ARTICLE
11 December 2023

Data Act Adopted

EA
Esin Attorney Partnership

Contributor

Esin Attorney Partnership logo
Esin Attorney Partnership, a member firm of Baker & McKenzie International, has long been a leading provider of legal services in the Turkish market. We have a total of nearly 140 staff, including over 90 lawyers, serving some of the largest Turkish and multinational corporations. Our clients benefit from on-the-ground assistance that reflects a deep understanding of the country's legal, regulatory and commercial practices, while also having access to the full-service, international and foreign law advice of the world's leading global law firm. We help our clients capture and optimize opportunities in Turkey's dynamic market, including the key growth areas of mergers and acquisitions, infrastructure development, private equity and real estate. In addition, we are one of the few firms that can offer services in areas such as compliance, tax, employment, and competition law — vital for companies doing business in Turkey.
Explore
On 23 February 2022, the European Commission ("Commission") publicized the draft Data Act as part of the European Data Strategy.
European Union Intellectual Property
Photo of Can Sozer
Photo of Aybuke Gundel Solak
Photo of Ecem Elver
Photo of Ecenur Etiler
Photo of Başak Dadaş
Authors
To print this article, all you need is to be registered or login on Mondaq.com.

Recent Developments

On 23 February 2022, the European Commission ("Commission") publicized the draft Data Act as part of the European Data Strategy. Following these developments, the European Council ("Council") adopted the Data Act on 27 November 2023. The Data Act aims to increase access to data and ensure a fair environment for its use, while regulating who can benefit from data and under what conditions.

You can access the press release on the Data Act here and the Data Act adopted by the Council here.

What's new?

The Data Act is expected to provide both individuals and businesses with more space to take control over their data. The Data Act primarily regulates much easier and faster access to data for consumers, businesses and public authorities.

Accordingly, the regulations envisaged by the Data Act are as follows:

  • Access to Internet of Things (IoT) data is prioritized in the Data Act and users of these devices, including smart home appliances and industrial smart machines, have access to the data generated by their usage, provided that it is relevant and appropriate.
  • The Data Act, which aims to encourage data sharing, also regulates the adequate protection of trade secrets and the relevant safeguards against possible misconduct. Accordingly, trade secrets may only be disclosed insofar as they relate to third parties, and provided that the necessary measures are taken to protect the confidentiality of trade secrets. In addition, the data subject will be able to prevent users from accessing the data in cases where it is able to demonstrate the likelihood of a serious and irreparable economic loss.
  • The Data Act also introduces a number of measures to address the imbalances in data sharing agreements caused by the terms imposed by the party with the stronger bargaining position, to provide a bargaining advantage, especially to small and medium-sized enterprises, and to create a more fair agreement environment.
  • On the other hand, the Commission, the European Central Bank and the institutions of the European Union are allowed access to data held by the private sector, only in urgent and exceptional circumstances, such as natural disasters or public order emergencies, and these public authorities are also provided with various tools for the use of such data. However, their access to private sector data is limited to cases where (i) the collection of personal data is necessary to respond to an emergency and (ii) it is not possible for public authorities to obtain data promptly and effectively through other means under similar circumstances.
  • Another noteworthy aspect of the Data Act adopted by the Council is the introduction of measures against illegal data transfers of cloud service providers and regulations aimed at developing interoperability standards for data to be reused across sectors.
  • The Data Act also sets out obligations for smart contracts and imposes obligations on smart contract providers, such as data archiving and providing audit options.
  • Moreover, the Data Act introduces safeguards against unauthorized data transfers, and increases the reliability of data processing by preventing consumers from being tied to a single provider.

Conclusion

The Data Act aims to regulate the transfer of data between individuals and the private sector, the use of data by certain public authorities under specific circumstances, and fundamental rights in relation to data. The new regulation is expected to be published in the Official Journal of the European Union in the coming weeks. The Data Act will enter into force within 20 days of its publication in the Official Journal of the European Union and will start to be implemented 20 months after its entry into force. While the European Union takes a step further, with the Data Act, towards its 2030 target as part of its digital transformation strategy, it aims to promote a competitive data market and make data accessible to everyone.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

We operate a free-to-view policy, asking only that you register in order to read all of our content. Please login or register to view the rest of this article.

Authors
Photo of Can Sozer
Can Sozer
Photo of Aybuke Gundel Solak
Aybuke Gundel Solak
Photo of Ecem Elver
Ecem Elver
Photo of Ecenur Etiler
Ecenur Etiler
Photo of Başak Dadaş
Başak Dadaş
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More