European CEOs criticise EU Data Act draft for cybersecurity risk

8 May 2023

Ursula von der Leyen, president of the European Commission. Image: Etienne Ansotte/European Union

SAP and Siemens are among the five companies whose leaders have warned that the EU Data Act draft could hinder business competitiveness and pose security risks.

Leaders of major European tech companies have criticised a draft EU data law and asked for a pause to make updates to the proposals so that the European businesses can remain competitive.

CEOs of five leading businesses on the continent, SAP, Brainlab, Datev, Siemens and Siemens Healthineers, wrote a letter last week to European Commission president Ursula von der Leyen, asking her to change the proposed rules to protect trade secrets.

“It risks undermining European competitiveness by mandating data sharing – including core know-how and design data – with not only the user, but also third parties,” Reuters quoted the letter, which was also addressed to antitrust chief Margrethe Vestager and industrial chief Thierry Breton.

“Effectively, this could mean that EU companies will have to disclose data to third-country competitors, notably those not operating in Europe and against which the Data Act’s safeguards would be ineffective.”

The proposed Data Act, first revealed last February, intends to give consumers and companies “even more control over what can be done with their data” and clarifies “who can access data and on what terms” according to Vestager.

The proposed rules, which affect all non-personal data, are part of the EU’s continued effort to restore the balance of power to people rather than major corporations and would loosen Big Tech’s grip on commercial and industrial data.

Under the new rules, users of connected devices would be able to gain access to data generated by themselves and share it with third parties. This means people would be able to transfer their data from a product such as Amazon’s Alexa or a Tesla vehicle to another company.

Organised by business group DigitalEurope, the letter argues that the proposed Data Act could do “lasting damage” to the competitiveness of European tech and “poses serious risks to cybersecurity and safety”.

The CEOs join a host of US tech giants that have raised similar concerns around the perceived restrictiveness of the laws.

Tech trade association ITI warned earlier this year that the proposals go too far in restricting transfers of non-personal data.

Guido Lobrano, ITI senior vice-president for Europe, said the provisions of the Data Act are “not justified by the level of risk posed by non-personal data”.

“Data flows are the backbone of the digital economy and allow companies to reach consumers and access new markets. The Data Act should not create new restrictions to data flows that would harm Europe’s economy.”

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Vish Gain is a journalist with Silicon Republic