On 22 May, Ecommerce Europe co-signed a joint statement together with 26 other signatories on the European Data Act, focussing specifically on the provisions relating to business-to-government (B2G) data sharing. With the joint statement, the co-signatories call on EU policymakers to revise the proposed rules on B2G data sharing under the Data Act, as the current wording would allow any public body, at EU, national, regional, or local level, to request any type of data, including personal data, from any data holder, for any reason.
We are concerned that such a broad scope of B2G data sharing would prompt the serious risk of personal or sensitive data being leaked or misused. Therefore, we urge policymakers to ensure that:
- Only public emergencies can give rise to data access, for which reason Article 15(c) must be deleted.
- Personal data must, without exceptions, be removed from the scope of Chapter V of the Data Act.
- Categories of public bodies that can request access to data must be expressly designated.
- Access requests conditions must be strengthened, with transparency regarding data use and protective measures.
If you wish to read the full statement, you can find it here.