FEDMA_LogoFinal-01FEDMA_LogoFinal-01FEDMA_LogoFinal-01FEDMA_LogoFinal-01
  • Home
  • About us
    • Our Principles
    • National Association Members
    • Corporate Members
    • Governance & team
  • Latest News
  • Policy Area
    • Position Papers
    • Consumer Protection
    • Data Transfers
    • Digital Economy
    • Privacy & Data Protection
  • FASt
  • Projects
    • Ethical AI-Powered Marketing Charter
    • AI Policy
    • Education – PEEAC
    • Educational Hub
    • Sustainability Best Practices Guide
    • Legal Fact pack
    • Code of Practice for the Use of Personal Data
  • Contact
Subscribe
✕

Joint statement: Access to data by public bodies is a double-edge tool to use with caution and restraint

24 May 2023

In times of crisis, companies stand ready to do their part and help public bodies by sharing data to tackle public emergencies, as evidenced during the Covid-19 pandemic. However, to function, mandatory data sharing between private companies and governments needs clear and transparent conditions for all parties involved.

Chapter V of the Data Act proposal was developed on this basis, setting an obligation for companies to make any data available to public bodies, but does so by loosely referring to various cases of ‘exceptional need.’ The proposed framework includes collecting data to prevent, respond to, and recover from a public emergency but also fulfilling one of the public sector body’s tasks where the lack of data would prevent it from doing so [1]. The latter can be interpreted as any activity carried out by a public institution.

The proposed rules would mean that any public body, at the EU, national, regional, or local level, could request any type of data, including personal data, from any data holder [2] for any reason. We believe these rules do not respect the requirements set out in the EU’s Charter of Fundamental Rights. With such a broad scope, there is a risk that personal or sensitive data will be leaked or misused.

Public emergencies are by nature time sensitive. They require a clear and structured legal framework to prepare for secure transfers that fully respect data protection. However, contrary to other parts of the Data Act, Chapter V covers any type of data, without any differentiation, limitation, or exception [3]. The data’s intended use and its duration are also left to be defined by the public bodies themselves. The proposal also fails to recognise existing frameworks for data sharing and reporting obligations.

We strongly encourage Council and Parliament to implement the necessary safeguards and limits to protect the rule of law in Europe. We welcome the Parliament’s attempts to set certain limits, such as restricting Chapter V to non-personal data, limiting public authorities’ power to freely ask for data when it is simply convenient and regardless of proportionality, and by setting rules for certain information to be specified in the requests. But this will not be enough.

We recommend – at least – the following:

  • Only public emergencies can give rise to data access. Article 15 (c) must be deleted.
  • Personal data cannot be in scope of Chapter V. No exceptions.
  • Categories of public bodies that can request data must be expressly designated.
  • Access requests conditions must be strengthened, with transparency regarding data use and protective measures.
  • We trust that EU policymakers will take the time to build a clear and proportionate framework that does not allow unrestricted access to any data on shaky grounds, but will on the contrary protect fundamental rights and the rule of law.

References:

1 Article 15 Data Act. 

2 Article 2(6) states that ‘data holder’ ‘means a legal or natural person.’ Both Council and Parliament have specified in their negotiation mandates that ‘Chapter V applies to any private sector data,’ but only Parliament clarified that solely legal persons are concerned.

3 Judgment of the Court in Joined Cases C-793/19, SpaceNet and C-794/19, Telekom Deutschland.

Download the Joint Statement

List of signatories

  • AAVIT – Czech Association for Applied Research in IT
  • ACEA – European Automobile Manufacturers Association
  • Adigital – Spanish Association for the Digital Economy
  • AIOTI – Alliance for IoT and Edge Computing Innovation
  • CECE – Committee for European Construction Equipment
  • CECIMO – European Association of the Machine Tool Industries
  • CEMA – European Agricultural Machinery Association
  • DIGITALEUROPE
  • EACB – European Association of Co-operative Bank
  • EBF – European Banking Federation
  • eco – Association of the Internet Industry
  • Ecommerce Europe
  • ESBG – European Savings and Retail Banking Group
  • ESIA – European Semiconductor Industry Association
  • ETNO – European Telecommunications Network Operators’ Association 
  • eu travel tech – The European Technology and Travel Services Association
  • Eurochambres – The Association of European Chambers of Commerce and Industry
  • EUROPGEN – The voice of the European generating set industry 
  • EUTA – European Tech Alliance 
  • FEDMA – Federation of European Data and Marketing
  • GSMA
  • HGK – Croatian Chamber of Economy
  • Insurance Europe 
  • ISFE – Interactive Software Federation of Europe
  • ITL – Estonian Association of Information Technology and Telecommunications
  • SEPE – Federation of Hellenic Information Technology & Communications Enterprises
  • techUK – the UK’s technology trade association
Share

RECENT NEWS

  • GDPR record-keeping simplification: what difference will it really make?21 May 2025
  • Marketing, AI, and Ethics: BAM’s Perspective with Karine Ysebrant12 May 2025
  • FEDMA calls for a balanced and future-proof approach to pseudonymization in response to the EDPB’s consultation25 March 2025
  • Embedding Sustainability in Marketing: From Strategy to Impact19 March 2025

© Fedma 2024

Made with ❤️ by MFM Digital

Contact us

rue de la Loi, 155
BE-1040 Brussels, Belgium

+32 2 779 4268

info@fedma.org

Follow us

Support

Privacy Policy

Terms and Conditions

Intranet

Subscribe
Subscribe Become a member Intranet

Follow us

Support

Terms and conditionsPrivacy PolicyIntranet –

Become a member now

To discuss FEDMA Membership, please contact rdewouters@fedma.org or book an introductory call via Microsoft Bookings.

SEND EMAIL INTRODUCTORY CALL

Never see this message again.

DO NOT MISS OUR NEWS

Subscribe to our Newsletter