Inês Antas de Barros, Information, Communication & Technology Partner, was quoted in an IT Security article examining the main legal and operational challenges associated with the Data Act and its impact within a European regulatory framework that is still evolving.

Applicable from September 2025, the Data Act sets out harmonised rules for the access, sharing and use of data across the European Union. In parallel, its inclusion in the European Commission’s Digital Omnibus legislative package aims to simplify and consolidate the regulatory landscape, reducing overlaps and strengthening legal certainty.

For Inês Antas de Barros, the Data Act represents 'a decisive step in building a true European data economy', seeking to unlock the economic value of data and promote broader and more equitable access for businesses, citizens and public bodies.

The VdA partner also emphasises that regulation reinforces the rights of access and reuse of data generated by connected products and services, promotes interoperability and contributes to mitigating cases of technological dependency. Despite its potential, she identifies significant challenges in clarifying the concept of ‘generated data’ — particularly in IoT environments — and in reconciling the right of access with the protection of personal data, trade secrets and cybersecurity requirements.

From her perspective, the success of the Data Act will depend on how it integrates into the evolving European regulatory framework, ensuring legal certainty and conditions that support innovation.

• This article was published in IT Security magazine’s February issue.