Regulation & Policy

EU Data Act Promises Fairer Access to Data—and a Boost for Startups

Wednesday, 12 November 2025 12:02PM UTC

The EU Data Act, set to take effect on 12 September 2025, introduces a sweeping framework to govern access to and use of non-personal data across member states. Designed to unlock value from the data economy, the regulation is expected to benefit startups and SMEs by levelling the playing field and curbing unfair practices by dominant firms.

Focusing on machine-generated data—such as logs from connected devices—the Act clarifies who can access such information, how it can be shared, and what rights users and businesses have. It complements existing legislation, including the GDPR and the Data Governance Act, by targeting non-personal data and enhancing data portability and transparency across sectors.

For entrepreneurs, the shift is significant. Manufacturers of connected products must now grant access to their data not only to users but also to authorised third parties. This change is designed to reduce barriers for smaller firms and spark new collaborations across industries—particularly in AI, IoT and digital services—where access to high-quality data can be the foundation for innovation.

Transparency and fairness are central to the legislation. Companies must clearly explain their data collection, usage and sharing practices, while unfair contractual terms in data-sharing agreements are prohibited. Cloud providers also face tougher requirements, including improved data portability and clear disclosures on how data is stored and secured, aimed at reducing vendor lock-in and encouraging interoperability.

These changes are particularly relevant in sectors such as financial services, where access to clean, interoperable data has long been hampered by contractual and technical barriers. Under the Act, national regulators will monitor compliance and may impose penalties of up to 4% of annual turnover for infringements—underscoring the seriousness of the reform.

Startups and SMEs looking to seize the opportunity should begin by reviewing their data practices. This includes auditing data flows, updating contracts, improving governance, and training staff on compliance. Legal advice from specialists in EU data law is highly recommended to navigate the interplay between this Act, GDPR and other regulations.

Beyond compliance, the EU Data Act offers a route to long-term advantage. Businesses that adopt its principles early stand to strengthen their market position, attract investment and build trust with customers and partners. For the UK—though outside the EU—the regulation still matters, given the international nature of digital services and data infrastructure.

Far from being just another regulatory hurdle, the EU Data Act marks a strategic shift in how data is valued, shared and protected. For agile startups and scale-ups, it could be the key to unlocking new markets and partnerships in an increasingly data-driven economy.

Created by Amplify: AI-augmented, human-curated content.

