The EU Data Act (Regulation (EU) 2023/2854) introduces a comprehensive framework to enhance data portability and reduce vendor lock-in across the EU digital economy. One impactful component is the cloud switching regime (Chapter VI), which establishes broad obligations to facilitate switching between “data processing services.” For providers of cloud-based services (such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS)), these rules may present contractual, technical, and commercial challenges. We discussed Chapters II and III of the Regulation in a previous GT Alert.
Broad Scope of Application
Functional scope: The new rules in Chapter VI apply to providers of “data processing services.” This term is not to be confused with “data processing” as used by the GDPR – the term “data” is not even part of the definition in the Data Act. Rather, it is defined as any digital service provided to a customer that “enables ubiquitous and on-demand network access to a shared pool of configurable, scalable and elastic computing resources of a centralised, distributed or highly distributed nature that can be rapidly provisioned and released with minimal management effort or service provider interaction.”
This definition is deliberately broad and may raise interpretation questions and legal uncertainties. What is clear, however, is that the cloud switching provisions extend beyond traditional hyperscale cloud providers. The new cloud switching regime explicitly targets “a substantial number of services with a very broad range of different purposes, functionalities and technical set-ups,” including IaaS, PaaS, and SaaS offerings – provided they qualify as data processing services under the definition.
Excluded from Chapter VI are on-premise and private cloud solutions, as well as services that require highly individualized, labor-intensive setup or configuration by the provider. Beyond these exclusions lies a regulatory grey zone, where providers may need to conduct a careful, service-by-service assessment to determine whether a given offering qualifies as a data processing service.
(Extra-)territorial scope: Like other recent EU digital laws, the cloud switching provisions apply irrespective of the provider’s place of establishment whenever data processing services are offered to EU customers. In practice, this means that non‑EU providers contracting with EU customers must comply with the cloud switching framework.
Temporal Scope: Chapter VI obligations apply from Sept. 12, 2025, leaving open the question whether the cloud-switching rules apply solely to agreements concluded after that date or also to existing contracts.
New Obligations for Cloud Providers: Switching Right and Termination of Contract
Chapter VI of the Data Act introduces a mandatory switching regime that cloud providers must include in their contracts with their customers. At its core, contracts need to allow customers to switch to another provider (or to their own infrastructure) at any time and as a result, the existing contract will be terminated.
- Switching Right: The Data Act obliges providers to remove all pre-commercial, commercial, technical, contractual, and organisational obstacles that might inhibit customers from switching to another provider. Providers are required to include a comprehensive switching right into all customer agreements and to ensure that internal processes and technical capabilities support seamless migration.
- Switching Process and Timeline: Customers may request switching at any time during the contract term. The provider is obliged to initiate the switching process after a maximum notice period of two months after such request. The switching process must be completed within a 30-day transitional period, during which the provider must maintain business continuity and ensure a high level of security. In cases of technical complexity, this period may be extended to up to seven months
- Termination of Contract: After successful completion of the switching process, the contract between provider and customer is deemed terminated. Here, the legislative text is ambiguously drafted and may support different interpretations. But currently the EU Commission seems to be of the opinion that indeed the provisions require that a de facto termination-for-convenience right must be included, even for fixed-term contracts.
- Standard Contract Clauses: The EU Commission is currently preparing non‑binding standard contract clauses (STCs) pursuant to Art. 41 Data Act, providing guidelines for affected cloud services providers for the implementation of the requirements under Chapter VI. However, similar to the Model Contract Terms for the implementation of Chapters II and III, the draft STCs so far are customer‑friendly by design, go beyond the statutory requirements and in many parts may not live up to industry-standard contract language. Once officially published, they should be carefully reviewed and tailored to an organization’s legal obligations and commercial objectives.
- Assessing Scope and Impact: Map all services against the Data Act’s definition of “data processing services” and identify on a service-by-service basis which offerings may fall within the cloud switching framework.
- Updating Contracts and Commercial Terms: Review and revise customer agreements to reflect switching obligations and proportionate early termination penalties.
- Reviewing Pricing Models: Align pricing structures, including early termination fees, with the commercial implications of switching.
- Ensuring Technical Readiness: Develop robust technical capabilities for data export, migration, and interoperability (Chapter VIII Data Act).
- Staying Informed About Regulatory Guidance and Best Practices: Establish a compliance roadmap, monitor regulatory guidance and emerging standards, and implement internal training and communication strategies to enhance ongoing compliance and competitiveness.
How to Mitigate Commercial Imbalances
The switching right may create commercial imbalances, particularly where providers have granted benefits and discounts or made substantial up-front investments in long-term contracts. To address this, the Data Act permits to provide for proportionate early termination penalties or fees. In practice, such early termination penalties or fees may be a mechanism for providers to offset financial risks associated with customer switching and contract termination. By contrast, switching charges (fees for executing the switching request) are only permitted under narrow conditions and will be prohibited entirely from Jan. 12, 2027.
Considerations for Providers
To prepare for Chapter VI compliance, providers may wish to consider the following actions: