Europe at the forefront of data regulation

By formalizing a cutting-edge data strategy with the Data Governance Act and Data Act, Europe is strengthening its leadership and stimulates the economy.

The Data Governance Act and the Data Act, two key pillars of the European Strategy for Data

The Data Governance Act (DGA), in application since September 24, 2023 and the Data Act (DA), which entered into force on January 11, 2024, are two main legislative initiatives resulting from the February 2020 Commission-led European Strategy for Data to create a single market for data that ensures Europe’s global competitiveness and data sovereignty. 

While the Data Governance Act provides a framework, processes and structures to facilitate the exchange and sharing of data and to enhance trust in voluntary data sharing for the benefit of businesses and citizens, the Data Act provides harmonized rules on fair access to and use of data, especially industrial data, clarifying who can create value from data and under which conditions.

Both the DGA and the Data Act seek to promote data accessibility and reuse within the EU, unlocking the enormous economic and societal potential of data, enabling the development of new products and services, making production more efficient, tackling environmental and societal challenges, fostering innovation and creating jobs.

Data Governance Act at a glance

The Data Governance Act (DGA) is a significant legislative component of the European Strategy for Data and aims to provide a legal framework, processes and structures to promote data exchange, introducing the important notion of data intermediation services, and regulating the providers of those services.

The DGA objective is to make more data available and stimulate data sharing & exchange by: 

  • Creating mechanisms for the safe re-use by the private sector of publicly held and protected data
  • Regulating data intermediation services providers who play a key role in facilitating the circulation of data
  • Promoting the sharing of data for altruistic purposes
  • Establishing the European Data Innovation Board

The DGA extends its scope to all types of data, and in particular non-personal data, also known as industrial data.  Where personal data is concerned, the General Data Protection Regulation (GDPR) applies. 

Together, the safeguards built into these regulations strengthen trust in data sharing and re-use, a prerequisite for making more data available on the market.

“This Regulation [the Data Governance Act] is a first building block for establishing a solid and fair data-driven economy. It is about setting up the right conditions for trustful data sharing in line with our European values and fundamental rights. We are creating a safe environment in which data can be shared across sectors and Member States for the benefit of society and the economy.”

Margrethe Vestager

Commissioner for Competition and Executive Vice-President of the European Commission

Regulating Data Intermediation Services Providers, a key component of the Data Governance Act

The DGA defines a set of rules for providers of data intermediation services (so-called data intermediaries) to ensure that they will function as trustworthy organizers of data sharing and providers of data exchange services. The DGA proposes a model based on the neutrality and transparency of data intermediaries.

The goal is to mitigate the fear that companies may have that sharing their data would imply a loss of competitive advantage and represent a risk of misuse.

In practice, data intermediaries will:

  • Function as neutral third parties that connect individuals and companies with data users 
  • Not directly use the data that they intermediate for any other reasons than to provide the services
  • Have to comply with strict requirements to ensure this neutrality and avoid conflicts of interest, in particular by ensuring that:
    • A structural separation exists between the data intermediation service and any other services provided
    • Commercial terms (including pricing) for the provision of intermediation services are not dependent on whether a potential data provider or data user is using other services
  • Be authorized to charge for the data exchange services they provide 
  • Be required to notify the competent authority of their intention to provide such services, which will confirm the valid submission authorizing the data intermediary to start to operate its service

The competent authority will be in charge of monitoring compliance with the data intermediation requirements while the Commission will keep a central register of data intermediaries.

Data intermediation services and data altruism organizations that meet the conditions set out in the Data Governance Act will be able to display a common logo on every online and offline publication.

logo-dg-da

Source: European Commission

Data Act at a glance

The Data Act (DA) is another fundamental block of the European Strategy for Data. The regulation is in force since January 11, 2024. Most obligations under the Data Act will apply as of September 12, 2025. Some obligations will apply one year later.

The DA aims to boost the EU's data economy by unlocking industrial data, optimizing its accessibility and use, especially data collected on connected devices, and fostering a competitive and reliable European cloud market. 

The regulation covers harmonized rules on fair access to and use of data, including:

  • Measures that enable users of connected devices to access the data generated by these devices and to share such data with third parties, boosting aftermarket services and innovation
  • Measures to provide protection from unfair contractual terms that are unilaterally imposed
  • Mechanisms for public sector bodies to access and use data held by the private sector in cases of public emergencies
  • New rules that grant customers the freedom to switch between various cloud data-processing service providers
  • Measures to promote the development of interoperability standards for data-sharing and data processing, in line with the EU Standardisation Strategy

The Data Act seeks to ensure that the benefits of the digital revolution are shared by everyone. In particular, the new legislation will empower consumers and companies by giving them a say on what can be done with the data generated by their connected products.

"The volume of data is constantly growing, from 33 zettabytes generated in 2018 to 175 zettabytes expected in 2025. It is an untapped potential, 80% of industrial data is never used. The Data Act addresses the legal, economic and technical issues that lead to data being under-used. The new rules will make more data available for reuse and are expected to create €270 billion of additional GDP by 2028."

European Commission, Data Act: measures for a fair and innovative data economy

A key component of the Data Act: Allowing users of connected devices to access the data collected and to share this data with third parties

The Data Act allows users of connected devices, ranging from home appliances to smart industrial machinery, to gain access to data generated by their use, which is often exclusively harvested by manufacturers and service providers. The user may also request that the data holder makes available usage data to a third party designated by the user. 

