EU Data Series: A new Data Act for Europe – Three key things businesses need to know

by Sophie-Charlotte Walter, Senior Account Manager & Matej Zezlin, Account Manager

Discussions around the potential of data and rules to build a fairer data economy are centre stage in Brussels, where the European Commission yesterday published its draft “Data Act”. The proposal covers data generated by the Internet of Things (IoT), i.e. connected products and their related services such as smart home assistants or connected industrial machinery. As such, it will affect a wide range of businesses. Sectoral rules, including for the automotive and the health sectors, will follow.

With the General Data Protection Regulation (GDPR), the EU positioned itself as a global standard-setter in the protection of personal data. With the Data Act, it is setting standards for IoT data with potentially significant implications for data-generating businesses such as smart manufacturers, producers of connected products such as smart cars, and the aftermarket service and insurance sectors. We have mapped out three aspects of the proposal businesses should be aware of:

1. Pack-up and go – a portability right for IoT data

Potentially the most striking suggestion in the proposal has been borrowed from the GDPR: A right for both private individuals and businesses to request the data they have generated. For example, a farmer using a tractor with proprietary software can request his or her data, allowing the tractor to be repaired by a workshop of choice instead of the original manufacturer. Drivers of smart cars may choose to share their data continuously with insurance providers to prove they have a low risk driving style and should be eligible for any relevant premiums.

The key element here is that data should be shared free of charge and without undue delay, or even in real-time in some cases. From a practical perspective alone, this is bound to be contested in discussions going forward. While there are many competition elements to this proposal (that may warrant a future overview), the text notably prohibits the development of competing products using the data requested by a user this way, but safeguards appear to be lacking.

The inclusion of this right is a huge win for the aftermarket service and insurance sectors, with an outcry from original equipment manufacturers expected. Where exactly this leaves third party service providers such as mobility providers or the leasing sector needs to be assessed carefully.

2. More fairness in the data value chain

Success is increasingly underpinned by companies’ ability to interpret and use data – the backbone of the digital economy, including e-commerce, the platform economy, etc. The access to and use of this data however is often determined in bilateral data-sharing agreements. The Data Act aims to even out imbalances in these relationships, ensuring that consumers and businesses have access to the data generated by the connected products or services they are using or leasing, regardless of contractual terms.

The text addresses this through general fairness and non-discrimination requirements. For example, a data holder must not discriminate between different companies or their partners when making data available – a manufacturer will not be allowed to prefer its own subsidiaries or affiliated companies, for instance. Clauses in data sharing agreements that are not in line with the Data Act will be considered non-binding. SMEs will benefit from model clauses and an “unfairness test” for their data sharing contracts, where grossly unfair clauses will also become non-binding.

3. Government access under emergency circumstances

A potentially controversial aspect of the Act is an obligation on businesses to make data available to governments in the event of emergency circumstances. In cases of “exceptional need to respond”, for example, a public health emergency, terrorist attack, or a flood, businesses can be required to share relevant data freely. In other less urgent cases governments can request data at a reasonable profit margin. While the Data Act notes that such government requests must be proportionate, i.e., not exceed what is necessary to address a certain situation, this suggestion will likely raise eyebrows.

The Data Act is the last proposal coming out of the EU’s data strategy that applies to all sectors. It will be complemented by sector-specific rules going forward, with rules on health data already underway and recently confirmed plans to draft a specific proposal for the automotive sector. The draft law will be discussed and amended by the European institutions, with heated lobby campaigns on access and portability rights, among others, to be expected.

Our digital team will would be happy to help you assess the potential impact on your business and to discuss taking any further action. Please do get in touch by clicking here or replying to this email if this is of interest.

The digital world has brought with it countless benefits, from instant messaging to versatile working opportunities. But the accompanying negative effects have become increasingly difficult for policymakers to ignore. There are concerns around social media and online harms. The EU and the UK are the first to draft regulation in this area; the EU with the Digital Services Act (DSA) and the Digital Markets Act (DMA), and the UK with the Online Safety Bill. But can incoming regulation effectively protect users without unfairly limiting their online experience?

It is no easy feat to define harmful content; after all, what is harmful to one person is not to another. The Online Safety Bill defines it as having a “significant adverse physical or psychological impact”. But for many, social media is a platform to engage in debate. The naysayers to regulation believe that regulation of online speech limits this debate and impinges on free speech rights. Perhaps it is not in the remit of corporations or governments to determine what may or may not be said online, but some believe that an external regulator such as Ofcom, in the Online Safety Bill’s case, is better equipped to draw the line between encouraging debate and preventing harmful discussion that risks real-life consequences.

