With the Data Act (Regulation (EU) 2023/2854) (“DA”), the European Union is pursuing the goal of making the data economy fairer, more transparent, and more interoperable. The new regulations have been in force since September 12, 2025, introducing significant changes for cloud providers. Chapter IV regulates so-called cloud switching, i.e., the ability for customers to switch between providers or transfer data to their own IT infrastructure.
This is intended to reduce customer dependencies (“vendor lock-ins”) and promote competition between cloud providers. However, the Data Act poses considerable legal and technical challenges for providers. These are increased by numerous ambiguities, in particular with regard to the applicability of the regulations and the obligation to remove obstacles to switching.
1. Applicability and Exceptions
The new obligations do not apply without restriction. Certain custom-built services are partially exempt. If the majority of the core functions of the service is tailored to individual customer needs, the provider benefits from the exemption.
Trial versions are completely exempt from the regulations if they are provided for a limited period of time and without commercial scale. This privilege is intended to relieve providers during the development phase.
The obligations also differ depending on the type of service. While Software-as-a-Service (SaaS) providers and Platform-as-a-Service (PaaS) providers must meet complex interoperability requirements, Infrastructure-as-a-Service (IaaS) providers are partially exempt from technical specifications. Providers of IaaS custom-built versions are not subject to any technical obligations.
However, many key terms (e.g. “main feature” or “broad commercial scale”) have not yet been conclusively clarified. Providers still face considerable legal uncertainty regarding the applicability of the obligations.
2. Obligation to Remove Obstacles to Switching
The core of Chapter IV is the obligation to remove obstacles to switching (Art. 23 DA). Providers must ensure that customers can switch providers without unreasonable pre-commercial, commercial, technical, contractual, and organizational obstacles.
The Data Act specifies this obligation in a conclusive catalog, so that not every form of obstacle to switching is automatically prohibited. This leaves some leeway for providers’ freedom of contract, even though the Data Act contains significant prohibitions on obstacles to switching.
3. Conclusion and Outlook
The Data Act creates far-reaching EU cloud regulation. Providers should urgently examine the extent to which they are affected by this and whether they comply with the strict regulations. Contracts and processes may need to be adapted. At the same time, much remains unclear – in particular, how courts will interpret key terms and obligations.
Until the existing ambiguities are clarified by case law, a risk-based compliance strategy and ongoing monitoring of regulatory guidelines and statements are recommended.
An in-depth analysis of the applicability of the cloud switching regulations and the obligation to remove obstacles to switching can be found in the article by Dr. Felix Rützel, published in MMR 2025, 769. Dr. Felix Rützel is a lawyer in Grünecker’s Munich office and advises on all legal issues relating to information technology and digitization.