The EU Data Act: This time it’s (not just) personal – are IoT manufacturers ready?

The EU Data Act extends data portability, transparency and purpose-limitation obligations to non-personal data generated by IoT and related services. By Abigail Dubiniecki.

As businesses and consumers continue to grapple with the EU GDPR’s data portability right, the EU Data Act(1) now expands this right to non-personal data generated by both businesses and consumers through the use of Connected Products(2) (i.e. Internet of Things or IoT devices) and Related Services,(3) such as apps. It aims to make the EU data economy fairer and more competitive, by empowering more individuals and businesses to reap the benefits of the data co-generated through use of IoT devices, from smart fridges to smart tractors. Importantly, it now extends purpose-limitation to non-personal data, meaning data generated through use of IoT can only be used in ways agreed by the individual or business concerned.

Continue Reading

International Report subscribers, please login to access the full article


If you wish to subscribe, please see our subscription information.