The EU Data Act: Opportunities & Challenges for Your Business

On 12 September 2025, the EU Data Act will come into force – a key component of the European data strategy. The aim of the regulation is to improve the availability and usability of data – particularly industrial data – to promote fair competition and to strengthen data-driven innovation in Europe.

Essentially, the Data Act regulates who has access to what data and under what conditions – thereby creating legal clarity in an increasingly interconnected digital market. Users of connected products – whether businesses or individuals – will, for the first time, have legally guaranteed access to the data generated by their use. At the same time, fair conditions will be established for data exchange between businesses, with public authorities and on cloud platforms.

Who is affected by the Data Act?

Manufacturers and providers of connected products and digital services
Operators of data-driven business models in industry, energy, mobility, agriculture and many other sectors
Cloud and edge providers and their customers
Start-ups, SMEs and large corporations alike
Public bodies with a data-driven mandate

What are the opportunities for businesses?

Strategic use of data access: For the first time, companies can systematically access data generated by the use of connected devices – a valuable foundation for data-driven services, increased efficiency or tailored aftermarket offerings.
Further developing business models: The Data Act promotes open data ecosystems and creates new forms of cooperation – whether between manufacturers, service providers or end users.
Building trust through fairness: Clear rules on data exchange and protection against unfair contract terms create a reliable framework – particularly beneficial for start-ups and SMEs.
Ensuring technological interoperability: Requirements for open interfaces and standard formats make it easier to switch providers in the cloud environment – a boon for agility and independence.
Sharpening data strategy: The Data Act is the ideal opportunity to scrutinise existing data management structures, ensure compliance and position one’s own data strategy for the future.

Timeline of the EU Data Act: From the presentation of the first draft in February 2022 to full implementation in September 2026 – including all negotiation phases and transition periods

EU Data Act – The Facts

Regulation of the digital space has increased significantly. The Data Act came into force in January 2024 and must be implemented from 12 September 2025. This is particularly relevant for manufacturers of IoT devices. But what exactly is the EU Data Act? What are its objectives, and what requirements does it place on your business?

The main objectives of the Data Act:

The Data Act aims to ensure that businesses and public institutions can access data more easily. This is intended to promote innovation and create competitive advantages.
Users’ rights are to be strengthened so that they have more control over the data they generate through the use of devices or services. This applies in particular to data generated by connected devices (Internet of Things, IoT).
The Data Act aims to prevent large companies from abusing their market power to monopolise data. Smaller companies and start-ups are to be given better access to data, which should lead to greater competition.
Clear rules will be established on how data may be shared between companies (B2B) and between companies and public authorities (B2G). This also includes regulations for data exchange in crisis situations.
The Data Act aims to ensure that data is portable and interoperable between different services and platforms. This makes it easier for users and businesses to switch between different providers.

We can help you with this

We can help you meet regulatory challenges and navigate the technical implementation process – with a wide range of consultancy and implementation services tailored to your specific needs.

Regulatory framework

Secure. Compliant. Future-proof.

The EU Data Act presents companies with new regulatory requirements regarding data handling. We support you in fully understanding these requirements and implementing them in a legally compliant manner – from governance to contractual arrangements. This enables you to minimise risks, build trust with partners and customers, and ensure that your company can continue to operate in a compliant and resilient manner in the future.

Technical implementation

Interfaces. Access. Control.

Technical compliance is the backbone of Data Act implementation. We help you design the necessary data access points, interfaces and authorisation logic so that they are not only legally compliant but also secure, scalable and future-proof. Whether it’s machine data or usage data – we support you every step of the way, from system architecture and API design right through to integration into your existing IT landscape.

Innovation

Innovation

The Data Act does not merely impose obligations – it also opens up new opportunities. We will show you how you can strategically leverage regulatory requirements to further develop your business model and create new data-driven services. Together, we will identify potential opportunities across your value chain, rethink partnerships and drive innovation based on fair and structured access to data.

Please feel free to contact us

Portrait von Ansprechpartner Marcus Goetting