Digital platforms enable the rapid spread of content and information. For many, technology has been a champion of the pandemic, enabling day-to-day life to continue despite remaining inside our homes. However, the fast spread of mis- and dis-information via social media platforms has also been the source of much attention. Viral content can be harmful, and the speed at which it spreads means that hundreds of thousands of people can be affected by this content before moderators pick it up, as demonstrated for example by the viral videos that followed the 2019 Christchurch massacre. Incoming regulation from both the UK and the EU will impose duties of care onto online platforms. This will require digital service providers to reflect on how content is shared on their platforms, as they themselves take on the responsibility of the publisher.

Incoming regulation, while no doubt necessary in some form, must be careful not to create barriers to entry. The scale and power of Big Tech has led to much of the issues that we see today, and regulation must be conscious not to discourage new entrants due to additional reporting requirements that only established tech giants are equipped to cope with. Commentators on the whitepaper preceding the Online Safety Bill claimed the Bill “must not entrench the market power of the largest platforms by increasing barriers to entry for competitors. Ultimately, this would harm consumers.” The DMA is particularly cautious of this issue, taking a more targeted approach in its regulation of the Big Tech ‘gatekeepers.’ Ofcom will have to regularly assess the impact on competition following the implementation of the Online Safety Bill.

Recent developments have highlighted the fact that many digital services and social media companies prioritise user engagement and advertising incentives over safety concerns. Incoming regulation must ensure tech companies shift their focus to user safety and user experience. However, the scale and complexity of the digital world means that incoming regulation will inevitably fail to initially tick all the boxes. Future iterations are to be expected and welcomed, both from the UK and the EU themselves, as well as other jurisdictions. Online safety is a cross-border issue which differs depending on political and social contexts. A variety of approaches will be paramount in developing appropriate and adequate regulation in this area if unintended consequences are not to cause more harm than good.

This article appeared in the Cicero/amo December 2021 newsletter.

Cicero/amo’s research team was delighted to support Tech Nation Insurtech Board’s Open Finance: The future of insurance innovation report, that explores the benefits, challenges and next steps on Open Finance and what it means for the future of insurance innovation.

The report finds that whilst Open Finance may present many opportunities, it is still in a nascent stage of development, and offers a series of building blocks to help ensure Open Finance can effectively progress from concept to reality.

Click here to access the full report, which looks at the future of innovation and its effect on insurers, insurtechs and customers.

#OpenFinance #InsurTech

Digital identity that is accepted and recognised across the EU has been recognised as a key element for the EU’s digital single market strategy. The impact of COVID-19 on the digitalisation of services in all areas has further highlighted the need for citizens to be able to use online identification that is simple, secure and can be used across Europe.

The European Commission has therefore chosen to expand the existing Regulation on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation) in June 2021, establishing an EU-wide obligation for Member States to produce European Digital Identity Wallets including national electronic IDs (eIDs) that can be used for a variety of services.

Cicero/amo has prepared an overview of what to expect from the new framework, which market participants it will impact, as well as a timeline of changes to come.

Click here to access Cicero/amo’s overview of the latest legislative developments on digital identity and electronic IDs.

When you think of TikTok it may be lip syncing videos and dances that spring to mind, or #CatsOfTikTok (currently 40.9 billion views). But there’s much more to a platform which hosts an increasingly diverse range of interests, including a growing number of amateur investors who have discovered investing through apps such as Robinhood.

Do you know what it means to double your stimmy? If so, you’re probably already familiar with the world of StockTok, also known as FinTok. For those of you that are not, let me explain. StockTok videos are about investing, or more specifically getting rich. Videos range from investment advice to explaining stock market terms, to simply bragging about how much money you have made.

Scrolling through StockTok and FinTok videos there are some obvious recurring themes. “Stocks that will double in 2021”. “How to double your stimmy” (US government stimulus payment). “If you invested $X in this stock one year ago you’d now have $X” (Tesla is a common recurrence here). Promises of massive financial gains from minimal effort. This is not a place for diversified portfolios or warnings that past returns are no guarantee of future performance.

TikTok Investors on Twitter documents some of the more spurious advice. In one video that was widely circulated in January, “Chad and Jenny” detail how they “fund their lifestyle”. Chad explains that he trades stocks on Robinhood, and that investing may sound intimidating but it’s actually really simple. He sees a stock going up so he buys it, then he watches it until it stops going up and he sells it. Genius! In the previous month this strategy had seen him turn $400 into over $14,000. Why isn’t everyone doing this?

In this case, the backlash was swift and the video soon deleted. The problem is Robinhood’s and FinTok’s growth have coincided with a period of strong market performance since 2019. Markets suffered badly at the beginning of the pandemic, but soon bounced back. The S&P 500 hit all time highs in late 2020 and early 2021, this rebound meant there was money to be made. When markets are going up everyone is an investment genius.

