The European Commission’s Data Strategy 2020 has paved the way for new data access regulations that will significantly impact businesses across Europe. In this chapter, we dive into the data access rights established by the EU’s Data Act, along with two pivotal Common European Data Spaces: the European Health Data Space (EHDS) and the Financial Data Access (FIDA) framework.
These new regulations are set to affect many businesses operating in the EU market. If you offer connected products in the EU (eg smart devices) or software that connects to devices being used there and that enables the devices to perform their functions (eg certain apps), the Data Act applies to you, regardless of where your organization is based. The EHDS and FIDA introduce complex obligations for various stakeholders in the health data and financial services ecosystems.
We’ll explore the challenges and opportunities these data access regulations present for businesses and provide practical advice to help you navigate the new compliance landscape.
The primary objective of the new data access rights under the Data Act, EHDS and FIDA is to foster the development of a unified data market in the EU. This entails making all data produced in this unified data market, whether personal or non-personal, accessible to all market participants, irrespective of their size or influence, in accordance with fair, transparent, proportionate and non-discriminatory access rules. Entities and individuals possessing data, such as data generated via connected products or digital services, will be empowered to share this data for reuse, either freely or for compensation.
However, while all three laws contribute to a major shared objective, the Data Act aims to enhance data access across sectors, particularly for Internet of Things (IoT)-generated data, while the Common European Data Spaces create a framework for data sharing in key areas like health (EHDS) and finance (FIDA).
Now is the perfect time to embark on your compliance journey and get ready for the upcoming data access requirements under the Data Act, which will take effect on September 12, 2025 (though keep an eye out for certain provisions with different application dates). Recent guidance from the EU Commission has clarified some of the previously ambiguous terms in the Data Act, making practical implementation more straightforward (check out our Freshfields blog post for more insights).
The EHDS is nearing its final stages, with adoption expected in autumn or winter 2024. This gives affected stakeholders two more years to work towards compliance.
On the other hand, the FIDA is still in the early stages of its legislative journey. It’s definitely one to watch, as it holds great potential for new data business models in the financial sector – something that’s a key aspect of all the new data access regulations coming out of Brussels across various industries.
Our team
2025 Data law trends