04 septiembre, 2024
The "EU Data Act," the extension of the General Data Protection Regulation (GDPR), came into force on January 11, 2024, and will become mandatory in September 2025. Given the intricate processes in automotive manufacturing and the severe penalties for non-compliance, immediate action is crucial. In this interview, our data expert, Thorben Krieger, provides insights into the Act's requirements and strategies for compliance.
EU Data Act - what is it?
The EU Data Act is an EU regulation intended to regulate the handling of data that comes from physical products. The EU has recognized that more and more products are generating data. This starts with Wi-Fi enabled robot vacuum cleaners and extends to vehicles.
What exactly is this about?
In essence, the Act stipulates that data generated by a product should belong to its owner. For instance, if you purchase a car, any data it generates is yours, not the original equipment manufacturer's (OEM). This regulation applies to all physical products marketed in the EU, regardless of their origin.
What advantages can we expect from data liberation?
Historically, data has remained within the manufacturer's ecosystem. Purchasing a robot vacuum cleaner or a car meant that the generated data stayed with the manufacturer. The EU Data Act seeks to liberate this data, preventing manufacturers from using it as a competitive edge in other markets.
Can you provide an example?
A typical example in the automotive sector is a route-planning app. An OEM, knowing the state of charge of an electric vehicle, could offer a route-planning app and potentially earn commissions from specific charging providers. With the new regulation, third parties can access this data, fostering a competitive market for charging and route-planning services and enabling innovative startups to leverage the same data creatively.
How can Valtech assist in facilitating this compliance?
Valtech can support companies in two key ways:
-
Service provider for OEMs: OEMs must now make their data externally available, adhering to strict authorizations, checks and verifications. Valtech's expertise lies in developing the necessary data infrastructures, channeling vehicle data through the cloud and ensuring it is accessible and usable.
-
Support for third-party companies: We also assist third-party companies in interpreting and utilizing this data. Our experience in developing anonymized data solutions for insurance companies and VW subsidiaries positions us well to handle these new challenges.
What awaits companies that cannot comply with the new guidelines by September 2025?
The penalties for breaches of this regulation are structured in a similar way to GDPR penalties, i.e. they are based on the company's turnover and can be substantial.
What advice would you give to companies facing this challenge now?
OEMs must quickly assess the data they currently extract from vehicles and determine which data falls under the new regulation. They also need to devise a method for end users to access this data. Prompt action is essential for all companies impacted by the EU Data Act.
Valtech stands ready to help navigate these changes, ensuring compliance and leveraging data liberation for competitive advantage. For any questions or assistance, feel free to contact Thorben Krieger at thorben.krieger@valtech-mobility.com.