Contact Us
The EU Data Act: Ushering in a New Era of Data Access and Sharing

augustus 26, 2025


On 12 September 2025, the EU Data Act (Regulation (EU) 2023/2854) will become directly applicable across all EU Member States, including the Netherlands. This landmark regulation represents a fundamental shift in how data — particularly non-personal data — is accessed, used, and shared across the European data economy.

For companies operating in tech, manufacturing, IoT, cloud services, and data analytics, the Act introduces both compliance obligations and new opportunities for innovation and collaboration.

What is the EU Data Act?

The EU Data Act is designed to unlock the value of industrial and usage data by promoting fair access, transparency, and interoperability. Its key objectives are to foster innovation, ensure a level playing field, and empower users to benefit more directly from the data generated by connected devices and services.

The regulation introduces:

  • User access rights to data generated by connected devices (e.g., wearables, sensors, vehicles, smart machines).
  • Obligations for manufacturers and service providers to make data accessible in a structured, commonly used format.
  • Frameworks for B2B and B2G data sharing, such as access for public authorities during emergencies.
  • Rules for switching cloud and edge providers, ensuring portability and reducing vendor lock-in.
  • Protections against unfair contract terms in data-sharing agreements.
  • Safeguards for trade secrets and cybersecurity, ensuring that openness does not compromise trust or security.

Who is Affected?

The Data Act has wide-reaching implications across sectors. It affects:

  • Manufacturers of connected products (e.g., IoT devices, vehicles, equipment)
  • Service providers delivering related maintenance, monitoring, or platform services
  • Data holders, including companies storing and processing usage data
  • Data recipients, such as competing firms or public bodies
  • Cloud and edge service providers, who will face new interoperability and switching rules

Implementation in the Netherlands

The Authority for Consumers and Markets (ACM) has been appointed as the national data coordinator, responsible for overseeing compliance and facilitating dispute resolution.

Where the Data Act overlaps with personal data regulation, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens – AP) will continue supervision under the GDPR.

Penalties for non-compliance are significant: companies may face fines of up to EUR 1,030,000 or 10% of annual turnover, whichever is higher.

A Dutch implementation bill is currently under review, focusing on enforcement powers and regulatory cooperation.

What Changes in Practice?

The Data Act rebalances control over data, moving from exclusive manufacturer control to broader access for businesses, citizens, and governments. Examples include:

  • A car owner sharing vehicle usage data with a garage for maintenance.
  • An industrial company using machine data to optimize operations.
  • A citizen switching cloud providers without prohibitive costs or disruptions.
  • A government agency accessing private-sector data during a natural disaster or cyberattack.

Other measures include:

  • Mandatory data portability for users.
  • Ban on cloud switching fees within three years of the Act’s entry into force.
  • Requirements for cloud interoperability, allowing parallel use of different services.
  • Alignment with the Data Governance Act, reinforcing a coherent EU-wide data framework.

Key Takeaways for Businesses

  • Map your data: Identify what data is generated, by whom, and under which legal basis.
  • Review contracts: Update licensing and data-sharing agreements to comply with the Act.
  • Prepare for access requests: Build internal processes to handle user and third-party requests.
  • Safeguard sensitive data: Ensure trade secrets and cybersecurity remain protected.
  • Revisit cloud strategies: Review switching terms and interoperability requirements in service contracts.

Conclusion

The EU Data Act represents a paradigm shift in data governance — from exclusive control by manufacturers to a model of shared access and broader innovation. While it creates new compliance obligations, it also opens the door to fresh business models, partnerships, and competitive opportunities.

For businesses, the challenge will be to adapt quickly. For users, it promises more control, transparency, and choice in how data is used. And for governments, it ensures data can be harnessed responsibly in the public interest.

References

Netherlands Enterprise Agency, RVO. (2025, JuLy 01). European Data Act for fairer access to and use of data. Retrieved from Business.gov.nl: https://business.gov.nl/amendment/european-data-act/

Nieuwenhuizen, A. (2025, August 14). The EU Data Act: A new era for data access and sharing in Europe. Retrieved from fieldfisher: https://www.fieldfisher.com/en/insights/the-eu-data-act-a-new-era-for-data-access-and-sharing-in-europe#:~:text=Within%205%20weeks%2C%20as%20from%2012%20September%202025%2C,across%20all%20EU%20Member%20States%2C%20including%20the%20Netherlands.

Photo: https://th.bing.com/th/id/OIP.IUsi4G1W7doZZpNIsZrqOAHaF7?o=7rm=3&rs=1&pid=ImgDetMain&o=7&rm=3

Related Articles

Browse All Categories