How the EU Data Act is revolutionizing the digital economy for us

Hello dear ones, let's talk about a revolution that just went ‘live’ today on 12 September 2025. It affects us all, whether in our smart homes, on the way to work or in the factory hall. It's about data, the undeniably most important resource of our time.

You may have heard that the EU Data Act It entered into force on 11 January 2024. That's right, but today is the day when the actual commitments come into force, which now ideally make all his promises a reality.  

First of all, this law is a different approach from the EU, not an annoying, bureaucratic set of rules that should make your life difficult.
On the contrary:
It is a powerful data booster for the entire European economy and, more importantly, for your personal digital sovereignty.

The EU Data Act authorizes us to regain control of our data and, ideally, to use it for what it is: Foundation and drive for innovation and growth. Let's explore the positive aspects of this change together and find out how you can benefit from it.

Why the EU Data Act is changing the rules of the game

The digital world is developing rapidly, but there is a huge imbalance. Figures from the European Commission show that up to 80 percent of industrial data remains unused. Imagine it's like a gold mine that nobody mines. This data is in the hands of device manufacturers, in so-called ‘data silos’, which we as users can only partially access. This gives data holders a potentially monopolistic market position and hampers innovation because the valuable information for new business models or improved services is not freely available.  

It is precisely this maladministration that the EU is tackling with the Data Act. The overall objective is to give the economy wider access to the data resource and to build a fair, open and dynamic data economy (the so-called ‘data economy’). The economic promise that the European Commission attaches to this is enormous: It expects gross domestic product to increase by 270 billion euros. The Data Act has three main objectives: boosting the data economy, advancing digitalisation and dissolving existing data monopolies through fair data exchange.  

However, this law should not be understood as an individual measure, but as a key pillar of the comprehensive European data strategy. It works hand in hand with the Data Governance Act (DGA), which has been applicable since September 2023. While the DGA aims to strengthen trust in voluntary data exchange mechanisms and establish rules for data intermediation services, the Data Act provides legal clarity and concrete mechanisms for who may use and access data under what conditions. The close link between these two laws illustrates a profound strategic approach. The EU has recognised that simple regulation is not enough. Instead, a comprehensive, horizontal and at the same time trust-based ecosystem will be created.

The DGA lays the foundations for the infrastructure of voluntary exchanges, while the Data Act lays down the legal obligations that allow access to previously closed data. This orchestrated approach forces manufacturers and service providers to fundamentally rethink their business models. You can no longer simply collect and hoard data to gain a competitive advantage. Instead, they are encouraged to actively provide access.

This shift from a purely ownership-based to an access-based model is a direct lever to soften data monopolies and makes the EU a global frontrunner in data legislation as it seeks to solve the technical and legal aspects at the same time. The vision is not just to share data, but to create a complete, functioning ecosystem from which every actor can benefit.  

Three points for you: The advantages at a glance

The EU Data Act brings concrete benefits that redefine the rules of the game in three key ways: It gives users back control over their data, ensures greater fairness in business relationships and facilitates switching between digital services. The following table gives you a quick overview of the main benefits and their effects.

advantage	Who benefits?	How?	examples
Control of your own data	Consumers & Business (B2C & B2B)	Access to usage data of connected products, disclosure to third parties	Smartwatch data to fitness trainers, machine data to third-party service providers
More competition and fairness	SME	Protection against unfair contractual clauses, cost limitation for data access	Medium-sized companies only pay the costs for data access, not the profit of the data holder
Easier cloud switching	Companies of all sizes	Elimination of switching fees, improved portability, interoperability	Migrating from AWS, Azure or Google to a true European cloud solution - no obstacles!
Data for the common good	Public bodies & Company	Data access in emergencies such as natural disasters or pandemics	Real-time traffic data in the event of, for example, a natural disaster

Your data, your power: A new right for all of us!

Imagine you bought a connected product, be it a smart coffee machine, a fitness tracker or a highly complex industrial machine. Until now, the usage data was often in the hands of the manufacturer, and you could only access them to a limited extent. The Data Act fundamentally changes this: As a user, you now have a legal right to view the data generated during use and to decide what happens to them.  

The benefits for you are obvious:

Firstly: You get full transparency and control. Before entering into a contract, providers must clearly and comprehensibly inform you about what data the product collects, how it is stored and how it is used.

