The European Union’s landmark Data Act officially became applicable on September 12, 2025, ushering in a new era for EU’s digital economy. Designed to enhance fairness, competition, and innovation, the regulation sets out comprehensive rules governing how data—particularly industrial and IoT-generated data—is accessed, shared, and used across the bloc.
At its core, the Data Act empowers users of connected products such as smart appliances, cars, medical devices, and industrial machinery to access and share the data they generate. Previously, manufacturers and service providers often retained exclusive control of this information. Now, businesses and consumers alike can use or transfer their data to third parties, enabling the creation of new aftermarket services, boosting competition, and ensuring that the value of data is more fairly distributed.
Beyond user rights, the law establishes clear rules for business-to-business and business-to-government data sharing. Companies will be obliged to provide data to other firms or public authorities under fair, reasonable, and non-discriminatory conditions, with safeguards in place to protect trade secrets. Public bodies will also be able to request data in cases of exceptional need, such as during emergencies, to support evidence-based decision making.
Another major component of the Data Act tackles contractual fairness, targeting situations where larger companies impose “take-it-or-leave-it” terms on smaller partners. By limiting unfair terms and creating dispute resolution mechanisms, the Act aims to level the playing field for small and medium-sized enterprises.
The legislation also takes aim at Europe’s cloud and edge computing markets, mandating easier switching between service providers and full removal of switching fees by January 2027. Interoperability standards will be rolled out to ensure that data and applications can move seamlessly across platforms and sectors.
Importantly, the Data Act introduces protections against unlawful foreign government access to non-personal data stored in the EU, reinforcing Europe’s commitment to digital sovereignty.
Complementing the earlier Data Governance Act, which focused on trust in voluntary data-sharing mechanisms, the Data Act provides legal certainty and enforceable rights in the rapidly expanding data economy. Together, the two regulations form the backbone of the EU’s data strategy, aimed at making Europe a global leader in data-driven innovation while safeguarding rights and fairness.
Enforcement will fall to national authorities, coordinated by designated “data coordinators,” with the European Commission overseeing harmonization across the bloc. An evaluation of the Act’s impact is scheduled within three years, leaving the door open for further adjustments as Europe’s data economy evolves.
Need Help?
If you’re concerned or have questions about how to navigate the global AI regulatory landscape, don’t hesitate to reach out to BABL AI. Their Audit Experts can offer valuable insight and ensure you’re informed and compliant.
