The EU Data Act: From Obligation to Advantage with GLBNXT
The Data Act as a driver of innovation and compliance.
The EU Data Act: From Obligation to Advantage with GLBNXT
The European Data Act (also known as the Data Regulation) entered into force on September 12, 2025. This new legislation aims to give companies, citizens, and governments more opportunities to use and share data that was previously often accessible only to the manufacturer or service provider. In practice, the Data Act promises to strengthen the European data economy and facilitate data-driven innovation by significantly increasing the availability and reuse of data. For organizations that work intensively with data such as large enterprises with sensitive customer information, substantial intellectual property (IP), and strict compliance requirements this law brings both opportunities and obligations. In this blog, we explain what the Data Act entails, why it is relevant for GLBNXT customers, and how GLBNXT’s open-source strategy seamlessly aligns with the obligations of the Data Act.
What is the EU Data Act?
The EU Data Act is a broad European regulation covering both personal and non-personal data. Its core principle is to make data more fairly accessible and to increase control for the actual users (consumers and businesses) who generate the data. Concretely, the law requires, among other things, that manufacturers of connected devices (Internet of Things, IoT) provide users with access to the data generated by these devices and allow them to freely share this data with third parties.
The underlying idea is simple: when you, as a user, generate data with a product, you should be the one to benefit from it instead of this data being locked away exclusively in the manufacturer’s silos.
Additionally, the Data Act introduces several important obligations to make the data market fairer and more competitive:
Data sharing in understandable form: On request, users must be provided with their data in a commonly used, machine-readable format, and free of charge. This ensures there are no technical or financial barriers preventing users from accessing “their” data.
Improved cloud portability: Customers must be able to switch quickly and easily between cloud service providers without obstacles. The Data Act aims for “free, fast and fluid” switching introducing new interoperability requirements and banning switching fees after a transitional period. This prevents companies from being trapped in vendor lock-in with a single cloud provider.
No unfair contracts: Contractual terms that unreasonably restrict data sharing are prohibited. Stronger market players may not abuse their power to impose unfair conditions on smaller parties regarding data access or usage.
Government access in emergencies: Public authorities will be granted access to private data under strict conditions if needed to respond to emergencies (such as a natural disaster or cyberattack). This means that companies must be able to provide data in exceptional cases for the public good.
Protection against foreign access: At the same time, the Data Act introduces safeguards to prevent unauthorized authorities from third countries from accessing European data. This focus on European data sovereignty reflects the ambition to keep data within EU jurisdiction and minimize risks of interference by U.S. or Chinese governments.
In short, the Data Act is a major legislative step toward a fairer, more open data economy in Europe. Product users gain control over generated data, and data services must become more interoperable. For organizations, this means not only new compliance requirements but also opportunities to benefit from data-driven innovation in a level playing field.
Impact on Data-Driven Organizations
GLBNXT focuses on clients, often large organizations, for whom data is a critical asset. Think of financial institutions, healthcare organizations, technology companies, and manufacturers that deal with massive datasets from consumers while also protecting vital trade secrets or intellectual property. In such environments, data privacy and regulation already play a major role (e.g., GDPR, sector-specific laws). The Data Act now adds an extra layer of obligations.
For these organizations, the Data Act introduces clear challenges:
Conditions for data sharing: Companies delivering smart or connected products must grant users direct access to the data those products generate. A manufacturer of a connected vehicle or IoT medical device, for example, must implement technical and organizational measures to securely provide real-time data access to the customer. This requires investment in data architecture and APIs, forcing companies to carefully consider which data is made available and how.
Protection of trade secrets: Many GLBNXT clients hold vast amounts of proprietary knowledge and IP in their data. Here lies a potential tension: the Data Act (Article 4) requires sharing of certain data, even when it might involve trade secrets. Critics argue that mandatory disclosure of sensitive data could undermine innovation and competitiveness, since a trade secret loses value once shared. Organizations must balance compliance with protecting their know-how.
Cloud strategy and vendor lock-in: Many data-intensive businesses use cloud platforms to store and process data. The Data Act forces them to rethink cloud exit strategies. Switching between providers must be seamless, without lengthy migrations or penalties. This makes open standards and portable solutions more strategically important than ever.
Increased compliance complexity: Beyond existing privacy laws (such as GDPR), there are now new rules for data access and sharing. Organizations will need to review contracts, processes, and IT systems. For example, contracts with customers and partners may need to be updated to reflect the fair-use provisions of the Data Act (e.g., clauses about data ownership or third-party data usage). Cybersecurity safeguards must also be in place to ensure that mandatory data exchanges happen securely.
Despite these challenges, the Data Act also brings opportunities. Organizations will gain easier access to third-party or device-generated data, enabling new insights and services. An industrial machine user may, for instance, use generated sensor data to optimize operations, data that previously remained locked with the manufacturer. Likewise, a consumer can share car data with an independent garage for better service. For GLBNXT clients, often data and AI frontrunners, early adoption of these developments can offer a competitive edge. Those who invest in both compliance and innovation today will reap the benefits of a more open data market tomorrow.
