EU Data Act operational impacts: Introducing the Data Act
Contributors:
Giorgia Vulcano
AIGP, CIPP/E, CIPT
Legal and Corporate Affairs- Senior Manager
AB inBev
Editor's note: The IAPP is policy neutral. We publish contributed opinion and analysis pieces to enable our members to hear a broad spectrum of views in our domains.
This is the first article in a five-part series on the EU Data Act. The second article, "EU Data Act operational impacts: The Data Act's interplay within the EU digital rulebook," dives into the roles and requirements under the Act. The third article, "EU Data Act operational impacts: The Data Act as a challenge to data protection or other way around?" looks at the roles and requirements under the Act and cross-references stakeholder obligations with other laws to identify issues across the board. The fourth article, "EU Data Act operational impacts: Compliance and technical considerations of cloud switching," examines some of the compliance and technical challenges brought by the Data Act regarding cloud portability. The fifth article, "EU Data Act operational impacts: Balancing risks and opportunities" looks at the Data Act impact beyond compliance.The latest installment in Brussels' ever-growing catalogue of laws, the EU Data Act became applicable 12 Sept. 2025.
Over time, EU regulators have sharpened their focus on empowering users, anchored in a fundamental rights approach while ensuring fair market conditions. The EU General Data Protection Regulation marked a turning point, embedding human centrality in data governance and reflecting both rapid digitalization and growing awareness of individual rights. The Data Act builds on this trajectory, aiming to make more data available to individuals, businesses and the public sector while ensuring that access empowers users by giving them greater control over the data they generate.
Contributors:
Giorgia Vulcano
AIGP, CIPP/E, CIPT
Legal and Corporate Affairs- Senior Manager
AB inBev