Brussels: Europe and the Arabs
  The Council of Member States of the European Union has adopted a new regulation on harmonized rules on fair access to and use of data (Data Law).
A European statement issued in Brussels quoted Jose Luis Escrivá, the Spanish Minister of Digital Transformation, whose country holds the current rotating presidency of the Union, as saying, “The adoption of this decision” yesterday, Monday, “will be an incentive for Europe to adapt to the digital age.” The new law will unleash enormous economic potential and will contribute significantly to the market. European Data Interior: Data circulation and the universal use of data will be strengthened, and new market opportunities will be opened for the benefit of our citizens and companies across Europe.
According to the European statement, the data law imposes obligations on manufacturers and service providers to allow their users, whether companies or individuals, to access and reuse data resulting from the use of their products or services, from coffee machines to wind turbines. It also allows users to share that data with third parties – for example, car owners could choose in the future to share certain vehicle data with their mechanic or insurance company.
The main objectives of the law
The regulation sets new rules on who can access and use data issued in the EU across all economic sectors. It aims to:
- Ensuring fairness in the allocation of value from data between actors in the digital environment
- Stimulating the competitive data market
- Open opportunities for data-driven innovation, and
- Make data accessible to everyone
The new law also aims to facilitate the switching between data processing service providers, establish safeguards against illegal data transfer, and stipulate the development of interoperability standards for data to be reused between sectors.
The Data Law will give individuals and businesses more control over their data through the right to enhanced portability, and to easily copy or move data across different services, where data is generated by smart objects, machines and devices. The new law will empower consumers and businesses by giving them a say over what can be done with the data generated by their connected products.
Key elements of the new regulation
Scope of legislation
The new regulation will allow users of connected devices, ranging from smart home devices to smart industrial machines, to access data generated by their use and often collected exclusively by manufacturers and service providers.
Regarding Internet of Things (IoT) data, the new law focuses, in particular, on the functions of the data collected by connected products rather than the products themselves. It introduces a distinction between “product data” and “service related data,” within which available data can be easily shared.
Trade secrets and dispute resolution
The new law ensures an adequate level of protection of trade secrets and intellectual property rights, accompanied by relevant safeguards against potentially abusive behaviour. While promoting data exchange, the new regulation aims to support EU industry while providing safeguards for exceptional circumstances and dispute settlement mechanisms.
Data exchange and compensation
The new law includes measures to prevent the abuse of contractual imbalances in data sharing contracts due to unfair contractual terms imposed by a party with a much stronger negotiating position. These measures would protect EU companies from unfair agreements and give SMEs more room to manoeuvre. Furthermore, the text of the regulation provides additional guidance by the Commission regarding reasonable compensation to companies for making data available.
The Regulation provides the means for public sector bodies, the Commission, the European Central Bank and EU bodies to access and use data held by the private sector that is necessary in exceptional circumstances, in particular in the event of a public emergency, such as floods and forest fires. Or to carry out a task that serves the public interest.
When it comes to such requests for access to data in the context of “business with the government,” the new regulation states that personal data will only be shared in exceptional circumstances, such as a natural disaster, pandemic, or terrorist attack, and if the requested data cannot Access it another way. Small and micro businesses will also contribute their data in such cases and will be compensated.
Benefits for consumers
The new law will allow consumers to easily move from one cloud provider to another. Safeguards against illegal data transfers have also been introduced, as have interoperability standards for data sharing and processing. Finally, the new law is expected to make after-sales service for some devices cheaper and more efficient.

The new regulation maintains the flexibility of member states in organizing implementation and enforcement tasks at the national level. The coordinating authority in the Member States where this coordinating role will be required will act as a single point of contact and will be classified as a “Data Coordinator”.
Following its formal adoption by the Council yesterday, the new regulation will be published in the Official Journal of the European Union in the coming weeks and will enter into force on the twentieth day after this publication. It applies 20 months after the date of its entry into force. However, Article 3, paragraph 1 (Simplified data access requirements for new products) applies to connected products and associated services placed on the market after 32 months from the date on which the Regulation enters into force.
Following the Data Governance Act adopted by co-legislators in 2022, the Data Regulation Act is the second major legislative initiative resulting from the European Data Strategy released by the Commission in February 2020, which aims to make the EU a leader in our data-driven society.