The goal of easier access to data from connected objects is to encourage the development of innovative digital services.

Only raw data must be made accessible to the user (consumer or business), but information obtained or deduced from this data (refined data) is not covered by the Data Act.

Based on the principle of contractual freedom, parties remain free to negotiate the precise conditions under which data will be made available in their contracts. The regulation stipulates that such terms and any fees must be fair and reasonable.

Enforcement of the Data Governance Act and the Data Act

The Data Governance Act and Data Act will be enforced by individual EU Member States, which will appoint competent national authorities for this task. Member States will also have to establish a framework of effective, proportionate, and dissuasive fines for violations of the regulations.

In France, Arcep, the regulatory authority for electronic communications, postal services, and press distribution, is designated as the competent authority for the regulation of data intermediation services providers in accordance with the European Data Governance Act. Arcep is also assigned a mission in the cloud computing market, in preparation for Europe’s Data Act, when it will be in application.

 

The Data Governance Act, a strong accelerator for reaching an efficient and trustworthy market for data in Europe

With its focus on making data more accessible and data exchanges more efficient & secure, and by acknowledging the importance of data intermediaries, the DGA is definitely creating positive impacts including:

  • Reduced costs for exchanging data, thanks to well organized data ecosystems and data spaces
  • Shorter time-to market to develop data driven product and service
  • Risk mitigation related to data sharing and exchanges that would prevail without proper rules and legal framework
  • Increased trust between stakeholders engaging in data transactions across sector and across borders

 

The Data Act, a powerful business driver for private and public organizations

Building on the Data Governance Act, the Data Act clarifies who can use data, especially data collected on connected devices, and under which conditions. Though the future regulation imposes obligations mainly on the manufacturers of data-generating products and providers of related services, it will be also a strong business driver, allowing for:

  • Easier access to large volumes of industrial data
  • More open competition especially for aftermarket services, such as repair and maintenance services
  • Stimulated innovation
  • Better prices for end customers (B2B or B2C)

Impactful opportunities offered by the Data Governance Act & the Data Act

The Data Governance Act, by regulating data intermediaries, constitutes a great opportunity for orchestrators of Industry Data Hubs and Data Marketplaces that are offering data exchange services to their ecosystem of data providers and data acquirers:

  • By complying with the DGA requirements, orchestrators increase the level of trust with participants in their ecosystems
  • The ability offered to the orchestrators to be labeled “EU Recognized Data Intermediary” and to advertise it increase their impact on the market and create even more growth potential

All industry sectors will be positively impacted by the Data Governance Act, from the private and public sector, academia and research. As trust levels are increasing between data providers, data acquirers and ecosystem orchestrators, data will be more easily shared, generating more opportunities to address economic, environmental or societal challenges.

The Data Act will also benefit many industries, and actually all industries where IoT data produced by connected consumers and industrial devices & sensors can be used to create value. Making such data more accessible will help reduce data silos and boost the development of new innovative products and services.

Dawex Data Exchange technology compliant with the DGA & DA

Dawex Data Exchange technology is designed to natively comply with the requirements of the Data Governance Act, therefore making it simple for data intermediation services providers to meet the regulation’s imperatives, as Dawex solutions:

  • Provide an open and highly secure product architecture, aligning to emerging reference architectures, best practices and standards (Gaia-X, CEN/CENELEC, W3C, DSSC, etc.)
  • Make a clear separation between data exchange processes and any other data processing capabilities, which are addressed through connectors allowing to easily interoperate with third-party tools

The Data Exchange Platform solution from Dawex is also providing the most comprehensive and fully operational set of capabilities for organizations, especially connected product manufacturers, to comply with the upcoming Data Act:

  • Sophisticated data distribution features allow data providers to meet the requirement to make available data collected from connected devices to the users of such devices (B2B), or to the third-party organizations at the request of the connected device user 
  • Data providers keep full control over the terms & conditions, and the price, if any, for making the data available
  • Data providers also have full traceability of the data transactions for all requests received and processed

“Intermediaries in the sense of the Data Governance Act are really at the service of those who want to share data: not only will the data holder keep the value of his data, but he also will keep a certain level of control over them.”

Malte Beyer-Katzenberger, Policy Officer at the European Commission
Interview with Dawex - Sept. 15, 2022

Interview of EU Policy Officer Malte Beyer-Katzenberger

Grasp the impacts of the DGA & DA on your organizations with Dawex Data Exchange Advisory

Understanding the implications and opportunities of the Data Governance Act and the Data Act can be complex. Dawex seasoned Advisors will guide you through the impacts on your organization’s business and data governance. Our experts will also help define your organization’s data exchange strategy & integrate the regulations requirements, and navigate the provisions of the DGA & DA to reap maximum benefits of their applications.

Dawex actively contributing the moving the market of Data Exchange forward

As a recognized expert in Data Exchange, Dawex is regularly solicited to share its expertise and contribute to advancing initiatives with one objective in mind: developing a trustworthy data economy. On multiple fronts, Dawex is engaged with institutions, organizations and associations to address how data exchange can be a response to economic, environmental, climate change, decarbonation and social challenges.

Leveraging Data Exchange

At the heart of innovation and new business model creation, Data Exchange enables organizations to create power data ecosystems to distribute or share data products, in trust, for any business case, in compliance with data regulations.

Dive into why you should engage in data exchange, why now, or how to foster a trustworthy data ecosystem.