Industry reacts as EU Data Act comes into force

Author: Joe Peck

The EU Data Act officially comes into effect today, ushering in a new regulatory framework that aims to give users greater rights over their data while imposing fresh obligations on businesses around access, sharing, and cloud portability.

The legislation seeks to improve transparency, promote fair competition, and create a more open data economy across Europe. However, industry reactions remain mixed, with some hailing the Act as a positive step forward and others warning of challenges with its implementation.

A call for resilience and flexibility

Tim Pfaelzer, Senior Vice President and General Manager EMEA at Veeam, says the Act arrives at a critical moment for organisations already navigating complex hybrid environments:

“Many organisations have embraced hybrid models for their flexibility, but often at the expense of data portability.

“The Act highlights why flexibility must be embedded into operations from the ground up. Proactive action now will not only support compliance, but also become a competitive advantage as data sovereignty and portability grow increasingly central to digital operations.”

An opportunity for trust and openness

Juliet Bramwell, Vice President EMEA at Glean, emphasises the Act’s potential to rebalance the data economy:

“By giving users greater access to their own data and removing barriers to switching providers, the Act shifts power back to businesses and consumers.

“Data sovereignty and interoperability are no longer optional; companies that embrace these principles will be better placed to innovate responsibly and build long-term trust in AI and cloud ecosystems.”

Concerns around ambiguity and burden

Adam Blake, CEO of ThreatSpike, welcomes the Act’s intent, but voices concern over its clarity and impact on smaller firms:

“The language on forced data sharing is far too ambiguous and could end up weakening security.

“Larger enterprises may have the resources to adapt, but for SMEs, redesigning products and meeting compliance demands could become a serious bottleneck.

“Five years after GDPR, many businesses are still failing to comply [and] I fear this law could face the same fate.”

Balancing ambition with practicality

With the EU Data Act now in force, businesses across Europe will need to assess their compliance strategies, data management policies, and technical architectures to align with the new requirements.

While many see it as an opportunity to improve trust and flexibility, others warn of potential risks and burdens.

How effectively the Act is enforced – and how businesses adapt – will determine whether it becomes a cornerstone of Europe’s digital transformation, or another layer of complex regulation.