GLBNXT’s Open-Source Strategy as a Solution
Fortunately, GLBNXT’s platform and proposition align perfectly with the Data Act’s core principles. From the outset, GLBNXT has been designed with openness, sovereignty, and compliance in mind, values now explicitly mandated by the Data Act. Key aspects include:
Built on open standards, powered by open source: GLBNXT is entirely built on best-in-class open-source technologies, made enterprise-ready yet remaining fully under client control. There is no vendor lock-in, no hidden layers, only open innovation at scale. This ensures that data stored or processed in GLBNXT is never locked into proprietary formats or platforms. Clients can migrate or integrate their data and models at any time. This approach aligns directly with the Data Act’s requirement that customers must be able to switch providers without restrictions. With interoperability “by design,” data exchange or workload migration becomes effortless, exactly what legislators intended.
Data sovereignty and EU compliance: GLBNXT is an EU-based and EU-operated platform. All data hosted or processed remains stored within Europe. This not only supports GDPR compliance but also matches the Data Act’s emphasis on European data sovereignty. Operating under European law ensures that clients are protected against unauthorized access demands from foreign governments. Compliance with GDPR and other EU regulations is inherent to the platform, privacy by design is built in, with strong encryption and advanced access controls. This simplifies meeting the Data Act’s security and privacy requirements.
Infrastructure flexibility: GLBNXT offers deployment flexibility. Clients can choose to run GLBNXT on fully managed EU-based cloud infrastructure, or in their own data center or private cloud. The latter is essential for organizations with highly sensitive data or strict governance requirements. It allows them to benefit from GLBNXT functionality in their trusted environment while maintaining maximum control. In the context of the Data Act, this ensures that if data must be shared with third parties, it can be done from a sovereign environment, under the client’s terms. Importantly, GLBNXT never exploits client data for hidden purposes such as training third-party AI models. Full transparency and control remain with the user.
Integration and data exchange: GLBNXT supports seamless connections with many applications and data tools. Whether it’s CRM systems, analytics platforms, or IoT sensors, GLBNXT orchestrates workflows across them. This makes it easier to comply with data-sharing requests in usable formats, as required by the Data Act. With open APIs and connectors, data flows securely where needed, avoiding manual export/import complexity. Machine-readable formats are inherent to GLBNXT’s open standards approach.
Open source as a compliance catalyst: Experts increasingly recommend open source and standardization as keys to Data Act compliance and innovation. GLBNXT embodies this philosophy. By leveraging open-source components, clients benefit from a robust ecosystem of proven tools that continually improve. This community-driven model reduces vendor dependency and accelerates adoption of new interoperability standards. Compliance thus becomes not a burden, but a driver of innovation.
Conclusion: From Obligation to Opportunity
The EU Data Act marks a new phase in Europe’s digital landscape. Organizations will need to take concrete steps to comply, from opening up data silos to revising cloud strategies. Yet with the right partner and technology, compliance is not only achievable, it can become a competitive advantage. Companies that embrace open standards and collaboration will position themselves as leaders in the data economy, achieving new efficiency and transparency while others remain stuck in closed legacy systems.
GLBNXT strongly believes that compliance and innovation can go hand in hand. Our open-source, sovereign AI and data platform is designed to help you meet both the letter and spirit of the Data Act without sacrificing performance or agility. On the contrary, by embracing the Data Act and investing in a modern data environment, your organization will be ready for a future where data sharing, trust, and value creation are central.
With GLBNXT at your side, the Data Act is not a hurdle but an opportunity: a chance to recalibrate your data strategy, leave vendor lock-in behind, and participate in a fairer, more open digital ecosystem. You will not only check the compliance boxes but also unlock real business value from this new legislation. In short: GLBNXT’s open-source approach fits perfectly with the obligations of the Data Act and helps your organization turn those obligations into sustainable progress.
Sources: The information in this article is based on the EU Data Act regulation and market insights, including official EU documentation and expert analyses. GLBNXT’s own product information was used to illustrate how its strategy connects with the Data Act. These sources highlight how an open, transparent data architecture can help companies remain compliant while thriving in the era of the Data Act.
Data Act: eerlijke toegang tot gegevens voor burgers, bedrijven en overheden | Ondernemersplein
https://ondernemersplein.overheid.nl/data-act/
As the Data Act becomes applicable, what do you need to know?, Laura Houston, Bryony Bacon
What the EU Data Act means for logistics, data sharing, and open source innovation | Open Logistics Foundation
Data Act | Shaping Europe’s digital future
https://digital-strategy.ec.europa.eu/en/policies/data-act
EU Data Act: Streamlined Data Laws Can Help Boost Europe’s AI and Digital Leadership - Cisco Blogs
https://blogs.cisco.com/gov/eu-data-act-europe-ai
GLBNXT - From concept to scale without complexity
Discover how GLBNXT can transform your healthcare operations. Visit www.glbnxt.com to learn more.
© 2025 GLBNXT B.V. All rights reserved. Unauthorized use or duplication prohibited.
