14.03.2022 | KPMG Law Insights

The EU Data Act – Promising Approach or Further Obstacles?

The new EU Data Act is just around the corner. Promising approach or further impediments? We have already had a look at the design.

The regulation of digitization and data use is gaining new momentum. On February 23, 2022, the European Commission is expected to present the final draft of the Data Act, also known as the “Regulation of the European Parliament and of the Council on ensuring fairness in the allocation of value across the data economy” (“Data Act”).
We have already taken a look at the draft, which has not been officially published.

The Data Act is one of the European Commission’s many legislative initiatives as part of its data strategy aimed at improving fair access to and use of data. In this way, the European single market for data is to be strengthened across all sectors. Unlike the GDPR, the focus here is not on personal data, but on data in the true sense and thus on all digital representations of actions, facts or information.

The addressees are all companies active in the EU that collect data, process it, use it in their products or offer related services. This means that almost all companies that use data in some way for business purposes fall within its scope. Only micro and small enterprises are explicitly excluded.
Here are the main points:

  • Data Access By Default: Products and services must be designed to provide users with easy access to the data generated by their use.
  • Right of access to data: Companies are obliged to provide “users” (individuals or organizations) with access to the data they have helped to create. The idea is to provide access “in real time” and free of charge.
  • Improved interoperability: Users should be able to switch between different providers easily and free of charge.
  • Gatekeepers: So-called gatekeepers (providers of large online platforms) may not ask users to share their data with or receive data from gatekeepers. The term gatekeeper is defined in this context by the separate Digital Markets Act.
  • Sanctions: Enforcement of the Data Act is the responsibility of the authorities of the member states. In this context, violations are to be sanctioned, with any sanction requirements to be determined by the member states at the national level. It is expected, however, that the data protection authorities will also be able to impose sanctions for certain violations in accordance with the fine provisions of the GDPR.



The target direction is correct. To boost the data economy in Europe, it is essential that the commercial use of machine data is opened up to the market and accompanied by clear rules. The approaches to create a certain interoperability is also very useful. However, many practical aspects are open.

The obligation to share self-generated data is a clear encroachment on contractual freedom. A close examination of proportionality is appropriate here. It should also be borne in mind that such a sharing obligation naturally lowers the willingness to invest in generating high-quality data.

High-value data are valuable trade secrets in many areas, and the draft so far contains only rudimentary approaches to protection. Although shared data may not be used for the development of competing products, it is also unclear how compliance with this obligation is to be ensured.

It remains exciting to see what content will ultimately make it into the release in just under two weeks. One thing is certain: the Data Act will result in numerous obligations for digital companies and will require extensive process adjustments in the long term.

Explore #more

27.05.2024 | KPMG Law Insights

Agreement on ecodesign regulation: products to become more sustainable

After lengthy negotiations, the Council and Parliament of the European Union reached a provisional agreement on the Ecodesign Regulation on the night of December 5,…

22.05.2024 | KPMG Law Insights

The AI Act is coming: EU wants to get a grip on AI risks

For many people, artificial intelligence (AI) is the great hope for business, healthcare and science. But there are also plenty of critics who fear the…

17.05.2024 | KPMG Law Insights

Podcast series “KPMG Law on air”: When the family business is to be sold

Around 38,000 family businesses are currently handed over each year. In most cases, the change of ownership takes place within the family. But more and…

03.05.2024 | KPMG Law Insights

Doubts about inability to work? What employers can do

The certificate of incapacity for work (AU certificate) serves as proof of incapacity for work due to illness. However, only if the certificate meets certain…

27.03.2024 | KPMG Law Insights

EU Buildings Directive: life cycle greenhouse potential becomes relevant

On March 12, 2024, the EU Parliament approved the amendment to the EU Buildings Directive. The directive obliges member states and, indirectly, building owners and…

19.03.2024 | Business Performance & Resilience, KPMG Law Insights

CSDDD: Provisional agreement on the EU Supply Chain Directive

The EU member states agreed on the CSDDD, the EU Supply Chain Directive, on March 15, 2024. Germany abstained from the vote. Negotiators from the…

21.02.2024 | KPMG Law Insights, KPMG Law Insights

The Digital Services Act – what does it mean for companies?

The Digital Services Act (DSA) is a key component of the EU’s digital strategy and came into force on November 16, 2022. As a regulation,…

15.02.2024 | KPMG Law Insights

Data compliance management: How to implement it in practice

Part 3 of the article series “Professional tips for data compliance management”   The third part of this series of articles deals with data compliance

14.02.2024 | Business Performance & Resilience, PR Publications

Guest article in ZURe: Monitoring the implementation of the LkSG

The current issue of ZURe (p. 20 ff.) contains a guest article by KPMG Law Partner Thomas Uhlig (Head of General Business and Commercial Law),…

09.02.2024 | KPMG Law Insights

Podcast series “KPMG Law on air”: The employment law function

In almost all German companies, the employment law function is located in the HR department and not in the legal department. One of the reasons…


Francois Heynike, LL.M. (Stellenbosch)

Head of Technology Law

THE SQUAIRE Am Flughafen
60549 Frankfurt am Main

tel: +49-69-951195770

© 2024 KPMG Law Rechtsanwaltsgesellschaft mbH, associated with KPMG AG Wirtschaftsprüfungsgesellschaft, a public limited company under German law and a member of the global KPMG organisation of independent member firms affiliated with KPMG International Limited, a Private English Company Limited by Guarantee. All rights reserved. For more details on the structure of KPMG’s global organisation, please visit

 KPMG International does not provide services to clients. No member firm is authorised to bind or contract KPMG International or any other member firm to any third party, just as KPMG International is not authorised to bind or contract any other member firm.