European Union: Issued EDPB-EDPS Joint Opinion on Data Act including data protection measures

On 4 May 2022, the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a set of Joint Opinions on the EU Commission's Proposal for a Data Act. The EDPB and EDPS find that additional measures are necessary to ensure that privacy and personal data protection is not lowered in practice. In relation to the rights to access, use and share data, they argue that it should be made clear that access, use and sharing of personal data by non-data subjects remain subject to the GDPR and other data protection laws, and that personal data protection laws prevail in case of conflict. Further, the EDPB and EDPS find that a proposed chapter of the regulation which would make data available to public sector and EU institutions in circumstances of "exceptional need" is insufficiently precise, accessible, and foreseeable to justify a limitation on the right to personal data.