Does the EU Data Act backfire on Automotive?

In October Tesla opened its vehicle API. Again, a bunch of people were overly excited. It's neither revolutionary, nor very special. A bunch of other OEMs have done this before (e.g. https://developer.mercedes-benz.com, https://developer.volvocars.com/, https://developer.gm.com/). It appears that pretty much any "developer.[OEM].com" is a hit. Very similar functionality, very similar APIs - just a different flavor yet again. In fact, by now there are even a couple of companies offering data normalization of OEM-specific data access APIs so that others do need to port their functions to each and every OEM's interfaces. The interesting part is that sharing data of connected devices will be legally required in the European Union very soon.

On November 27th the Council of the European Union passed the so called Data Act. A regulation aiming to ensure fair data access and fair data use. An attempt to break the monopoly of big IT that controls data gathering through connected devices as well as data usage and exploitation. The reasoning is as follows. Legislation will require device manufacturers to expose data to any third parties at the user's will. Legally requiring to open collected data for third parties will enable a data ecosystem and allow new connected services companies to emerge because the data is no longer controlled by the device manufacturer. Or to put it in the words of the regulation

Barriers to data sharing prevent an optimal allocation of data for the benefit of society. Those barriers include a lack of incentives for data holders to enter voluntarily into data sharing agreements [...]

This Regulation ensures that users of a connected product [...] can access [...] the data generated by the use of that connected product [...] and that those users can use the data, including by sharing them with third parties of their choice. It imposes the obligation on data holders to make data available to users and third parties of the user’s choice in certain circumstances.

So far any of the developer APIs are accessible only to vetted partner companies of the respective OEM. The criteria for admission are typically not openly accessible. Although the user already today needs to be able to explicitly authorize connected services (as part of the GDPR), in the future the user has the right to have this data exposed to any third party of his or her choice. Consequently, it becomes illegal for an OEM not to open their data interfaces - they are no longer permitted to be the sole beneficiary or gate keeper of vehicle data.

First of all, this will change the technological requirements for OEMs. They need to become compatible to virtually any conceivable service while at the same time adhering to the GDPR. The authorization and permission scheme will require a major technological overhaul for some OEMs. Also, as many OEMs want to monetize on data (the Data Act still allows for fair compensation for providing the data) a metering and billing service that any connected service can access will be required.

Aside from the technological challenges that many will face, the most important question is whether the Data Act actually serves its purpose or acts against it.

The original goal is to break the monopolies on data exploitation - especially through big IT. Allow anyone to access their trove of data. But what happens when suddenly all OEMs' data must be exposed so that new and improved services can be built upon the data? Who is likely going to provide the best data pipelines to process data? Who is likely going to perform the best AI-based analysis on the data?

Companies that do not see such services as their core business, will not be able to compete in this field. I already hear the Automotive critics that Automotive does not deserve better, if they do not master this. However, this will apply to any industry and any size of company. There are only very few exemptions (e.g. for security reasons, for IP protection or for small enterprises). Any provider of a connected device must open their data interfaces - we are also talking about home automation, EV charging, and what not. With the regulation you should not build a business case that couples the sale of a device and a corresponding connected service - because anyone can replace you for the service.

But then again, when reading carefully the goal never was to break the monopoly on data exploitation. It was to decouple the markets for connected devices and data services. To create a free market for data.

... and sometimes in a free market monopolies emerge.