Today, the Federation of European Data and Marketing (FEDMA) published its position paper on the EU proposal for a Data Act. Complementing the architecture of the Data Governance Act, the Data Act should establish a harmonized framework for data sharing in the EU.
FEDMA shares the objectives of the European Commission to increase access to and further the (re-)use of data through the proposed ‘Data Act’. Access to customer data is extremely important in the Data and Marketing sector. Data allows marketers, especially SMEs, to reach in a cost-effective way the right audience with relevant and personalised offers of their products and services, which often represent alternatives to well-established brands and large commonly known online platforms. Marketers do not only use consumer data to increase the efficiency of their marketing spend, but also as a source of innovation to deliver new value and enhanced products and services for customers.
Complementing the architecture of the Data Governance Act, the Data Act should establish a harmonised framework for data sharing in the EU. As the voice of data-driven marketing, FEDMA welcomes the objective of the Data Act, but further work is necessary. Specifically, we recommend:
- Clarifying the scope of the Data Act proposal in relation to the definition of “data” and “related services”.
- Clarifying the interplay between the definition of “connected product” and the concept of “terminal equipment” in the ePrivacy Directive (forthcoming ePrivacy Regulation).
- Aligning the sharing and reuse of the user’s personal data within the framework set by the GDPR, thus refraining from creating further restrictions overriding the existing body of EU data protection law.
- Including the use of pseudonymization and anonymization as appropriate privacy-preserving measures.
- Simplifying the provision of pre-contractual information to the user.
- Narrowing the definitions of “public emergency” and “exceptional need” to ensure legal certainty in Business-to-Government (B2G) data sharing.
- Removing requirements on international transfers of non-personal data which are not proportionate to their lower level of risks compared to personal data.
- Ensuring fair contractual terms without jeopardizing the principle of contractual freedom.
- Refraining from setting prescriptive requirements and standards on smart contracts due to the early
development of this technology.