Compliance Briefing — June 23, 2022

Executive briefing: On June 23, 2022, Regulation (EU) 2022/868 — the Data Governance Act (DGA) — took effect. The regulation establishes certification regimes for data intermediaries, harmonizes conditions for reusing public-sector data subject to rights protections, and sets transparency rules for recognized data altruism organizations.

Immediate compliance priorities

• Service qualification. Determine whether EU operations provide data intermediation services and require notification, compliance programs, and neutrality safeguards.
• Public data reuse. Align licensing processes with DGA requirements for protected public-sector datasets, including confidentiality and intellectual property safeguards.
• Altruism governance. Assess interest in registering as a data altruism organization and build mechanisms for consent management and transparency reporting.

Control alignment

• Compliance management. Implement internal controls to preserve neutrality, prevent conflicts of interest, and maintain audit trails for data intermediation services.
• Contract updates. Update data sharing agreements to reflect DGA obligations around lawful reuse, data security, and user rights.
• Oversight. Prepare for supervision by designated competent authorities, including reporting obligations and on-site inspections.

Enablement moves

• Coordinate with EU Data Innovation Board guidance to interpret harmonized standards.
• Integrate DGA requirements with forthcoming Data Act obligations to streamline EU data strategy compliance.
• Engage stakeholders on data altruism participation, including transparency dashboards for contributors.

Sources

• Official Journal of the European Union: Regulation (EU) 2022/868
• European Commission: Data Governance Act enters into force

Zeph Tech enables EU data teams to operationalize DGA obligations across intermediary services, altruism programs, and public-sector reuse agreements.