Adopted on 23 February 2022, EU Regulation 2032/2854, known as the Data Act, sets out a clear framework for accessing, sharing and using data generated by connected objects and related digital services. The regulation came into force on 11 January 2024 and will apply from 12 September 2025.
Data is part of the European data strategy, which aims to provide better access to data and a framework for its use.
to create value for the economy and society.
The text makes it easier for businesses and consumers to access and use data, while guaranteeing fair competition and protecting
the interests of stakeholders. In particular, the new rules will have an impact on the cloud market.
| THE PILLARS | CLARIFICATION |
|---|---|
| Fair distribution of the value derived from data | The aim is to achieve a better distribution of the value generated by the use of data between players in the data economy. This involves in particular to facilitate the sharing of the data generated between companies and with consumers by setting an obligation to make accessible the data generated by the use of connected targets and related services by fair and equitable compensation. |
| Removing barriers to competition in the cloud market | The Data Act eliminates the technical and financial obstacles imposed by the dominant cloud providers. Exit fees and the costs associated with changing service provider are prohibited, thus facilitating portability and the development of new services. data interoperability. Customers will be able to migrate their data and applications to competing services without incurring financial charges for these transfer operations. |
| Controlling cross-border flows | The Data Act strengthens European data protection vis-à-vis the authorities foreign. In addition to the RGPD, which already imposed legal guarantees for any transfer of data outside the European Union, this new legislation extends protection mechanisms. Data generated by connected objects and other services must not be exposed to risks third country governmental access. |
The Data Act requires a major technical transformation of our information systems.
Fluid interoperability, secure APIs and orchestration of data sharing are becoming strategic. At the same time, the protection of data flows is emerging as a fundamental requirement, necessitating advanced encryption of transmissions, strengthened authentication mechanisms and tamper-proof logging of access to guarantee compliance and trust in this extended exchange ecosystem.
The SREN Act anticipates several provisions of the Data Act, particularly in the area of cloud computing. This national anticipation allows French players to adapt
gradually to the forthcoming European regulatory framework. From 12 January 2027,
the application of the SREN Act will come to an end with regard to transfer fees. The Data Act
will replace the corresponding provisions, creating a harmonised legal framework for
at European level for data governance.