IAB Europe this week signed an industry joint letter addressed to the Members of the Committee of Civil Liberties, Justice and Home Affairs of the European Parliament (LIBE) on the Data Act proposal and its interplay with the GDPR. The letter initiated by FEDMA was co-signed by IAB Europe, Alliance Digitale (IAB France), IAB Poland, IAB Spain and IAB Sweden and other associations representing companies from various sectors of the business community. 

As the LIBE Committee moves forward to finalise its opinion on the proposed Data Act, some provisions in the European Commission’s proposal and some amendments in the LIBE Committee’s draft opinion could have the unintended consequences of overriding the GDPR risk-based approach that would ultimately undermine the adduce goal of the Data Act of facilitating innovative uses of existing data. 

—

BRUSSELS, 25 January 2023 – Today, a coalition of associations representing companies from various sectors of the business community issued a joint statement on the Data Act and its interplay with the General Data Protection Regulation (GDPR) in Chapter II of the proposal.  

The statement highlights that some provisions in the European Commission’s proposal and some amendments in the LIBE Committee’s draft opinion would restrict certain data processing activities even when carried out in a GDPR-compliant way.

These provisions do not only risk curbing the benefits for innovation, but they are at odds with the Data Act’s objective to empower users who should be free to decide the purposes for sharing their personal data insofar as any data sharing and processing is compliant with the GDPR.

With the GDPR, the EU has set up a modern futureproof data protection framework. Yet, the Data Act could undermine these achievements and the credibility of the GDPR.

Specifically, the coalition calls on EU legislators to:

•       Defer to all the GDPR legal bases and GDPR rules on further processing;
•       Incentivize the use of Privacy Enhancing Technologies (PETs) to maintain high levels of privacy and enable the safe reuse of personal data;
•       Preserve the horizontal nature of the Data Act without excluding data processing activities from certain sectors in full compliance with the GDPR.

The full coalition includes:

ACT - The App Association

AIG -IAB France - Alliance Digitale

CCIA - Computer & Communications Industry Association

EUCOPE - European Confederation of Pharmaceutical Entrepreneurs

FEDMA – Federation of European Data and Marketing

IAB Europe - Interactive Advertising Bureau Europe

IAB Poland - Interactive Advertising Bureau Poland

IAB Spain - Interactive Advertising Bureau Spain

IAB Sweden- Interactive Advertising Bureau Sweden

ITI - Information Technology Industry Council

You can read the full letter here.