Secondly: Access to the data must be simple and direct. Manufacturers are obliged to provide the data in a common, machine-readable format, free of charge and without unnecessary delay.

Thirdly: – and this is a particularly crucial point: You can not only use this data yourself, but also pass it on to third parties. This enables completely new, data-driven services that improve your everyday life or your business processes.

For example, the data of your smartwatch could be forwarded directly to a fitness trainer, or as a company you can give the operating data of a machine to a specialized third party to optimize your processes.  

This new legal right to data is not a simple cosmetic change; It is forcing a fundamental change in product design. The principle Data Access by Design becomes obligatory. From September 2026, manufacturers will have to design new products from the ground up in such a way that data access is technically simple and secure for the user. This is not an afterthought, but a fundamental design process. The need to provide technical interfaces has a direct impact on companies' innovation strategy. Instead of hoarding the data, they now have to invest in the infrastructure that enables smooth data exchange.

This process creates a new competitive advantage: Companies that see the Data Act not as a burden, but as an opportunity and make data access a smooth, value-creating customer experience will prevail in the market. The need for compliance thus becomes a powerful driver of innovation.  

Bye-bye data restraints: More Fairness for Businesses

Especially in the B2B sector, there has often been an unequal market power. Large companies could bind small and medium-sized enterprises (SMEs) with unilateral contracts to the detriment of the latter and exclude them from using their own data. The Data Act puts an end to this and massively strengthens the rights of SMEs.  

For you as a company, this means a significant advantage. Unfair, unilaterally imposed clauses in contracts that impede data access will no longer be binding as of 12 September 2025. The law introduces so-called ‘fairness tests’ to identify such clauses.

In addition, the issue of costs is regulated transparently: As an SME, you may only pay for the data access directly incurred by the data holder; No profit premium! This significantly reduces the barriers to accessing important data. The European Commission is also planning to develop model clauses for data transfer contracts, which should simplify contract preparation and legal certainty for all parties involved.  

Light and shadow?

A frequently expressed concern concerns the protection of company data/trade secrets. The law has explicitly taken this into account. The Data Act is not a license to access sensitive information or trade secrets that may be contained in the data. Rather, it requires the data holder and the user to take precautions to preserve the confidentiality of trade secrets. The law does not conflict with existing regulations such as the German Trade Secrets Act (GeschGehG), but complements them. For companies, this means establishing clear processes to identify, anonymize, or aggregate sensitive data before it is shared. This balanced approach demonstrates the nuance of the law, which seeks to reconcile the promotion of the data economy with the protection of legitimate investment and intellectual property.  

A contingency plan for all of us: How data can save lives

The Data Act also has important societal benefits. It allows public authorities to access private company data in the event of a ‘public emergency’ (such as natural disasters, pandemics or serious cyber incidents).  

This access is strictly regulated and limited to what is necessary. If necessary, data relating, for example, to the flow of goods or the movement of people can help to cope with crises more quickly and effectively.
This is a crucial measure that strengthens the resilience of our society in times of change. Apart from emergencies, public sector bodies may also have access to non-personal data for research purposes or to develop better public services if there is no other way to obtain the data.

The End of Vendor Lock-in: A liberated (cloud) market

I guess many of you from the technical environment know the feeling of being trapped in a cloud provider. The problem is known as ‘vendor lock-in’: High switching fees, technical hurdles and complex contracts make it almost impossible to switch to another provider, even if it had a better offer. The Data Act puts an end to this and frees you from these digital shackles.  

The law requires that providers of data processing services: such as Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) must make switching as easy as possible for you. Providers must remove all commercial, technical, contractual and organisational barriers.  

The concrete advantages for you are far-reaching:

• Easy portability: Data must be provided in a structured, machine-readable format so that you can migrate it without any problems.  
• Elimination of fees: Providers must continuously reduce bills of exchange. As of January 12, 2027, they will not have to charge you for switching to another provider.  
• Functional equivalence: You should be able to enjoy the same functionality and operational readiness with the new provider as before.  
• Shorter notice periods: The maximum permissible period of transition and notice is limited to 30 days or two months.  

Interested in an example? No problem:

As a slightly older private person, you may still know the time when you could not take your mobile phone number ‘just like that’ to another provider. This was already introduced in the early 2000s, by many providers at that time still with complicated processes and switching fees – let's say kindly ‘somewhat difficult’. Since 2021, this has now to be done free of charge and in an uncomplicated manner. Now imagine this for other services and your data, then you understand the effects better.

