The EU Data Act (2023/2854) came into effect on 12 September 2025.
A key pillar of the European Strategy for Data, the Data Act is designed to enhance competition in the cloud market, put the users of connected devices in control of their data, and enable public authorities to access data controlled by private companies under certain specific conditions.
With the stated goal of ‘unlocking’ the EU’s data economy, the Data Act imposes a set of wide-ranging data sharing, product design and contractual obligations on providers of data processing services. These measures are to benefit consumers of data processing services in terms of access to data generated by connected products, fairness in contracts & ease of switching, transfer of non-personal data, and interoperability.
‘Data Processing Service’ is a digital service that is provided to a customer and that enables ubiquitous and on-demand network access to a shared pool of configurable, scalable and elastic computing resources of a centralised, distributed or highly distributed nature that can be rapidly provisioned and released with minimal management effort or service provider interaction. AKA ‘cloud computing’.
‘Connected Product’ means an item that obtains, generates or collects data concerning its use or environment and that is able to communicate product data via an electronic communications service, physical connection or on-device access, and whose primary function is not the storing, processing or transmission of data on behalf of any party other than the user.
‘Switching’ means the process involving a source provider of data processing services, a customer of a data processing service and, where relevant, a destination provider of data processing services, whereby the customer of a data processing service changes from using one data processing service to using another.
‘Interoperability’ means the ability of two or more data spaces or communication networks, systems, connected products, applications, data processing services or components to exchange and use data in order to perform their functions.
Obligations presented to service providers by the Data Act include:
What are ComReg’s powers under the Data Act?
ComReg expects to be a competent authority* under the Data Act
* The full scope of ComReg’s powers as competent authority is not yet final. The Irish legislation giving effect to the EU Data Act, and confirming ComReg’s powers, is expected in 2026.
Disclaimer: All information on this page is correct as of the entry into force of the EU Data Act on 12 September 2025 and is subject to change.
We will communicate further details on ComReg’s powers before the Irish legislation comes into effect. Please check back for updates to our website.