EU rules take aim at illegal data transfer to non-EU governments

BRUSSELS, Feb 23 (Reuters) - Amazon , Microsoft (MSFT.O)and other providers of cloud and data processing services will have to set up safeguards to prevent non-EU governments gaining illegal access to EU data, according to draft legislation from the European Commission.

The Data Act, published on Wednesday, lays out rights and obligations on the use of EU consumer and corporate data generated in smart gadgets and machinery as well as consumer goods.

This confirms a Reuters report earlier in February that the Commission aimed to tighten curbs on data transfers. read more

The draft law is part of a series of rules aimed at curbing the power of U.S. tech giants and to help the EU achieve its digital and green objectives.

"We want to ensure greater fairness in the allocation of value created by data," the Commission's digital chief Margrethe Vestager told a news conference.

"We are buying more and more products that generate data from smartwatches to connected cars and currently it's mainly the manufacturer of these products who holds and uses the data," she said.

The EU executive said the new rules will free up a huge volume of data for use and which is expected to add 270 billion euros of additional gross domestic product by 2028.

The Data Act also imposes contractual requirements and interoperability standards on cloud and edge services to make it easier for companies to switch to a rival and for data to be used between sectors.

Users of connected devices will be able to access data generated by them, which typically is only accessible to the device makers, and share it with other companies providing aftermarket or other data-driven innovative services.

Companies will be obliged to provide certain data to governments during public emergencies such as floods or wildfires.

EU concerns about data transfers have grown since former U.S. intelligence contractor Edward Snowden in 2013 revealed mass U.S. surveillance.

This led Europe's top court to outlaw a transatlantic data transfer pact known as the Privacy Shield which thousands of companies depended on for services ranging from cloud infrastructure to payroll and finance.

The United States and the EU have since then been struggling to find a new data agreement.

The Data Act will need to be thrashed out with EU governments and lawmakers before it can become law.

Reporting by Foo Yun Chee, editing by Ingrid Melander and Jane Merriman

Our Standards: The Thomson Reuters Trust Principles.