The Data Act is a catalyst for a more robust and competitive European cloud infrastructure. The simplification of the change greatly increases the competitive pressure. Instead of lock-in customers, vendors now have to convince with superior quality, better service and more attractive prices. This will accelerate innovation in the European cloud market and lead to lower prices. The law creates an environment in which even smaller, specialized providers have a chance, as the hurdles for the customer change fall.

The result is more freedom of choice and tailor-made solutions for companies, which in turn drives the digital transformation.  

From theory to practice: The Data Economy in Action

A law is only as good as its application in practice. This is where interoperability and pioneering industry initiatives come into play, turning the vision of the Data Act into reality and showing what the data economy of the future can look like.

The language of innovation: Interoperability as a trailblazer

In order for data to flow seamlessly across machines, systems and industries, a common language is needed. The Data Act therefore calls for the development of interoperability standards to remove barriers to data exchange.  

This is where the standard plays. OPC UA a central role. It is one of the most important communication bases for the Industry 4.0 and the Internet of Things (IoT). The Association of German Mechanical and Plant Engineering (VDMA) Together with its member companies, OPC has developed UA Companion Specifications. These create a manufacturer-independent and platform-independent language for machines that defines which data must be exchanged and how. The initiative umati (universal machine technology interface) promotes the technical applicability of these standards specifically for machine tools and supports SMEs in their implementation. This shows, The industry itself creates the necessary tools to meet the legal requirements.  

Manufacturing-X: This is what the future looks like

An outstanding example of the implementation of the principles of the Data Act is the initiative Manufacturing-X. It is supported by the Federal Ministry of Economics and is a cross-industry cooperation between industry, science and politics. The ‘X’ in the name stands for ‘Exchange’.  

Manufacturing-X brings the vision of the Data Act to life. Projects such as Catena-X (automotive industry), Factory-X (machinery and plant engineering) and Aerospace-X (aeronautics) show concrete use cases how new data flows can be used.  

• Predictive maintenance: Machine data is securely shared across the ecosystem with service providers to identify maintenance needs at an early stage and prevent outages.  
• Sustainability: Data from the entire supply chain is shared to transparently calculate the Product Carbon Footprint (PCF) or create Digital Product Passports (DPP).  
• Increased efficiency: Data enables better management of supply chains and optimisation of production.

The relationship between the Data Act and initiatives like Manufacturing-X is symbiotic. The Data Act creates the legal compulsion to exchange data, while Manufacturing-X provides the technological infrastructure and standards to make this exchange secure and efficient. One without the other would not work. The transformation from closed data silos to open, interoperable ecosystems is enabling a new form of collaborative value creation in Europe. Businesses can confidently share data without losing control and drive innovation together. This is the true revolution: the transition from competition at a standstill to a cooperative and competitive ecosystem that benefits everyone.  

Challenges and critical voices: A clear view of the hurdles

Of course, despite all the euphoria, there are also critical voices and challenges in the implementation. A survey des Digital association Bitkom shows that opinions in the digital economy are divided: While nearly half of companies see the Data Act as an opportunity, a nearly equal proportion see it as a risk.

This skepticism is based on concrete concerns. Industry representatives such as the VDMA complain that the generic definition of data could lead to uncertainty. In addition, they see legal interference with contractual freedom as a potential disruption to the data market, which could outweigh the desired opportunities.  

Implementation poses major hurdles for small and medium-sized enterprises (SMEs) in particular. Many do not have their own legal department and are overwhelmed by the complex regulatory requirements. This can lead to the fact that the obligations that are supposed to benefit all companies are perceived as a burden.

The European Consumer protection organisation BEUC He even called the law as a "missed opportunity", as I read on it-daily.net, because too many exceptions could make it more difficult to apply in practice. There is a desire for more support and clear guidance to ensure that the law can take full effect and does not become a bureaucratic hurdle.

On heise.de is among other things also pointed out that with all the advantages offered by the new law, Germany is of course lagging behind once again. It has not been uniformly clarified until the start who is now responsible for consumers should a dispute arise, nor how and where contact points would be. After all, the state data protection officers who also cover compliance with the GDPR as an area of responsibility have probably considered themselves ‘responsible’ for the time being. Thomas Fuchs, the LDB for Hamburg It even has an opinion on and a PDF with further information published. This concludes with the following words:

The Land data protection authorities are currently required to prepare to carry out the supervisory task assigned to them in Article 37(3) DA as of September. Under the current time pressure, it is not appropriate to wait to see if and how the federal legislature modifies the EU regulatory requirements for supervision.

