On May 30, 2026, Germany’s implementing law for the EU Data Act entered into force. The law is called the Datenverordnung-Anwendungs-und-Durchführungs-Gesetz (DADG). The Federal Network Agency (Bundesnetzagentur, or BNetzA) became Germany’s central enforcement authority for the EU Data Act on the same day. A first public information event is scheduled for July 15, 2026.
What the EU Data Act is
The EU Data Act is an EU regulation that has applied across all member states since September 12, 2025. It creates legally enforceable rights over data generated by connected devices. That includes smart cars, household appliances, industrial machines, agricultural equipment, and similar products. Before the Data Act, manufacturers and service providers largely controlled all data generated by devices they sold. The Data Act changes this.
The Data Act creates enforceable rights in three areas:
Data access from connected devices. Owners and regular users of connected products have the right to access the data those devices generate. They can request that this data be shared with a third party of their choice, such as a repair shop, an insurance provider, or a competing service.
Cloud switching. Businesses using cloud services can now switch providers more easily. Cloud providers must allow customers to transfer their data and continue operating services during migration. Fees for data egress must also be eliminated within the transition timeline.
Data portability rules. The Data Act adds portability rights specifically for data generated through device use. These go beyond existing GDPR rights.
How the DADG Makes Enforcement Possible in Germany
The DADG is Germany’s national law to implement and enforce the EU Data Act. It designated the BNetzA as Germany’s central enforcement authority for the EU Data Act. Before it entered into force, Germany had no national body to handle complaints, certify dispute resolution bodies, or take enforcement action.
The BNetzA now handles:
- Complaints from consumers and businesses about Data Act violations
- Certification of dispute resolution bodies (Streitbeilegungsstellen) in Germany
- Cooperation with the Federal Data Protection Commissioner (Bundesbeauftragte für den Datenschutz und die Informationsfreiheit) on data protection questions
- Monitoring cloud switching compliance
- Cross-border coordination with the European Commission and the European Data Innovation Board (Europäischer Dateninnovationsrat)
What the EU Data Act Means for Consumers, Businesses, and Manufacturers
If you are a consumer who owns connected devices, you now have an enforceable right to your device data. Manufacturers are still building access portals and interfaces. If a manufacturer refuses access, file a complaint with the BNetzA.
If you are a business that uses cloud infrastructure, review your contracts for egress fee clauses and switching terms. Cloud providers must comply with the Data Act’s portability and switching provisions. If they do not, you can file a complaint with the BNetzA.
If you are a manufacturer or service provider selling connected products in Germany, the Data Act’s obligations now apply and are actively enforced. Key obligations include providing data access interfaces, implementing data sharing on request, and complying with cloud switching rules if you offer cloud-based services.
