Right of access to connected product data
The Data Act grants users of connected products the right to access data generated by the product or service related to the product. Connected products and services must be designed and manufactured such that the relevant data, and the metadata needed to interpret it, is by default easily, securely and directly accessible to the user, free of charge. The data must be in a commonly used, machine-readable format and, where applicable, provided in a technically feasible way. Metadata should include a structured description of the data’s content or use, facilitating the discovery and use of the data, and should provide basic context and timestamps. While the quality of the data must match that available to the data holder, the Data Act does offer some flexibility. Manufacturers may decide whether or not to design for direct user access, as not all products are designed to support this. In all cases, users must be able to obtain the data, either through a built-in interface or indirectly via a simple request. Providers cannot refuse access and must supply the data without undue delay if direct access is not possible. Additionally, data holders are obliged to make this data available to a third party without undue delay, if requested by a user or a party acting on behalf of a user.
To support this right, the Data Act requires providers, sellers and manufacturers to give users clear pre-contractual information on how to access, retrieve or delete data. This includes details of the type and estimated volume of data generated, and whether it is stored locally or remotely. These obligations may require updates to existing consumer contracts to ensure compliance with the Data Act.
In cases where data access could compromise the safety or security of the product, users and data holders may agree to restrict or prohibit access, use or sharing. If a data holder refuses access on these grounds, they must notify the competent authorities.
Switching between data providers
The Data Act also gives users the right to switch service providers, including migrating to alternative providers or on-premises systems, and to access or delete their data.
To safeguard this right, the Data Act prohibits providers from creating contractual, technical or organisational obstacles to changing to another provider, such as charging extra costs for switching. Providers of data processing services must ensure that customer rights in relation to switching between providers or services are clearly set out in a written contract. The provider must also make this contract available to users before signing.
The contractual terms concerning switching can be found in Article 25, which stipulates, for example, that providers may not require a user to give more than two months’ notice for the termination of the agreement. From 12 January 2027, no charges may be imposed by providers of data processing for the switching process. Until then, providers may impose reduced switching charges on the customer, provided that the costs are directly related to the switching operation in question.
B2B unfair contractual terms
The Data Act includes unfair contractual terms in business-to-business data-sharing agreements, regarding data access, use, liability or remedies. A contractual term can be seen as unfair if it is of such nature that its use grossly deviates from good commercial practice in data use and access, contrary to fair dealing and good faith. This is an open standard, where a term may or may not be seen as unfair depending on the circumstances, but the Data Act also includes lists of situations in which in particular a contractual term should be seen as unfair or should be presumed to be unfair. The unfairness is assumed, for example, in cases where liability of the party that unilaterally imposed the contractual term is excluded or limited. If a term is deemed unfair under the Data Act, the other party is not bound by the term in question. This provision aims to enable SMEs to participate in the relevant market.
Draft ACM Guidelines
The ACM has published draft guidelines regarding the Data Act’s connected product provisions.