for direct marketing or advertising purposes, employee monitoring, and creditworthiness checks via scoring. Information that is generated, for example, for eligibility for health insurance and for calculating or changing other insurance premiums is also sensitive.

-> Read more on <-