← Back to all briefings

Governance · Credibility 50/100 · · 2 min read

Governance Briefing — October 7, 2025

Chapter IV of the EU Data Act now applies, banning unfair clauses in data-sharing agreements and requiring boards to evidence oversight of how vendors and customers negotiate access to industrial datasets.

Executive briefing: From September 12, 2025, Chapter IV of Regulation (EU) 2023/2854 (the Data Act) prohibits unfair contract terms imposed on SMEs when they share data with larger partners. By October, supervisory authorities expect boards to show they can identify clauses that restrict legal remedies, transfer disproportionate risk, or mandate exclusive rights over jointly generated data. Governance teams must catalogue high-risk agreements, review fallback language aligned to the Commission’s guidelines, and ensure complaints handling routes are visible to suppliers.

Key governance checkpoints

  • Clause inventory. Centralise all data access, platform, and IoT service agreements that involve EU SMEs; flag terms that forbid damages claims, unilateral audits, or termination for breach.
  • Board reporting. Provide quarterly dashboards to audit and risk committees summarising remediation progress, outstanding negotiations, and any disputes escalated to national competent authorities.
  • Supplier recourse. Stand up whistleblowing and complaint channels so SMEs can raise concerns about unfair clauses without jeopardising commercial relationships.

Operational priorities

  • Fallback library. Publish approved clause alternatives covering liability, dispute resolution, IP ownership, and data access termination to streamline negotiations.
  • Contract lifecycle controls. Embed Data Act reviews into CLM workflows, requiring legal sign-off before renewals or new agreements with EU SMEs are executed.
  • Escalation playbooks. Coordinate with EU counsel to log regulator engagement timelines and evidence remediation within 30 days when authorities challenge unfair terms.

Enablement moves

  • Train commercial, procurement, and product teams on the Commission’s indicative list of unfair clauses and the limited safe harbours available.
  • Benchmark contracts against industry initiatives such as the Data Sovereignty Now principles to reinforce trust with industrial partners.

Sources

Zeph Tech equips boards with contract intelligence dashboards, remediation workflows, and escalation playbooks to demonstrate Data Act governance maturity.

  • EU Data Act
  • Contract governance
  • SME protections
  • Industrial data sharing
Back to curated briefings