**Questions? [[Contact us!]]** # Introduction **Purpose and scope** The [Data Governance Act](https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32022R0868 "Data Governance Act") seeks to increase trust in data sharing, strengthen mechanisms to increase data availability and overcome technical obstacles to the reuse of data. It is a key pillar of the [European strategy for data](https://digital-strategy.ec.europa.eu/en/policies/strategy-data), The public sector holds large amounts of protected data (e.g. personal data and commercially confidential data) that, in principle, cannot be reused as open data. However, a wealth of knowledge can be extracted from such data without compromising its protected nature, and the DGA therefore provides rules and safeguards to facilitate such reuse where possible under other legislation. The Data Governance Act plays a pivotal role in facilitating the establishment and growth of unified European data ecosystems across key sectors. These data spaces will involve collaboration between private and public entities and will encompass critical domains including healthcare, environmental management, energy, agriculture, transportation, finance, manufacturing, public administration, and workforce development. **Who is affected?** The regulation sets rules at different levels: in the public sector, for companies and for European citizens. This will make it easier for these parties to make their data available for general public interest, but while retaining full control over the data. The regulation also offers business opportunities for EU companies. Small and large companies can easily access data from different Member States. This will allow companies to acquire, integrate and process this data more cheaply so they can bring new services and products to the market faster. In doing so, the regulation takes into account fair competition and consumer protection. **Implementation date** The Data Governance Act entered into force on 23 June 2022 became applicable on 24 September 2023. # Definitions - [[Data holders|Data holder]] - [[Data intermediation service]] - [[Services of data cooperatives]] - [[Data altruism]] # European Data Innovation Committee Under the Data Governance Act, a European Data Innovation Committee will also be established in which all kinds of stakeholders will be represented, including industry. This Committee's tasks will include advising the European Commission and drafting guidelines, including for the envisaged European data spaces (target- or sector-specific data sharing frameworks for the development of new products and services, scientific research or civil society initiatives). The Data Governance Act, together with the expected Data Act and expected sector-specific European Acts (such as the EHDS) and the already existing open data and re-use of public sector information directive, will form the basis for the European Data Spaces. # DGA and other legislation **[[GDPR]]** Regarding the transfer of personal data, the Data Governance Act (DGA) aligns with the General Data Protection Regulation (GDPR). The recitals within the DGA explicitly state that it does not aim to impede the cross-border transfer of personal data as permitted by the GDPR. In cases of any inconsistency between the DGA and any European Union law related to personal data protection, the latter takes precedence. **[[Data Act]]** The Data Act and the Data Governance Act (DGA) are central components of the European Strategy for Data. While the DGA sets the stage for data to flow freely within the EU without mandating data sharing, the Data Act complements it by specifying who can access certain private data and under what conditions. It introduces mechanisms for individuals and businesses to have more control over data generated by IoT devices or stored in data processing services. These regulations work together to create a more open and accessible data environment while respecting privacy and data protection. # Monitoring compliance with the DGA and possible penalties In accordance with the Data Governance Act (DGA), Member States are obligated to designate competent authorities responsible for various aspects, including supporting public sector bodies in determining data access for re-use, overseeing data intermediation services, and registering data altruism organisations. These competent authorities have the responsibility to monitor and ensure compliance with the DGA's provisions that pertain to their specific areas of responsibility. To enforce compliance, these competent authorities have the authority to take specific actions, such as requesting the suspension or termination of data sharing services or removing a data altruism organisation from the national register. In cases related to data intermediation services, they can also impose significant financial penalties, including retroactive penalties, for violations of the relevant DGA provisions. Additionally, Member States are required to establish penalty frameworks for breaches of specific DGA provisions. These penalties must be fair, effective, and designed to discourage non-compliance with the law.