← Back to all briefings
Data Strategy 6 min read Published Updated Credibility 40/100

EU Council General Approach on the Data Governance Act

The EU Council agreed on their position for the Data Governance Act in March 2021. Data intermediaries have to stay neutral, public sector data reuse gets clearer rules, and 'data altruism' becomes an official thing. This shaped the final DGA.

Kodi C.

Editor & Research Lead

Editorially reviewed for factual accuracy

Data strategy pillar illustration for Zeph Tech briefings
Data strategy, stewardship, and privacy briefings

EU telecommunications ministers agreed the Council's general approach on the Data Governance Act (DGA) on 25 March 2021. The position clarifies neutrality and security requirements for data intermediation services, sets out conditions for re-use of protected public-sector data, and establishes supervision for data altruism organizations.

Data Governance Act Context

The Data Governance Act represents foundational EU legislation supporting the European data strategy. The regulation establishes framework conditions enabling data sharing while maintaining appropriate protections. The DGA complements other EU data initiatives including the Data Act, AI Act, and sector-specific data space regulations.

The Council general approach established member state positions for trilogue negotiations with the European Parliament and Commission. The position influenced final legislative text adopted in 2022, making Council amendments relevant for understanding DGA compliance requirements.

Data Intermediation Services

The Council position tightened neutrality rules for data intermediaries providing services helping data exchange between data holders and data users. Intermediaries include data marketplaces, data exchange platforms, and personal information management services.

Neutrality requirements mandate separation between intermediation activities and other commercial data uses. Intermediaries cannot use shared data for their own commercial purposes beyond providing intermediation services. This structural separation prevents conflicts of interest and maintains trust in intermediation relationships.

Security obligations require intermediaries to implement appropriate technical and organizational measures protecting data during exchange. Certification frameworks may develop enabling intermediaries to show compliance with security requirements.

Public Sector Data Re-Use

The DGA establishes conditions for re-use of protected public-sector data categories not covered by the Open Data Directive. Categories include commercially confidential data, statistical confidentiality, intellectual property of third parties, and personal data where anonymization would undermine data utility.

Re-use requires appropriate safeguards including secure processing environments, confidentiality agreements, and purpose restrictions. Public bodies must establish conditions ensuring protection while enabling beneficial re-use for research, innovation, and policy development.

Technical arrangements may include trusted research environments, differential privacy techniques, and secure multi-party computation. Organizations seeking access should show capability for compliant processing and governance supporting protection requirements.

Data Altruism Framework

The Council approach defined registration and oversight for data altruism organizations enabling voluntary data sharing for general interest purposes. Data altruism supports research, public health, environmental protection, and other societal benefits where individuals or organizations voluntarily contribute data.

Registration requirements establish transparency and accountability for altruism organizations. Registered organizations must comply with governance standards, maintain transparency about data uses, and operate under supervision coordinated at EU level.

Organizations planning data altruism programs should design consent processes enabling meaningful individual choice about contribution to general interest purposes. Governance frameworks should address data security, purpose limitations, and accountability mechanisms.

Competent Authorities

Member states must designate competent authorities supervising data intermediation services and data altruism organizations. Authorities receive powers to investigate compliance, issue guidance, and enforce requirements through administrative penalties.

Cross-border coordination mechanisms enable consistent enforcement across member states. The European Data Innovation Board helps coordination and develops guidance supporting consistent DGA setup.

International Data Transfers

The Council position addressed conditions for data transfers outside the EU through intermediation services and public sector re-use arrangements. Transfer conditions must ensure protection equivalent to EU standards, consistent with GDPR principles and adequacy frameworks.

Organizations operating internationally should evaluate DGA implications for data sharing arrangements involving non-EU parties. Contractual protections and technical measures may be required supplementing standard transfer mechanisms.

You may also find useful

Hand-picked articles on adjacent topics.

Continue in the Data Strategy pillar

Return to the hub for curated research and deep-dive guides.

Visit pillar hub

Latest guides

  • Data Strategy Operating Model Guide

    Design a data strategy operating model that satisfies the EU Data Act, EU Data Governance Act, U.S. Evidence Act, and Singapore Digital Government policies with measurable…

  • Data Interoperability Engineering Guide

    Engineer interoperable data exchanges that satisfy the EU Data Act, Data Governance Act, European Interoperability Framework, and ISO/IEC 19941 portability requirements.

  • Data Stewardship Operating Model Guide

    Establish accountable data stewardship programmes that meet U.S. Evidence Act mandates, Canada’s Directive on Service and Digital, and OECD data governance principles while…

Coverage intelligence

Published
Coverage pillar
Data Strategy
Source credibility
40/100 — low confidence
Topics
EU · Data Governance Act · Data Intermediaries · Public Sector Data · Data Altruism
Sources cited
3 sources (consilium.europa.eu, data.consilium.europa.eu, iso.org)
Reading time
6 min

Documentation

  1. EU Council press release on DGA general approach
  2. Council general approach text (DGA)
  3. ISO 8000-2:2022 — Data Quality Management — International Organization for Standardization
  • EU
  • Data Governance Act
  • Data Intermediaries
  • Public Sector Data
  • Data Altruism
Back to curated briefings

Comments

Community

We publish only high-quality, respectful contributions. Every submission is reviewed for clarity, sourcing, and safety before it appears here.

    Share your perspective

    Submissions showing "Awaiting moderation" are in review. Spam, low-effort posts, or unverifiable claims will be rejected. We verify submissions with the email you provide, and we never publish or sell that address.

    Verification

    Complete the CAPTCHA to submit.