EU regulators are digging their heels in despite big tech’s Data Act pushback

European Union flags at Berlaymont building of the European Commission in Brussels, Belgium
(Image credit: Santiago Urquijo/Getty Images)

EU regulators have once again hit back at big tech criticism of regulatory changes in what marks the latest tit-for-tat battle ahead of the pending Data Act. 

Amid concerns the legislation could harm tech companies, Thierry Breton, European commissioner for internal markets, will say it’s expected to do the exact opposite. 

Lawmakers won’t shift their stance either despite the mounting opposition from big tech, according to the draft text of a speech set to be delivered in San Francisco this week. 

“Our European data strategy is to unlock a wealth of big data and set out how that data should be shared, stored, and processed. This will benefit all businesses – European, American, and others alike,” he is expected to say, and will add: “Assertiveness is not protectionism.”

Why tech companies are fighting the Data Act

The Data Act aims to prevent non-EU governments from accessing data processed by firms operating within the union. Rules outlined in the act will apply to both corporate and consumer data, and are applicable to a range of services and products, such as smart technologies and industrial machinery. 

Some US companies, however, warn the legislation could have a negative impact on international data transfers and create additional cost burdens for companies that operate across borders. 


Whitepaper cover with cartoon character wearing digital armour stood in front of a bar/line graph with mobile phone featuring image of female wearing glasses

(Image credit: Salesforce)

Top data security trends

Must-have tools for your data security toolkit


US firms aren’t alone in leveling criticism. Last month, Siemens and SAP suggested the act could compromise “trade secrets” due to provisions requiring companies to collaborate with third parties to ensure regulatory compliance. 

In an open letter to Breton, EU antitrust chief Margrethe Vestager, and Commission president Ursula von der Leyen, German companies opposed to the act said it “risks undermining European competitiveness by mandating data sharing”. 

"Effectively, this could mean that EU companies will have to disclose data to third-country competitors, notably those not operating in Europe and against which the Data Act's safeguards would be ineffective," the letter read.

Pushing back against regulation

This criticism marks the latest in a long-running trend of big tech companies across the world pushing back against pending EU legislative changes.

Earlier this year, a number of industry stakeholders, most notably OpenAI, slammed the EU’s long-awaiting AI Act, branding it too restrictive and potentially inhibiting operations within the union. 

OpenAI CEO Sam Altman sparked controversy after suggesting the firm could be forced to “leave Europe” if the act was approved as it stood. While Altman swiftly reneged on the threat and clarified OpenAI’s commitment to Europe, the comments drew harsh criticism from Breton. 

Breton told Reuters at the time the AI rules are aimed specifically to safeguard the “security and well-being of our citizens” and insisted that changes “cannot be bargained”. He stressed the EU has been ahead of the curve in “designing a solid and balanced regulatory framework” in the interests of safety but also so Europe can “become a frontrunner in trustworth AI”.  

Data sovereignty rules in the EU have also been in the crosshairs for non-EU firms, with the cyber security labeling rules described as “discriminatory” against international firms in recent months. 

Big tech resistance is futile

Such pushback has a common theme: time and time again they fall flat. 

The first real acid test for this was prior to the implementation of GDPR, which received a significant degree of resistance from firms within the union and internationally. 

Similarly, cookie legislation and data-sharing rules in the wake of the Schrems cases, which saw companies such as Facebook hint they’d back out of the EU, fizzled out with a whimper. 

It appears tech companies haven’t learned their lesson. EU lawmakers are steadfast in their position and unrelenting in their attempts to implement regulations that benefit member states and citizens. 

For regulators to suddenly u-turn at the slightest hint of pushback would be disastrous from a political perspective. Companies, too, with even the slightest bone to pick would smell blood and pounce on future proposals. 

This raises questions over why organizations continue to try so hard to water down legislation. There are two differing tactics at play – playing tough and cozying up – both of which aim to temper potential regulatory crackdowns.

Altman’s hardline approach backfired. But around the same time Microsoft president Brad Smith outlined how the organization planned to develop a responsible framework for generative AI development. This approach showed a more measured approach that could curry favor with regulators. 

With the draft Data Act pending, organizations pushing back will likely find their criticism – which sometimes seems more like spitting out the dummy than offering constructive input – will come to no avail. 

Ross Kelly
News and Analysis Editor

Ross Kelly is ITPro's News & Analysis Editor, responsible for leading the brand's news output and in-depth reporting on the latest stories from across the business technology landscape. Ross was previously a Staff Writer, during which time he developed a keen interest in cyber security, business leadership, and emerging technologies.

He graduated from Edinburgh Napier University in 2016 with a BA (Hons) in Journalism, and joined ITPro in 2022 after four years working in technology conference research.

For news pitches, you can contact Ross at, or on Twitter and LinkedIn.