The European Union continues to lead the world in digital regulation with the Data Act, which becomes fully applicable on September 12, 2025. This comprehensive regulation fundamentally changes how cloud providers must handle customer data, introducing unprecedented rights for data portability and interoperability that will reshape the cloud services landscape across Europe.
What is the EU Data Act?
The EU Data Act (Regulation 2023/2854) is a horizontal piece of legislation that establishes harmonized rules on fair access to and use of data. While it covers many aspects of data sharing across various sectors, its provisions regarding cloud services are particularly significant for anyone using or providing cloud infrastructure in Europe.
The primary goals of the Data Act include:
- Enabling cloud switching: Making it easier for users to switch between cloud providers without losing data or functionality
- Preventing vendor lock-in: Requiring providers to remove technical, contractual, and commercial obstacles to switching
- Promoting interoperability: Establishing common standards for data portability across cloud services
- Protecting against unlawful data access: Setting rules for international data transfers and government access requests
The EU Data Act becomes fully applicable on September 12, 2025. All cloud service providers operating in the EU must comply by this date or face significant penalties.
New Rights for Cloud Customers
The Data Act introduces several important rights for cloud service customers, whether businesses or individuals. These rights represent a significant shift in the balance of power between cloud providers and their users.
Right to Data Portability
Under the new regulation, cloud customers have the right to export all their data in a structured, commonly used, and machine-readable format. This goes beyond simple file downloads - it includes application data, configurations, and metadata that would be necessary to migrate to another provider.
Right to Functional Equivalence
Cloud providers must ensure that when customers switch, they can achieve functional equivalence with their new provider. This means the data must be usable, not just accessible. Providers cannot deliberately degrade data quality during export.
Protection Against Lock-in Practices
The Act prohibits practices that artificially create switching costs. This includes:
- Excessive data egress fees beyond actual cost
- Proprietary data formats that hinder portability
- Contractual clauses that penalize switching
- Technical barriers to data extraction
Impact on Major Cloud Providers
The Data Act will significantly impact how major cloud providers operate in the European market. While hyperscalers like AWS, Google Cloud, and Microsoft Azure must adapt their practices, European cloud providers are generally better positioned to comply.
| Requirement | US Hyperscalers | European Providers |
|---|---|---|
| Data Portability | Major changes needed | Often already supported |
| Egress Fee Elimination | Significant revenue impact | Usually lower or no fees |
| Open Standards | Requires ecosystem changes | Often built on open source |
| Third-country Data Access | Complex legal challenges | Full EU jurisdiction |
Why European Cloud Providers Have an Advantage
European cloud providers like Hetzner, OVHcloud, Scaleway, and Infomaniak are well-positioned to benefit from the Data Act. Many of these providers have already adopted practices that align with the regulation's requirements.
Key advantages include:
- Transparent pricing: European providers typically have clear, competitive pricing without hidden egress fees
- Open standards: Many European cloud services are built on open-source technologies like Nextcloud and support open data formats
- Data sovereignty: Data stored with European providers stays under EU jurisdiction, simplifying compliance
- No third-country access conflicts: European providers are not subject to laws like the US CLOUD Act
When evaluating cloud providers for Data Act compliance, check whether they offer data export tools, support open standards like S3-compatible storage, and have transparent pricing without egress fees.
The End of Excessive Egress Fees
One of the most significant changes introduced by the Data Act is the requirement to eliminate switching-related charges. Cloud providers must gradually reduce and eventually eliminate egress fees for customers who are switching providers.
The timeline for egress fee elimination is as follows:
- September 2025: Providers must not charge more than the direct cost of data transfer
- January 2027: All switching-related charges must be eliminated entirely
This change alone could save businesses significant amounts. Major US cloud providers have historically charged substantial egress fees, sometimes making it prohibitively expensive to migrate large datasets to competing services.
Interoperability Requirements
The Data Act mandates that cloud service providers work toward interoperability through open standards. The European Commission is empowered to adopt implementing acts that specify technical requirements for interoperability in specific service categories.
This push for interoperability benefits users of European cloud services, which often already support:
- S3-compatible object storage APIs
- OpenStack for infrastructure management
- Kubernetes for container orchestration
- Standard protocols like WebDAV, IMAP, and CalDAV
Preparing Your Business for the Data Act
Organizations should start preparing now for the Data Act's requirements. Here are key steps to take:
Audit Your Current Cloud Usage
Document all cloud services you currently use, including data stored, formats used, and any dependencies on proprietary features or APIs.
Evaluate Portability Options
Test your ability to export data from current providers. Identify any data that would be difficult to migrate and plan accordingly.
Consider European Alternatives
Now is an excellent time to evaluate European cloud providers. Services like Hetzner Cloud for infrastructure, Nextcloud for collaboration, and Tresorit for secure storage offer compelling alternatives with strong Data Act compliance.
Review Contracts
Examine your cloud service agreements for any clauses that might conflict with Data Act requirements. Providers must update their contracts to comply with the regulation.
Enforcement and Penalties
EU Member States are responsible for enforcing the Data Act and must designate competent authorities by September 2025. Penalties for non-compliance can be significant, though specific fine amounts are determined at the national level.
The regulation empowers authorities to:
- Investigate compliance complaints
- Require providers to modify practices
- Impose fines for violations
- Order data access or portability measures
Looking Ahead: A More Open Cloud Market
The EU Data Act represents a fundamental shift toward a more open, competitive cloud market in Europe. By removing barriers to switching and mandating interoperability, the regulation empowers users to choose cloud services based on quality and value rather than lock-in effects.
For European cloud providers, this presents a significant opportunity. Their inherent advantages in compliance, transparency, and data sovereignty position them well to attract customers who value these qualities. Combined with competitive pricing and strong technical capabilities, European cloud services are becoming increasingly attractive alternatives to US hyperscalers.
Browse our cloud computing directory to find European providers that offer Data Act-ready services with transparent pricing and full GDPR compliance.