Your way to the advantage: How you can act now

The main obligations of the Data Act are from today, 12 September 2025 It has now entered into force, and the design requirements for new products intercept September 2026. There is no longer any reason to wait. The time to prepare is now. Imagine that you are already setting the course and turning a duty into a competitive advantage.  

Here are three concrete recommendations for action on how you, especially as a large company, can take advantage of the opportunities:

1. Auditing data: Get a comprehensive overview of your data flows. What data do your products and services generate? Who currently has access to it? Is access technically possible? This inventory is the basis for all further steps.
    
2. Review and adjust contracts: Check your existing B2B contracts for unfair terms. Adjust your general terms and conditions (GTCs) for your products to comply with the new information requirements. Make sure to establish mechanisms to protect trade secrets without hindering the exchange of data.
    
3. Recognising and acting on opportunities: Think about your business model. Where are the unused data treasures that you can now offer? Where can you improve your own services and open up new revenue streams by accessing your customers' data? The Data Act is your chance to develop new data-driven services and partnerships. Use compliance requirements as a stimulus to drive innovation in your organization.

Here's a quick checklist for your quick start:

☑ Inventory of data flows in the company.

☑ Review contracts and terms and conditions with customers and service providers.

☑ Plan and provide interfaces for data access.

☑ establish mechanisms for the protection of trade secrets.

☑ Training employees and establishing new processes.

Not only large companies can take advantage of the opportunity, but I also see some advantages as a private individual, self-employed person or SME.

For you as a private person

In addition to the benefits mentioned in the blog post, there are other practical details that may affect you directly.

• Wide applicability: The law does not only apply to the obvious smart devices. Your connected car, vacuum cleaner, smart meter and even your connected coffee maker are also covered by the regulation if they collect data.
   
• Data formats: You have the right to receive your data in a ‘common machine-readable format’. This often includes simple formats such as CSV or XML, which allow you to easily pass the data on to other services or analyze it yourself.
   
• No costs for the user: Access to your own data must be free of charge for you. If you instruct a data holder to transfer your data to a third party, the third party may be compensated for the transfer, but you yourself may not be charged any costs.
   
• Important interaction with the GDPR: The Data Act does not replace the GDPR, but complements it. This is especially relevant if the data contains personal information, which is the case with most smart devices. In this case, a third party to whom you wish to share your data must have a valid legal basis under the GDPR before being allowed to process your data.  

For you as a self-employed person or an SME

As a company, they are Details of implementation It is crucial to turn the new obligations into opportunities.

• Concrete implementation of the technical infrastructure: In order to meet the requirements of the law, an API (Application Programming Interface) is the most obvious technical solution to enable users and third parties to access data. Important security measures to consider include implementing strong authentication such as OAuth2 and using TLS/HTTPS to encrypt traffic.
   
• Management of data requests: In order to comply with the legal requirements that data requests must be answered ‘without undue delay’, it is advisable to set up an internal ticketing system or a ‘Data Act Triage Queue’. In this way, requests can be immediately recorded, prioritized and forwarded to the right employees. Regular quarterly reviews of disclosure logs are also advisable to streamline processes.
   
• Dealing with mixed datasets: Many records contain both non-personal and personal data. In this case, the GDPR applies to the entire data set. A good practice is to separate personal data from industrial data (data segregation) before they are shared.
   
• Cost regulation in the B2B sector: If you, as a small or medium-sized enterprise (SME), request data from a data holder, they may only charge you for the directly incurred costs of provisioning, without any profit surcharge. The data holder shall disclose those costs in a transparent manner.  

The Data Act is not only a law that must be observed, but an invitation to rethink one's own data strategy. By taking these additional aspects into account, you can not only comply with the new rules, but also gain a real competitive advantage from them.

Conclusion: Data as an opportunity for a strong future

The EU Data Act is more than just a law, it is the blueprint for an open, innovative and fair data future in Europe. The implementation challenges are real, but the opportunities are huge. The new rules and opportunities will make the European economy more resilient, competitive and sustainable.

The law empowers us all to take control of our data and use it as a driver of innovation and growth. Get ready now, because you can actively shape this digital future and make the most of the greatest resource of our time.