70 The EU Data Act is a European Union regulation designed to make data easier to access, share, and move between organizations and service providers. It introduces new rules governing who can use data generated by connected products, how cloud providers support customer migrations, and how businesses exchange data across digital services. While the regulation applies across many industries, it has attracted particular attention from cloud providers, software vendors, device manufacturers, and enterprise IT organizations. Its provisions touch everything from IoT devices and industrial equipment to cloud infrastructure, object storage, and data portability. For many organizations, the most significant changes are not about generating more data—they are about reducing barriers to using existing data more effectively. The regulation aims to encourage competition, improve interoperability, and make it easier for organizations to switch providers without unnecessary technical or contractual obstacles. This article explains what the EU Data Act is, why it was introduced, who it applies to, and what it means for enterprises planning their long-term data infrastructure. What is the EU Data Act? The EU Data Act is part of the European Union’s broader Digital Strategy, which seeks to create a more competitive and innovative digital economy while giving businesses and consumers greater control over the data they generate. Unlike the General Data Protection Regulation (GDPR), which focuses on protecting personal information, the Data Act focuses primarily on access to and use of data. Its objective is to make data more portable, easier to share under appropriate conditions, and less dependent on individual technology providers. The regulation addresses several areas, including: Data generated by connected devices Cloud and edge computing services Data portability Cloud switching Interoperability Data sharing between businesses Public-sector access during exceptional circumstances Although many provisions apply within the European Union, organizations outside Europe may also be affected if they provide services or products to EU customers. Why was the EU Data Act introduced? Over the past decade, organizations have generated unprecedented amounts of operational data through connected devices, cloud applications, industrial systems, and digital services. Much of that data has remained difficult to access or move. Businesses often found themselves dependent on proprietary platforms, facing technical challenges when integrating systems or migrating between providers. In some cases, contractual restrictions or data transfer costs made switching providers expensive and time-consuming. The European Commission introduced the Data Act to address several broad objectives: Encourage greater competition across digital markets Improve access to data generated by connected products Reduce unnecessary barriers to switching cloud providers Promote interoperability between services Support innovation through responsible data sharing Rather than prescribing a single technology approach, the regulation establishes principles intended to make data ecosystems more open while continuing to protect intellectual property, security, and commercial interests. Who does the EU Data Act apply to? The Data Act applies to a wide range of organizations that generate, process, store, or provide access to data. Cloud service providers Cloud providers must support customer portability and make switching between providers easier by reducing technical and contractual barriers. The regulation also introduces requirements related to interoperability and limits certain switching charges during customer migrations. Connected product manufacturers Manufacturers of connected devices—including industrial equipment, vehicles, medical devices, and consumer IoT products—must enable users to access data generated through normal product use where applicable. The goal is to ensure customers can benefit from data their own products create instead of relying exclusively on manufacturers. Software and digital service providers Organizations offering software or digital services that process or generate relevant data may also fall within the regulation’s scope depending on how those services operate and where they are offered. Enterprise organizations The regulation affects enterprises that purchase cloud services, deploy connected devices, or rely on large-scale data infrastructure. Even if an organization is not directly regulated, its vendors and partners may be, influencing procurement decisions and infrastructure planning. Key objectives of the EU Data Act Although the regulation contains many detailed provisions, its goals can be grouped into several major themes. Improve data portability Organizations should be able to move their data between services more easily. This includes reducing technical dependencies that make migrations unnecessarily difficult and encouraging the use of interoperable interfaces where appropriate. For enterprises adopting hybrid or multi-cloud strategies, improved portability can make infrastructure decisions more flexible over time. Reduce barriers to cloud switching Changing cloud providers has historically involved more than simply copying data. Applications, APIs, storage formats, networking, and operational processes all contribute to migration complexity. The Data Act introduces measures intended to reduce unnecessary contractual and commercial obstacles associated with switching providers. The regulation also establishes a framework for gradually reducing certain switching charges, helping organizations move services without excessive exit costs. It’s important to distinguish these migration provisions from routine operational data transfers. Standard outbound data movement used during normal application operation continues to be governed by individual provider pricing models. Encourage interoperability Interoperability allows different platforms and services to exchange data more effectively. Rather than requiring