Tech CEOs: EU Data Act Threatens Cybersecurity

EU Data Act

Worried about cybersecurity, five European tech CEOs are seeking changes to the proposed Data Act.

“Such a monumental change to established ways of doing business without proper consideration is a huge risk both to cybersecurity and to the competitiveness of some of Europe’s most successful companies,” the executives wrote in a letter published Monday (May 8) by the trade association Digital Europe.

The letter, addressed to European Commission President Ursula von der Leyen and other officials, argues the legislation does not include proper safeguards to protect trade secrets, cybersecurity and health and safety.

It also says provisions for business-to-government data sharing are too broad and pose a threat for possible misuse and data breaches.

“The proposal in its current form would compromise cybersecurity by overriding current safety requirements for medical devices,” said Siemens Healthineers CEO Bernd Montag, one of the five executives to sign the letter.

“Both patients and healthcare professionals could be harmed if malicious entities were to tamper with the security, safety or quality of medical devices.”

Joining Montag were the chief executives of SAP, Brainlab, Datev and Siemens, a separate company from Siemens Healthineers.

According to the European Commission, the Data Act is designed to “ensure fairness in the digital environment, stimulate a competitive data market, open opportunities for data-driven innovation and make data more accessible for all.”

As noted here last year, one of the things the act would do is allow users of connected devices such as smartwatches or virtual assistants to access their data and share it with third parties that offer other data-driven services.

“The rules may help SME in Europe and still will enable Big Tech companies and other manufacturers to harvest data from the same devices,” PYMNTS wrote. “However, some provisions may be aimed at not only promoting competition between firms, but also boosting EU presence in some industries — and this is the case for cloud computing.”

The new rules will make it easier for customers to change over to new cloud data-processing services providers, as the EU is very concerned about a lack of strong EU players in the sector.

The Digital Europe letter mentions this part of the act specifically, saying the legislation “goes against contractual freedom, stopping customers from getting the best deals possible.”

Meanwhile, a report Monday by the Financial Times (FT) says that EU member states and lawmakers are still working out “outstanding political issues” tied to the Data Act.

A progress report seen by the FT says these issues include limits on using data from institutions such as the European Commission and how to share data during emergencies.