What is the EU Data Act?
The EU Data Act (Regulation (EU) 2023/2854) is the EU’s regulation establishing harmonised rules on fair access to and use of industrial and IoT data. It complements the GDPR (which covers personal data) by addressing non-personal and mixed datasets generated by connected products and related services. Entered into force January 2024; main obligations apply from 12 September 2025.
Core Data Act provisions
- Chapter II — User access: users of connected products (cars, machines, smart devices) gain rights to access data they generate and to share it with third parties.
- Chapter III — B2B data sharing: fair, reasonable, non-discriminatory access terms for businesses.
- Chapter IV — Unfair contract terms: blacklist and grey list of clauses void or presumed unfair in B2B data contracts.
- Chapter V — Public-sector access: mandatory data provision to public bodies in exceptional situations (emergencies, public-interest research).
- Chapter VI — Cloud switching: data portability, interoperability, removal of switching fees by 2027.
- Chapter VII — International transfers: safeguards against non-EU government access requests for non-personal data.
What the EU Data Act adds beyond the GDPR
The EU Data Act is a different instrument from the GDPR: where the GDPR governs personal data, the Data Act governs access to and sharing of data generated by connected products and related services — including non-personal, industrial and IoT data. Its headline aims are to let users of a connected device access and share the data it generates, to make it easier to switch between cloud providers, and to set fairness rules for data-sharing contracts between businesses. For technology companies this means new contractual and product-design obligations: building data-access mechanisms, avoiding lock-in, and reviewing B2B data clauses against the Act’s fairness standards. Companies that already comply with the GDPR cannot assume they are covered, because the Data Act reaches data and relationships the GDPR never touched.