identical technologies, interoperability focuses on enabling systems to communicate using documented interfaces and standardized approaches wherever practical. For infrastructure teams, interoperability reduces dependence on proprietary implementations and simplifies integration across hybrid environments. Enable responsible data sharing The Data Act also creates mechanisms allowing organizations to share data more effectively under agreed conditions. For example, businesses using connected industrial equipment may gain broader access to operational data generated by those systems, creating opportunities for analytics, predictive maintenance, and new digital services. The regulation balances these opportunities with safeguards protecting confidential business information and intellectual property. How does the EU Data Act affect cloud services? Cloud computing represents one of the regulation’s most widely discussed areas because modern enterprises increasingly rely on multiple cloud providers and distributed infrastructure. Historically, organizations moving between providers have encountered challenges including: Proprietary service implementations Application dependencies Large-scale data migrations Operational complexity Data transfer costs The Data Act does not eliminate these technical challenges, but it encourages providers to reduce avoidable contractual and commercial barriers that make switching unnecessarily difficult. For enterprises, this reinforces an existing trend toward architectures designed around portability, interoperability, and long-term flexibility rather than dependence on a single platform. What does the EU Data Act mean for storage infrastructure? Storage sits at the center of many Data Act discussions because nearly every cloud migration, AI initiative, analytics platform, or backup strategy ultimately depends on moving data. Organizations evaluating storage infrastructure may increasingly consider factors such as: Open APIs Standard protocols S3 compatibility Hybrid deployment options Multi-cloud support Data portability These characteristics can make future migrations or infrastructure changes easier while reducing operational complexity over time. Rather than viewing storage solely as a capacity decision, many organizations now evaluate how easily data can be accessed, integrated, protected, and moved as business requirements evolve. EU Data Act vs. GDPR Although both regulations involve data, they address different objectives. EU Data ActGDPRFocuses on access, sharing, and portability of dataFocuses on protecting personal dataEncourages interoperability and competitionProtects privacy rightsApplies to connected products, cloud services, and business dataApplies whenever personal data is processedAddresses cloud switching and data portabilityAddresses lawful processing and consent The two regulations complement one another rather than replacing each other. Organizations operating within Europe often need to consider both simultaneously. EU Data Act vs. Data Governance Act The EU Data Act and the Data Governance Act are related but distinct pieces of legislation. The Data Governance Act establishes frameworks that encourage trusted data sharing across sectors. The Data Act focuses more directly on who can access data, how it can be transferred, and how organizations can switch between providers. Together, they support the European Union’s broader goal of creating a more open and competitive data economy. Common misconceptions The EU Data Act eliminates cloud egress fees Not entirely. The regulation introduces measures that reduce certain switching costs during provider migrations. Routine operational data transfers remain subject to individual provider pricing models. The regulation only affects European companies Organizations outside the European Union may also be affected if they provide covered services or products to customers within the EU. The Data Act replaces GDPR No. GDPR governs personal data protection. The Data Act focuses primarily on access to, sharing of, and portability of data. Frequently asked questions When does the EU Data Act apply? Most provisions begin applying from September 2025, although some requirements have different implementation timelines. Does the Data Act affect AWS, Microsoft Azure, and Google Cloud? Yes. Major cloud providers offering services within the European Union are expected to comply with applicable requirements. Does the regulation require organizations to move data? No. It provides greater flexibility for organizations that choose to switch providers or share data under covered circumstances. Why is the EU Data Act important? The regulation supports greater competition, improved interoperability, and increased control over data generated by products and digital services. For many enterprises, it also reinforces the importance of designing infrastructure around portability and long-term flexibility rather than proprietary dependencies. Conclusion The EU Data Act represents a significant step toward making Europe’s digital economy more open, interoperable, and competitive. By improving access to data, reducing barriers to cloud switching, and encouraging interoperability, the regulation gives organizations greater flexibility in how they manage and use their information. For enterprise IT teams, the regulation is also a reminder that infrastructure decisions increasingly extend beyond performance and capacity. As organizations expand across hybrid environments, adopt AI workloads, and modernize data platforms, portability, interoperability, and architectural flexibility are becoming important design considerations alongside security, resilience, and operational efficiency. Further Reading Data Privacy Regulations HIPAA Compliant Storage for Healthcare Data Data Encryption: Guide for Compliance and IT Leaders Data Sovereignty vs Public Cloud: Making the Right Choice NIS2: The EU Cybersecurity Directive Explained Zero Trust Architecture: Complete Enterprise Implementation Guide FIPS Compliance Guide for Secure Storage
