keyboard_tab Data Act 2023/2854 EN
BG CS DA DE EL EN ES ET FI FR GA HR HU IT LV LT MT NL PL PT RO SK SL SV print pdf
- 1 Article 19 Obligations of public sector bodies, the Commission, the European Central Bank and Union bodies
- 1 Article 35 Interoperability of data processing services
CHAPTER I
GENERAL PROVISIONS
CHAPTER II
BUSINESS TO CONSUMER AND BUSINESS TO BUSINESS DATA SHARING
CHAPTER III
OBLIGATIONS FOR DATA HOLDERS OBLIGED TO MAKE DATA AVAILABLE PURSUANT TO UNION LAW
CHAPTER IV
UNFAIR CONTRACTUAL TERMS RELATED TO DATA ACCESS AND USE BETWEEN ENTERPRISES
CHAPTER V
MAKING DATA AVAILABLE TO PUBLIC SECTOR BODIES, THE COMMISSION, THE EUROPEAN CENTRAL BANK AND UNION BODIES ON THE BASIS OF AN EXCEPTIONAL NEED
CHAPTER VI
SWITCHING BETWEEN DATA PROCESSING SERVICES
CHAPTER VII
UNLAWFUL INTERNATIONAL GOVERNMENTAL ACCESS AND TRANSFER OF NON-PERSONAL DATA
CHAPTER VIII
INTEROPERABILITY
CHAPTER IX
IMPLEMENTATION AND ENFORCEMENT
CHAPTER X
SUI GENERIS RIGHT UNDER DIRECTIVE 96/9/EC
CHAPTER XI
FINAL PROVISIONS
- data
- metadata
- personal data
- non-personal data
- connected product
- related service
- processing
- data processing service
- same service type
- data intermediation service
- data subject
- user
- data holder
- data recipient
- product data
- related service data
- readily available data
- trade secret
- trade secret holder
- profiling
- making available on the market
- placing on the market
- consumer
- enterprise
- small enterprise
- microenterprise
- Union bodies
- public sector body
- public emergency
- customer
- virtual assistants
- digital assets
- on-premises ICT infrastructure
- switching
- data egress charges
- switching charges
- functional equivalence
- exportable data
- smart contract
- interoperability
- common specifications
- harmonised standard
- data 37
- interoperability 16
- shall 13
- commission 11
- article 10
- processing 10
- services 10
- portability 10
- european 8
- central 7
- application 7
- union 7
- referred 6
- bank 6
- relevant 5
- holder 5
- implementing 5
- public_sector_body 5
- body 5
- technical 4
- specifications 4
- trade_secrets 4
- purpose 4
- harmonised_standards 4
- accordance 3
- acts 3
- article 3
- standards 3
- and 3
- paragraphs 3
- open 3
- laid 3
- requirements 3
- between 3
- different 3
- cover 3
- same_service_type 3
- down 3
- necessary 3
- aspects 3
- syntactic 3
- policy 3
- essential 3
- cloud 3
- appropriate 3
- request 3
- have 3
- a 3
- under 3
- security 3
Article 19
Obligations of public sector bodies, the Commission, the European Central Bank and Union_bodies
1. A public_sector_body, the Commission, the European Central Bank or a Union body receiving data pursuant to a request made under Article 14 shall:
| (a) | not use the data in a manner incompatible with the purpose for which they were requested; |
| (b) | have implemented technical and organisational measures that preserve the confidentiality and integrity of the requested data and the security of the data transfers, in particular personal data, and safeguard the rights and freedoms of data subjects; |
| (c) | erase the data as soon as they are no longer necessary for the stated purpose and inform the data holder and individuals or organisations that received the data pursuant to Article 21(1) without undue delay that the data have been erased, unless archiving of the data is required in accordance with Union or national law on public access to documents in the context of transparency obligations. |
2. A public_sector_body, the Commission, the European Central Bank, a Union body or a third party receiving data under this Chapter shall not:
| (a) | use the data or insights about the economic situation, assets and production or operation methods of the data holder to develop or enhance a connected_product or related_service that competes with the connected_product or related_service of the data holder; |
| (b) | share the data with another third party for any of the purposes referred to in point (a). |
3. Disclosure of trade_secrets to a public_sector_body, the Commission, the European Central Bank or a Union body shall be required only to the extent that it is strictly necessary to achieve the purpose of a request under Article 15. In such a case, the data holder or, where they are not the same person, the trade_secret holder shall identify the data which are protected as trade_secrets, including in the relevant meta data. The public_sector_body, the Commission, the European Central Bank or the Union body shall, prior to the disclosure of trade_secrets, take all necessary and appropriate technical and organisational measures to preserve the confidentiality of the trade_secrets, including, as appropriate, the use of model contractual terms, technical standards and the application of codes of conduct.
4. A public_sector_body, the Commission, the European Central Bank or a Union body shall be responsible for the security of the data it receives.
Article 35
Interoperability of data processing services
1. Open interoperability specifications and harmonised_standards for the interoperability of data processing services shall:
| (a) | achieve, where technically feasible, interoperability between different data processing services that cover the same_service_type; |
| (b) | enhance portability of digital_assets between different data processing services that cover the same_service_type; |
| (c) | facilitate, where technically feasible, functional_equivalence between different data processing services referred to in Article 30(1) that cover the same_service_type; |
| (d) | not have an adverse impact on the security and integrity of data processing services and data; |
| (e) | be designed in such a way so as to allow for technical advances and the inclusion of new functions and innovation in data processing services. |
2. Open interoperability specifications and harmonised_standards for the interoperability of data processing services shall adequately address:
| (a) | the cloud interoperability aspects of transport interoperability, syntactic interoperability, semantic data interoperability, behavioural interoperability and policy interoperability; |
| (b) | the cloud data portability aspects of data syntactic portability, data semantic portability and data policy portability; |
| (c) | the cloud application aspects of application syntactic portability, application instruction portability, application meta data portability, application behaviour portability and application policy portability. |
3. Open interoperability specifications shall comply with Annex II to Regulation (EU) No 1025/2012.
4. After taking into account relevant international and European standards and self-regulatory initiatives, the Commission may, in accordance with Article 10(1) of Regulation (EU) No 1025/2012, request one or more European standardisation organisations to draft harmonised_standards that satisfy the essential requirements laid down in paragraphs 1 and 2 of this Article.
5. The Commission may, by means of implementing acts, adopt common_specifications based on open interoperability specifications covering all of the essential requirements laid down in paragraphs 1 and 2.
6. When preparing the draft implementing act referred to in paragraph 5 of this Article, the Commission shall take into account the views of the relevant competent authorities referred to in Article 37(5), point (h) and other relevant bodies or expert groups and shall duly consult all relevant stakeholders.
7. When a Member State considers that a common specification does not entirely satisfy the essential requirements laid down in paragraphs 1 and 2, it shall inform the Commission thereof by submitting a detailed explanation. The Commission shall assess that detailed explanation and may, if appropriate, amend the implementing act establishing the common specification in question.
8. For the purpose of Article 30(3), the Commission shall, by means of implementing acts, publish the references of harmonised_standards and common_specifications for the interoperability of data processing services in a central Union standards repository for the interoperability of data processing services.
9. The implementing acts referred to in this Article shall be adopted in accordance with the examination procedure referred to in Article 46(2).
whereas