More on this

https://epodcastnetwork.com/the-eu-data-act-explained-what-entrepreneurs-and-startups-need-to-know/ - Please view link - unable to able to access data
https://digital-strategy.ec.europa.eu/en/policies/data-act-explained - The European Data Act, effective from 12 September 2025, aims to create a unified framework for data sharing across the EU, ensuring equitable access for businesses, consumers, and public bodies. It governs who can access data generated by connected products and services, how data can be shared between organisations, and the rights of consumers and businesses to use and control their data. This regulation complements the EU's broader digital strategy, building on existing laws like the General Data Protection Regulation (GDPR) and the Data Governance Act.
https://www.pwc.de/en/news/articles/eu-data-act-new-rules-for-data-access-contract-fairness-and-cloud-portability-in-the-financial-sector - The EU Data Act, applicable from 12 September 2025, introduces new rules for data access, contract fairness, and cloud portability, particularly impacting the financial sector. It aims to strengthen data portability, improve data access for businesses, and promote open and fair data ecosystems. The regulation requires businesses to review existing data-sharing contracts, eliminate restrictive clauses, and ensure clear definitions of responsibilities and data ownership. Cloud providers are also subject to new transparency requirements regarding data storage, processing, and protection.
https://www.dlapiper.com/en/us/insights/publications/2025/03/eu-data-act-update-german-draft-for-data-act-implementation-bill - As of 12 September 2025, most obligations of the EU Data Act will come into force. While directly applicable in all EU Member States, enforcement is left to the Member States. The German Federal Ministry published a draft bill for implementing the Data Act in Germany on 7 February 2025. The draft bill includes a detailed sanctions list, with fines of up to four percent of annual turnover applicable to gatekeepers receiving or requesting data under the Data Act.
https://data.europa.eu/it/news-events/news/european-data-act-developments-2024-and-its-future - The European Data Act, effective from 12 September 2025, aims to support a more competitive and innovative data economy by improving access to data in the EU market. The regulation is part of the EU's broader digital strategy and complements existing laws like the GDPR and the Data Governance Act. It introduces new rules for data access, contract fairness, and cloud portability, benefiting consumers and businesses by providing better access to data generated by connected devices and services.
https://www.mondaq.com/unitedstates/data-protection/1455022/eu-data-act-time-to-get-started-with-compliance - The EU Data Act, applicable from 12 September 2025, introduces new rules for data access, contract fairness, and cloud portability. Each EU Member State must designate competent authorities responsible for supervising and monitoring compliance with the Data Act. Penalties for infringement will be defined at the national level by each EU Member State. Businesses should prepare for compliance by reviewing data-sharing contracts, ensuring transparency in data collection and usage, and implementing data governance policies.
https://www.consilium.europa.eu/en/press/press-releases/2024/12/17/better-data-sharing-council-and-parliament-strike-deal-on-financial-reporting-requirements/pdf/ - The Council and Parliament reached a provisional agreement to simplify certain reporting requirements in the field of financial services and investment support, aiming to reduce administrative burden for authorities in the financial sector. The new regulation will simplify existing rules on data sharing between the European Supervisory Authorities (ESAs) and other financial sector authorities and limit new reporting requirements. The Joint Committee of the ESAs, along with all relevant authorities, will prepare a report on possibly setting up an integrated reporting system.

Noah Fact Check Pro

The draft above was created using the information available at the time the story first emerged. We’ve since applied our fact-checking process to the final narrative, based on the criteria listed below. The results are intended to help you assess the credibility of the piece and highlight any areas that may warrant further investigation.

Freshness check

Score: 8

Notes: The EU Data Act was adopted on 27 November 2023 and became applicable on 12 September 2025. ([consilium.europa.eu](https://www.consilium.europa.eu/en/press/press-releases/2023/11/27/data-act-council-adopts-new-law-on-fair-access-to-and-use-of-data/pdf?utm_source=openai)) The article was published on 11 November 2025, making it a timely discussion of the Act's implications for entrepreneurs and startups. However, the article's URL suggests it may be a republished press release, which typically warrants a high freshness score. Further investigation is needed to confirm the originality of the content.

Quotes check

Score: 7

Notes: The article includes direct quotes attributed to unnamed sources. A search for these quotes did not yield any exact matches, suggesting they may be original. However, without confirmation from external sources, the originality of these quotes remains uncertain.

Source reliability

Score: 5

Notes: The article is hosted on the ePodcast Network website, which is not widely recognised as a reputable news outlet. This raises questions about the reliability of the source. Additionally, the article's URL suggests it may be a republished press release, which typically warrants a high freshness score. Further investigation is needed to confirm the originality of the content.

Plausibility check

Score: 9

Notes: The article accurately describes the EU Data Act's objectives and provisions, aligning with information from official EU sources. The claims made are plausible and consistent with the Act's known details. However, the lack of external citations or references to reputable sources diminishes the article's credibility.

Overall assessment

Verdict (FAIL, OPEN, PASS): OPEN

Confidence (LOW, MEDIUM, HIGH): MEDIUM

Summary: The article provides a timely and plausible overview of the EU Data Act's implications for entrepreneurs and startups. However, the lack of external citations, reliance on unnamed sources, and the questionable reliability of the hosting website raise concerns about the content's credibility. Further verification is needed to assess the originality and accuracy of the information presented.

EU Data Act
Digital Economy
Startups
Data Regulation
SMEs