We look beyond the Data Act headlines to explore the less prominent but critical questions of competition law and contractual practice that will shape the new data economy.
While much of the discussion around the EU Data Act has focused on high-profile topics, the true complexities for businesses lie in the details. We delve into the ambiguities of FRAND compensation, the challenges of mandatory contract adaptations under the new fairness test, and the strategic use of Model Contractual Terms.
This analysis complements our deeper dives into specific areas of the Data Act, including the new Cloud switching provisions, the role of Standard Contractual Clauses in switching, and the crucial nuances of trade secrets in the context of the Data Act. View the complete edition here.
The Data Act – the complexities
Mostly applicable from 12 September 2025, the EU Data Act (Regulation (EU) 2023/2854), is a paradigm shift in Europe's digital economy. Its core objective is to redefine data governance, moving from a model of data control by manufacturers to one of data access and portability for users. This ambitious legislation aims to unlock the vast economic potential held within industrial data, particularly from Internet of Things (IoT) devices, fostering a more competitive and innovative data market.
However, beneath its promising surface, the Data Act presents significant legal complexities and unresolved questions that require careful navigation. Substantial friction appears to be emerging due to the fact that adjacent laws – such as competition or civil law – were not discussed during the legislative process. Here we look at some of the most notable tensions between the Data Act and competition law and, most importantly, for contractual practices.
Reshaping competition: a double-edged sword
The Data Act is explicitly designed as a pro-competitive tool, seeking to break down data silos and invigorate competition in aftermarket services such as repair and maintenance. It creates a direct right of access, potentially circumventing the notoriously high threshold of the "essential facilities" doctrine under Article 102 TFEU although recent ECJ jurisprudence suggests this threshold may be lowered.
However, the Regulation contains several provisions that could have anti-competitive effects. A key example is the prohibition on using accessed data to develop a "competing product" (Article 6(2)(e)). The Act fails to define this term, creating a significant grey area that incumbent manufacturers could exploit to suppress innovation.
Further tension arises from the rules on compensation. Data holders can charge "fair, reasonable and non-discriminatory" (FRAND) compensation for making data available. As decades of litigation over standard-essential patents (SEPs) (a topic shaped by landmark CJEU rulings like Huawei v. ZTE and extensively documented in academic literature and studies for the European Commission) have shown, the interpretation of FRAND is highly contentious. An attempt by the EU Commission to regulate SEPs was ultimately withdrawn, leaving the resolution of these complex disputes to the courts. This precedent from the patent world suggests that without clear guidance, the FRAND requirement in the Data Act could become a significant source of litigation, potentially blocking data access, particularly for SMEs. Acknowledging this risk, the Data Act itself, in both Recital 42 and Article 9(5), tasks the European Commission with developing non-binding guidelines on the calculation of 'reasonable compensation'. Until these guidelines are published and prove effective in the market, however, the potential for protracted disputes over data valuation remains high.
The new era of contract drafting: fairness tests and strategic use of model terms
The Data Act elevates contract law to a central position in data governance, mandating largescale adaptation of existing agreements. Two key provisions drive this shift: the establishment of mandatory user rights and a new fairness test for B2B contracts. Insights from recent expert discussions, such as the AgriData-Observatory conference on 15 September 2025, highlight the practical implications.
Mandatory Rights and the ticking time bomb of Article 13
Article 7 of the Data Act renders any contractual term that excludes or negatively alters the user rights under Chapter II (data access and sharing) non-binding. This firmly establishes the primacy of the Data Act over the freedom to contract. The most significant challenge for businesses lies in Article 13. This introduces a fairness test for a wide range of B2B data-related contract clauses that are "unilaterally imposed". Crucially, its scope is not limited to IoT data or the specific access rights of Chapters II and III. Legal analysis strongly suggests that Article 13 applies horizontally to any B2B contract with a data-related element, even if data is only a marginal aspect of the agreement.
This creates a massive compliance challenge as it potentially brings countless traditional commercial contracts - from machinery sales to maintenance agreements - into the regulatory ambit of the Data Act. The complexity is heightened by the transitional provisions in Article 50. While Chapter IV (containing Article 13) applies to contracts concluded after 12 September 2025, it lacks a comprehensive grandfathering clause for existing agreements. Instead, from 12 September 2027, Article 13 will also apply to contracts concluded on or before 12 September 2025, if they are of indefinite duration or are due to expire at least ten years from 11 January 2024. This means a vast number of long-term B2B contracts must be reviewed and potentially renegotiated to align with the fairness test of Article 13, imposing a substantial retroactive compliance burden.
The strategic role of Model Contractual Terms (MCTs)
To facilitate this transition, both the EU and national bodies have developed Model Contractual Terms (see here for more). An EU expert group has created comprehensive, sector-agnostic MCTs that provide a foundational framework. These serve to translate the legal duties of the Data Act into contractual language, addressing data scope, FRAND compensation, and liability (see here for more).
However, as discussions at the AgriData-Observatory conference highlighted, sector-specific terms, such as the model terms from the German Ministry of Agriculture (BMEL), often offer greater practical value as they are tailored to the specific needs of an industry. The most effective strategy for businesses will likely be to use the EU MCTs as a foundation and supplement them with specific, practical clauses from sector-specific models like the BMEL's to create contracts that are both compliant and balanced.
Continuity of data rights: deploying a contractual 'hinge'
A critical practical challenge is ensuring the continuity of data rights when a connected product is sold. The legal principle of privity of contract means an agreement between a manufacturer and the first owner does not automatically bind the second owner. To solve this, a 'hinge' mechanism, as proposed in both the EU and BMEL model terms, is a viable strategy. The initial user is contractually obligated to pass on the data use agreement to subsequent users and secure their consent, ensuring a continuous and compliant data chain. However, this solution has important caveats: it must not deviate from the mandatory user rights of Chapter II to the user's detriment. Any such agreement must fully uphold the rights of data access (Article 4), data sharing (Article 5), and comply with the fairness tests under Article 13 and national law.
Strategic outlook
The EU Data Act represents transformative legislation with notable complexities. The tensions with competition principles and the demanding requirements for contract drafting present significant operational and strategic challenges.
For businesses, reactive compliance will not be enough. A proactive approach is essential, focusing on developing robust, forward-thinking contractual architectures and rigorous risk assessments. Leveraging the available MCTs - using the EU's as a base and sector-specific ones for tailored solutions - will be key.
The uncharted territory of the Data Act will be navigated through future regulatory guidance and court rulings. The businesses that successfully anticipate and manage these contractual complexities will be best positioned to unlock the immense opportunities of Europe's new data economy.
