Ceci est une version HTML d'une pièce jointe de la demande d'accès à l'information 'Meeting between Bouygues Europe and Penelope Papandropoulos, Werner Stengg, Kim Jorgensen'.



HoC - 
 Bouygues Telecom 
BERL, 10 June 2022 
How should we understand the interplay between GDPR and Data Act? Is it 
reasonable to assume that the GDPR applies ‘after’ the Data Act?  
x  The GDPR continues to apply when the processing of personal data is concerned.  
x  However, the Data Act will help to overcome previous legal uncertainty, e.g. with 
regard to the effective application of Art. 20 GDPR, by clarifying the scope of data 
portability in the context of data from IoT objects. 
Is there a risk that consumers are encouraged to give away data too easily? 
x  This aspect was taken into account throughout the whole preparation work. The 
proposal strengthens consumers' control over their data. 
x  Moreover, additional safeguards protect the consumer, such as the prohibition of 
practices to manipulate the user’s decision-making process through dark patterns. 
Background  
The Data Act  

The Data Act focuses on the following topics: 
x  Better access to IoT data: manufacturer of IoT objects must allow access to co-
generated data whilst maintaining the incentive to innovate. Users of IoT objects can 
access and port data and third parties can use the data to offer services (SMEs get 
special conditions). 
x  Horizontal rules for IoT data also frame data access and use in specific sectors.  
x  Contractual unfairness in B2B data sharing agreements: SMEs will have stronger 
negotiating power where certain conditions are unilaterally imposed on them. 
x  Business-to-government: companies must make data available to public sector bodies 
in case of emergency or exceptional need. 
x  Easier switching between cloud services. 
x Facilitate interoperability: the Commission may adopt technical specifications if 
necessary to reduce transaction costs related to the use of data even across sectors. 
x  Protection of European cloud data in the international context. 
The Data Governance Act 
The Data Governance Act was adopted by the European Parliament on 6 April 2022 and 
will be formally adopted by the Council in May 2022. It will become applicable in the 
Member States 15 months after its publication. It facilitates voluntary data sharing and 
offers a framework for neutral actors between data holders and recipients as data 
intermediaries. Based on the mandate given in the Data Governance Act, the Commission 
will set up the European Data Innovation Board by the end of this year, i.a. to recommend 
priorities in interoperability. 
A Danish Labeling Program for Digital Accountability (D-seal) was launched in September 
2021. It is founded by the Confederation of Danish Industry, the Danish Chamber of 
Commerce, SMVdenmark and the Danish Consumer Council. Its aim is to promote data 
security, data protection and data ethics. The label contributes to the same goal as the 
Data Governance Act by increasing trust in the sharing of data. 
Topics for discussion 
2/2