ACM Provides Practical Guidance on the EU Data Act
- Miranda Haak
- Jun 5
- 3 min read
New Guidelines Clarify Data Sharing Obligations
On 15 May 2026, the Dutch Authority for Consumers and Markets (ACM) published a provisional version of its guidelines on the data sharing obligations set out in Chapters II and III of the EU Data Act (Regulation (EU) 2023/2854).
The ACM has been designated as the competent authority and national data coordinator for a significant part of the Data Act in the Netherlands. A final version of the guidelines is expected later in 2026, following the publication of supplementary guidance by the European Commission.
Which Organisations Are Affected?
The Data Act applies, among others, to organisations that offer connected products or related services.
Connected products are devices capable of generating, collecting or exchanging data, such as smart thermostats, modern vehicles, agricultural machinery, milking robots and industrial production equipment.
Related services are digital services linked to such products that can influence the functionality, behaviour or operation of the product. Examples include mobile applications, cloud platforms, monitoring services and machine management software.
As a result, the rules are relevant to a broad range of manufacturers, suppliers, sellers, lessors, leasing companies and providers of digital services.
Three Core Obligations
The ACM structures its guidelines around three key themes.
1. Pre-Contractual Information Obligations
Under Article 3 of the Data Act, users must be informed, before entering into a contract, about the data generated by a connected product or related service.
The ACM clarifies that this information includes, among other things:
the type of data generated;
the format in which the data is available;
the estimated volume of data generated;
how users can access or delete the data; and
the identity of the data holder.
2. Access to Data
The ACM provides extensive guidance on the Data Act's access obligations.
It distinguishes between:
direct access ("access by design"), where products are designed to allow users to retrieve data themselves; and
access upon request, where the data holder must make data available to the user.
The guidelines also provide practical explanations regarding product data, related service data, metadata, and the exceptions relating to trade secrets and security risks.
3. Contractual Arrangements
The ACM also addresses the contractual framework governing data sharing.
Key topics include:
the FRAND principles (fair, reasonable, non-discriminatory and transparent);
compensation for data sharing;
protection of trade secrets;
unfair contractual terms; and
the European Commission's Model Contractual Terms (MCTs).
What Does This Mean for Organisations?
The guidelines do not introduce a fundamentally new interpretation of the Data Act. Their primary value lies in bringing together existing European sources, definitions, FAQs and guidance documents into a single practical and accessible framework.
As such, they provide organisations with a useful reference point for implementing the Data Act.
For many organisations, the greatest challenge will not be understanding the legal requirements themselves, but operationalising them in practice. What data is generated? Who qualifies as the data holder? How will users gain access to data? What contractual arrangements are required? And what technical measures need to be put in place?
As a result, the Data Act affects not only legal teams, but also IT, compliance, cybersecurity, contract management and governance functions.
More Than a Data Sharing Regulation
The ACM's guidelines demonstrate that, in practice, the Data Act is much broader than a set of rules on data sharing.
For organisations working with connected products and related services, data is increasingly becoming a matter of governance, contract management and internal control.
For that reason, the ACM's guidance can serve as a valuable starting point for organisations preparing for the further implementation of the EU Data Act.