The Data Act’s chapter on business-to-government (B2G) data sharing, which would empower the public sector to access private data, is one of the most advanced parts of the negotiations – although some political issues remain.

On Tuesday (2 May), the Swedish presidency of the EU Council of Ministers shared an update, later seen by EURACTIV, with the other national representatives about the Data Act, a landmark legislation regulating how data is accessed, ported and shared.

The file is at the last phase of the EU legislative process, so-called trilogues, as they gather the EU Council, Parliament and Commission to nail down a political agreement. Since the first trilogue on 29 March, the work on the technical level has been underway.

At this level, the chapter concerning the possibility for public authorities to access privately held data has been mostly agreed upon. Still, a few points remain open and will require a political discussion at the next trilogue on 23 May.

Thus, the Swedish presidency returned to the member states to request whether they would be flexible in negotiating these open questions related to Business-to-Government (B2G).

The major hurdle is which type of data public bodies can request. The European Parliament limited the scope of the provisions to industrial data, whilst the EU Council maintained personal data in the scope.

“Additional safeguards and further limitations for public sector bodies and/or EU institutions to access and further share data may be envisaged to allow keeping personal data in scope,” reads the note.

Another question is whether small and micro enterprises should be exempted from these B2G obligations, as the Council has removed this exemption from the original proposal. Here the presidency notes that some flexibility might be needed.

In addition, MEPs have removed the capacity for public authorities to request private data to mitigate or recover from a public emergency, limiting it to immediate responses to things like pandemics or earthquakes.

At the same time, the Data Act provides that a public authority might also ask for privately-controlled data to carry out a task in the public interest under certain conditions. For the presidency, the mitigation and recovery aspects could be covered under this measure.

A final aspect concerns which EU institutions and bodies will be able to enjoy this power. The EU Council limited the scope to the European Commission, the European Central Bank and Union bodies, whilst the MEPs want to keep all EU institutions and agencies.

“This issue may be considered together with the type of data in scope,” the document reads.

EU lawmakers formalise position on the Data Act in plenary vote

EU lawmakers adopted their version of the Data Act with an overwhelming majority during a plenary vote at the European Parliament in Strasbourg on Tuesday (14 March).

Read more with EURACTIV

Cyber skills gap keeps widening, report warns

A new report on the Global Approaches to Cyber Policy, Legislation and Regulation gets to the bottom of the cyber skill talent gap, which increased in the EMEA region by almost 60%.