This has come at a time when people have been forced to spend more time at home than ever and are looking for ways to pass the time. They see videos promising massive returns, and evidence that people have made thousands of dollars. But what happens when markets head in the other direction?

That’s the risk.

TikTok investors speak in convincing language, using terms that make it sound like they know what they are talking about. Sure, turning $4,000 into $1 million in eight weeks simply by doubling your money every week is obviously ridiculous, but others are more convincing to those new to this.

If an individual started investing in April last year they’ve only seen markets going up and have evidence of the money they have made. There’s always an audience for people telling you how to make quick and easy money. A young person with no investment experience might well trust them. What’s risky about investing in Tesla? Elon Musk is the richest man in the world after all.

We saw it with the Reddit driven increase in GameStop’s share price. People saw the price going up, they heard of the incredible returns and the money people had made in a short space of time. They wanted a piece of it. Stick it to the hedge funds and make money from it. Win win. But they invested too late. They jumped in at the top, and they lost money. There is a danger that people could be drawn in only to lose money they can’t afford to lose.

What can be done about it? In the UK, investment firms and platforms have to warn in their marketing that investments can go down as well as up and past returns are no guarantee of future performance. It is next to impossible to regulate what people are saying in their videos which are being viewed all over the world, which means it is only TikTok itself which can act here. The pandemic brought about a change in approach from Twitter and Facebook, who became less hesitant to post warnings of misinformation and introduced COVID-19 information hubs. Perhaps TikTok could include its own warning about the nature of investments on any video posted with #StockTok or #FinTok, or even create a financial information hub with some real, sensible investment advice. TikTok’s users are predominantly in the 18-24 age bracket and if this could be extended to other topics too it could be an opportunity for TikTok to show it is a force for good after months of damaging stories about its Chinese ownership.

Until then, unfortunately there are going to be people losing money.

Having joined Cicero/amo as the Head of FinTech in April 2021, the last month has seen a flurry of activity for the UK’s Financial Technology sector. 

We’ve seen the publication of the Kalifa Review into UK FinTech, the UK Listings Review chaired by Lord Hill, and a number of announcements following UK FinTech Week, of which a non-exhaustive list includes HMT Treasury / Bank of England’s taskforce on digital currencies, the Financial Conduct Authority’s (FCA) Regulatory ‘Scalebox’, and the UK Department for International Trade’s (DIT) FinTech Export Academy and FinTech Champions Scheme. 

Of course not everything has been rosy, as the shadow of the Greensill scandal (to some arguably a FinTech firm, and to others not), looms large – having since spawned several independent and parliamentary inquiries into the role of “secret lobbying” at the heart of Government. So where does all this leave the UK’s FinTech sector moving forward? 

Following Chancellor Rishi Sunak’s written ministerial statement in response to the Kalifa Review, it’s clear the Government sees the sector as the future for financial services, and one which is more open, greener, and technologically advanced. However, for FinTech to be a key component of this future much still needs to be done. 

On capital raising, whilst UK FinTech continues to punch above its weight having secured £2bn across 117 deals in Q1 2021, there remains a £2bn annual growth funding gap which risks FinTechs scaling their operations elsewhere. Whilst the Kalifa Review recommends a £1bn FinTech Growth Fund deployed over 5 years, this would cover only approximately 10% of the total funding gap. As such, we need to think about the entire funding life cycle, with a view that whilst private market intervention will help, it is equally important to ensure the path towards IPO remains flexible, and internationally comparable for scalable FinTechs. On this, the Listings Review and the FCA’s consultation paper on special purpose acquisition companies (SPACs) will be instrumental. 

Looking at talent and skills, a perennial issue facing FinTechs has been the depth and diversity of its talent base. As June Angelides MBE, Principal at Samos Investments noted during UK FinTech Week “female founded FinTechs account for only 17% of the UK’s total venture capital investment in FinTech” and black founders have been found to systematically lack access to networks, or institutional investors. Accordingly, it will be important to engage earlier in the career pipeline to ensure there is equality of progression and continue to encourage diversity in STEM roles. Added to this is a lack of role of data – from drop-out rates for different subjects, to understanding and benchmarking the socio-economic background of senior leadership. In summary, it’s hard to have a vision for where the UK should aim tomorrow without first knowing where we are today. 

And finally, as several commentators have suggested, it is very possible that COVID-19 has acted as a digital accelerant for broader financial inclusion. Whilst there are still one million people in the UK without a bank account, within the first month of COVID-19 6m people downloaded a banking app for the first time. 

As such, as the UK starts to provide a roadmap for policy drivers such as Digital ID, cross-regulatory sandboxes, and the transition to Open Finance much remains to be written for the future of the UK’s Financial Technology sector. 

Get in touch

Sophie-Charlotte Walter

Senior Account Manager


Matej Zezlin

Account Manager