20 Jun 2023

Safeguarding Europe’s economic competitiveness in the Data Act’s final stretch

Executive summary

Barely a year after the Commission issued a proposal for a Data Act,[1] both European Parliament and Council adopted their positions on the legislative proposal and started interinstitutional negotiations at a quick pace.[2]

We welcome some of the solutions put forward in the negotiation mandates, for instance in clarifying key concepts and better protecting intellectual property rights. However, many issues still permeate the text, and merit more than quick fixes.

DIGITALEUROPE has warned against a speedy process, including in joint statements gathering 30 European associations from various sectors and major European business leaders.[3] The Data Act sets horizontal rules that will deeply affect data-sharing partnerships, bring unprecedented interference to contractual freedom, and risk exposing companies to unfair competition, cybersecurity and safety risks.

This paper and its annex compare the Parliament and Council mandates for trilogue negotiations, and make recommendations to improve the text.[4] We urge policymakers to take sufficient time to make sure the Data Act does not imperil Europe’s economic attractiveness and competitiveness.

At a minimum, the final Data Act must:

  • Better circumscribe central definitions, such as ‘data’ and ‘products,’ so that the proposal’s exact nature and impact can be properly understood;
  • Introduce stronger ex-ante safeguards against data misuse, to protect trade secrets but also cybersecurity, health, safety and privacy;
  • Allow for appropriate compensation to reflect the investments and costs of making data accessible easily and securely, and of building the infrastructure and internal processes to respond to access requests;
  • Restrict mandatory business-to-government (B2G) sharing to non-personal data and to emergency situations, whilst better specifying the categories of public bodies that can request data along with the necessary conditions and protective measures;
  • Give users the freedom to choose from a wide range of cost-efficient and tailored cloud solutions, and safeguard their contractual freedom as to how and when to switch, including fixed-term contracts;
  • Remove uncertainty as to Art. 27’s applicability to international data transfers by deleting the word ‘transfer’ throughout the text; and
  • Allow for a longer transition period, of at least 36 months, to give companies from all sectors time to prepare.



[1] COM/2022/68 final.

[2] Throughout this paper, we refer to the latest Council four-column document available to us at the time of writing, doc. 10530/23.

[3] Available at https://www.digitaleurope.org/news/joint-statement-the-data-act-is-a-leap-into-the-unknown/ and https://www.digitaleurope.org/news/ceos-call-for-urgent-rethink-on-data-act/, respectively.

[4] For our full position on the proposal, see DIGITALEUROPE, Rebalancing the Data Act, available at https://www.digitaleurope.org/resources/rebalancing-the-data-act/.

For further information, please contact
Alberto Di Felice
Policy and Legal Counsel
Julien Chasserieau
Associate Director for AI & Data Policy
Béatrice Ericson
Manager for Data Economy & Privacy
Back to Data privacy
View the complete Policy Paper
Our resources on Data privacy
09 Feb 2024 resource
The GDPR six years in: from harmonisation to alignment
15 Jan 2024 resource
DIGITALEUROPE’s response to the public consultation on a reporting scheme for data centres in the EU
16 Nov 2023 Position Paper
One Data Act to rule them all? Avoiding competing data sharing rules: DIGITALEUROPE’s views on the European statistics regulation revision
Hit enter to search or ESC to close
This website uses cookies
We use cookies and similar techonologies to adjust your preferences, analyze traffic and measure the effectiveness of campaigns. You consent to the use of our cookies by continuing to browse this website.