EU Introduces the Data Act. The End of the "Digital Prison" for IoT Devices
Your Data, Your Business – Now Also in Your Fridge
As of September 12, 2025, the provisions of the Data Act have come into force in the European Union. This is another major regulation, following GDPR, aimed at organizing the digital world. This time, the focus is on data generated by smart devices, also known as the Internet of Things (IoT).
In short: if, until now, the manufacturer of your smart coffee machine knew more about you than your family and kept that data under lock and key, that has just ended.
What Does the Data Act Change?
The regulation introduces several key changes intended to strengthen the position of consumers and businesses:
- Access to IoT data: Users (both individuals and companies) will gain the right to access data generated by their own devices. Moreover, they will be able to easily share this data with third parties – for example, an independent repair service that can diagnose a fault in a smart washing machine without being tied to the manufacturer.
- Easier switching of cloud providers: The Act aims to curb the practice of "vendor lock-in" that ties customers to a single cloud service. Providers will have to facilitate the process of migrating data to a competitor and, eventually (from 2027), abolish fees for this process. The end of the digital prison!
- Access for the public sector: In exceptional situations, such as natural disasters or catastrophes, public authorities will be able to request access to data from the private sector to respond more effectively to a crisis.
An Opportunity or a Hassle?
For users, this is great news – more control, more competition, and potentially lower service prices. For IoT device manufacturers and cloud providers, it's a significant challenge. They have time to adapt their products and services (the new rules will fully apply to devices placed on the market after September 12, 2026).
One thing is certain – the European Union is continuing its march towards building a digital market where the user, not the tech giant, holds the cards. Time will tell if this revolution succeeds.
Source: gov.pl
About the Author
Dyrektor ds. Technologii w SecurHub.pl
Doktorant z zakresu neuronauki poznawczej. Psycholog i ekspert IT specjalizujący się w cyberbezpieczeństwie.
Powiązane artykuły
![NIS2 2025: Uniknij Kar do 10M EUR [Kompletny Przewodnik Wdrożenia]](/_next/image?url=https%3A%2F%2Fimages.unsplash.com%2Fphoto-1608817576203-3c27ed168bd2&w=3840&q=75)
NIS2 2025: Uniknij Kar do 10M EUR [Kompletny Przewodnik Wdrożenia]
⚠️ 18 październik 2024 - termin wdrożenia NIS2 minął. Jeśli Twoja firma nie jest zgodna, ryzykujesz kary do 10 milionów EUR. Sprawdź obowiązki, krytyczne terminy i krok po kroku plan wdrożenia. [2025]
TSUE o Pseudonimizacji Danych: Ważny Wyrok w Sprawie RODO
Trybunał Sprawiedliwości UE orzekł, że dane spseudonimizowane wciąż pozostają danymi osobowymi, jeśli istnieje możliwość ich ponownej identyfikacji.
![Certyfikacja ISO 27001: Jak Zdobyć w 6-12 Miesięcy [Proces + Koszty 2025]](/_next/image?url=https%3A%2F%2Fimages.unsplash.com%2Fphoto-1502101872923-d48509bff386&w=3840&q=75)
Certyfikacja ISO 27001: Jak Zdobyć w 6-12 Miesięcy [Proces + Koszty 2025]
Certyfikat ISO 27001 to przepustka do przetargów i zaufanie klientów. Poznaj krok po kroku proces certyfikacji, realne koszty (40-200 tys. PLN) i 8 kluczowych kontroli, które musisz wdrożyć. Przewodnik dla firm w Polsce.
Komentarze
Ładowanie komentarzy...