The EU’s roadworthiness package risks reversing course on open data

While the European Commission’s DG CONNECT is working hard to streamline data rules and strengthen the European data economy, which was estimated to reach 500 billion euros in 2025, the Commission’s overall approach to data rules still seems highly fragmented, especially in sector-specific initiatives. 

The so-called interservice consultations - the procedure through which the Commission’s different Directorates General exchange views on new legislative initiatives - have long been criticised for not being truly inclusive. Normally, relevant DGs are consulted, but the process is not sufficiently formalised, which often results in contradictions in approach and political blind spots that later need to be revised.

Something that the Commission’s DGs responsible for digital and competition policy should have had a say on is the incoming European Roadworthiness Package. With the package, the EU aims to (among other things) modernise rules on vehicle inspections, roadside checks, and registration procedures in a truly ambitious way. However, the package's approach to vehicle data exchange seems to go against the EU's plans of improving access to data and boosting competitiveness, as it would potentially create an EU-wide system accessible only to Member States and authorities, potentially pushing out private European players.

Solving a problem or creating a new one?

The current vehicle data rules are extremely fragmented and heavily constrained by the GDPR’s broad definition of personal data, where vehicle identification numbers (VINs) are treated as personal data, and therefore cannot be "opened". However, some Member States still choose to introduce legal exemptions, allowing access to private players such as Poland’s AutoDNA, Czechia’s Cebia, Lithuania’s carVertical, or US-origin Carfax, based in Germany. Most countries, however, don’t take proactive measures, and scaling within Europe for such companies is extremely difficult, leaving consumers vulnerable to fraud, scams, and bad purchases.

Instead of removing GDPR barriers to enable effective private European vehicle data solutions that complement consumer protection and anti-fraud efforts, the EU appears to be reversing course - perhaps without fully realising it. Since many countries treat VINs as personal data and have no private, home-grown players in their markets, consumers have limited ways to check vehicle history before purchasing used cars, and policymakers may think they are addressing a real market gap.

The incoming Roadworthiness Package seems to limit vehicle data sharing to Member States and their public entities, with no plans to extend access to private players - and it doesn’t seem like this has been part of any conversations both within the Commission and the European Parliament’s TRAN committee.

As a result, European companies with real potential to scale across Europe, compete globally, and win new markets - ultimately benefiting European budgets - would be left with nothing. Meanwhile, an EU-wide system for vehicle data exchange will take years to build, and the Roadworthiness Package itself will take years to be transposed into national laws, while consumers remain at risk of scams and fraud every day.