The European Data Act will unlock a wealth of industrial data, putting it in the hands of users. This has huge ramifications for organisations that manufacture connected products. But what exactly does this mean for the industrial sector? Let’s take a look.

The Data Act was designed to facilitate Europe’s data economy where individuals, organisations, and industries can share data to uncover new value. It aims to liberate industrial data generated by connected products and related services, improving data access and usage.  

A key component will be the new parameters around data access and ownership, with control being transferred from producers to users, who will acquire new rights over data generated by their devices, machinery. 

So what are the implications for the manufacturing sector – where users tend to be companies, rather than consumers? 

For manufacturers, the EU Data Act brings some far-reaching changes. To explore these changes, we first need to look at the situation as it stands today. This means understanding the different roles, rights, and obligations when it comes to connected products data.

The three key roles to understand are the following: 

• The manufacturer, who produces and sells the product 
• The user, who uses the product 
• The service provider, who provides services related to the product 

And here’s how the European Data Act describes the current state of these roles and their relationship to connected products data: 

• The manufacturer of a connected product has, by design, sole access to data generated during product use. The manufacturer is therefore the data holder and can generate additional value from the data by, for example, using it to improve the product or offering additional digital services. 
• In using the connected product, the user generates data, but does not have access to this data. 
• Service providers, as third parties, have no access to user-generated data. If they want to offer users product-related services, they are still unable to access this data.

The graphic below shows what the world looks like without the Data Act. Manufacturers own the connected products data, while users and third parties have no access to the data.

It’s important to note here that the data generated during a connected device’s use extends beyond usage data. Connected products data can include things like information about the device itself, or about its mode of operation. This data therefore has the potential to reveal intellectual property proprietary to the manufacturer. 

So how will the Data Act change this picture? Let’s take a look... 

Consider this scenario: a consumer has connected a smart washing machine to their WiFi and is generating usage data each time they do a wash. That data could cover everything from spin speed, to programme duration and wash temperature.   

As the data holder, the manufacturer is able to analyse this data and use it to offer the services, such as an optimised repair service, or tailored wash programme. Service providers, as third parties, do not have access to the usage data. This means they’re unable to offer data-led repair and maintenance services. 

At the same time, it’s possible that the data generated by the washing machine could be used to derive proprietary information about its control system. This may represent valuable intellectual property that the manufacturer is keen to protect.  

As a result, the manufacturer has zero interest in sharing the data with users – and much less third parties. As the data holder, the manufacturer is therefore the only entity able to generate additional value from the data. Users and third parties are shut out, limiting the potential of data, and preventing it from being reused for additional purposes. 

Applying the European Data Act to this simple model, you start to see a number of changes... 

The graphic below shows how it looks like with the Data Act in place. Users are fully entitled to access the data they generate from the use of their connected products.

Users now have a legal entitlement to access the raw data they generate free of charge. If a user permits their data to be shared with third parties, service providers can now also become data recipients.  

Let’s consider another scenario where the EU Data Act is in force... 

A user wants to use a washing machine service from an independent third party – their local repair shop, for example. To do so, the user exercises their right to receive the data generated by the use of their washing machine. They receive this information from the data holder (the manufacturer) and share it with the data recipient (the service provider).  

Using this data, the service provider can now offer a repair service that’s comparable, or perhaps better or cheaper, than that offered by the manufacturer. 

For the manufacturer, this entails a risk: usage data might exit its sphere of influence. This could enable third parties to obtain information it wishes to keep private, such as information on the function of the control system. But the user and data recipient are able to generate value from the data. This enables much more versatile use of the data than is possible without the Data Act. 

The Data Act therefore effects a major shift in the balance of power from manufacturer to user. For consumer-facing businesses, this all seems pretty straightforward. Right now, users do not have access to the data they generate, and aren’t usually in a position to do anything about this. 

Once the European Data Act enters into force, however, they'll be able to use the data they generate for their own benefit. The manufacturer will still be the data holder and will also be able to benefit from the data. But, if the user permits, these benefits will also be available to third parties.  

The aim is to boost competition and foster innovative, data-driven after-sales services. On the flip side, manufacturers are exposed to the risk of disclosing their intellectual property. That’s because, once these data have exited the company’s control, it has to be assumed that they could also be used to its disadvantage. 

Another big question mark around the Data Act is whether the B2C perspective can be applied to the B2B sector.  

Our experience suggests that there will be a few key differences. In B2B scenarios, for example, the user is a business rather than a person. When two manufacturers do business together, they usually have individual contracts in place to regulate what data is shared – and for which purposes. The regulation covers the measures required to protect data, and who has access.  

So, what do these differences mean in practice? Let’s take a look at a B2B scenario... 

An equipment manufacturer offers condition-based monitoring for the machinery it manufactures. On top of this app-based service, the manufacturer also offers B2B customers access to their machinery data.  

A small manufacturer purchases a piece of machinery and decides to connect it up, enabling it to use the condition-based monitoring app. What's more, the company elects to take up the option of accessing its machinery data, which it aims to use for purposes such as internal process improvements. Data sharing is based on an individual contract between the two companies. 

So how does this scenario look different once the Data Act is in force? 

Well, not that much actually changes. That’s because the data is already being used by both companies: manufacturer and user. The only change is that the contract needs to be reviewed and may need amending to ensure it complies with the Data Act.

Making wider use of the data looks unrealistic for the time being. Since condition-based monitoring requires very specific knowledge about the machinery and process, it’s unlikely that the company using the service would be able to obtain a comparable service from a third party. And the company is unlikely to outsource its internal process optimisation to a third party. 

There’s reason to believe that willingness to use B2B connected products will be lower than for B2C products. Why? Because usage data from a connected product may contain sensitive information about the company using the product.  

A ‘user’ company will only network a product or agree to transfer data to the manufacturer if the benefit of doing so outweighs the risk. And that risk can take multiple forms, ranging from cybersecurity risks to disclosure of trade secrets or intellectual property. 

In contrast to the B2C space, where very few users have concerns about sharing their data with a manufacturer, in the B2B space it’s reasonable to assume that businesses are likely to give a lot more thought to whether it makes sense to connect a product to a network.  

One example of this is the relatively low penetration of connected machinery on the shop floor at standalone manufacturing companies. Consequently, the general availability (or lack) of usage data may be a much more serious problem than the rules on who’s allowed to access what data. 

As an example, let’s build on the previous scenario we looked at. Say we have another small manufacturer – one that also uses a piece of machinery from the above manufacturer. This small manufacturer decides not to employ app-based condition monitoring. Highly restrictive IT security rules prevent the machinery from being connected to an external network. The manufacturer does not currently have access to usage data (is not a data holder) and will still not have it after the Data Act comes into force. It would in theory be possible to extract usage data via a USB port, and this would still be possible under the Act. 

A political agreement was reached between the European Parliament and the Council of the EU on the Data Act on June 28, 2023. The Act is now subject to formal approval. Once adopted, it will come into force after 20 months. 

The Data Act will mark a transformation in the handling of industrial data. One that places new controls and ownership with users. One that will redefine how we design and develop connected products. And one that could redefine how manufacturers and service providers create value and drive revenue. 

For these reasons, it’s critical that industrial sector organisations start preparing for new data access regulations today. This might sound daunting, but it doesn’t need to be. Talk to us today about how we can support you on your data journey.