The EU Data Act is reshaping how data is shared across Europe. One of its most debated elements is Article 9, which deals with reasonable compensation when companies are legally required to make data available to others.
To bring clarity, the European Commission has published Guidelines on Reasonable Compensation. These guidelines aim to strike a careful balance: enabling fair access to data while still preserving incentives to invest in data generation and infrastructure.
So what does “reasonable compensation” actually mean in practice? Let’s break it down.
At the heart of the framework lies the requirement that all mandatory business-to-business data sharing must take place on fair, reasonable, and non-discriminatory terms and in a transparent manner. Compensation must not be economically prohibitive or structured in a way that discourages access to data. Comparable data recipients must be treated equally, unless an objective justification exists, such as heightened security requirements or additional technical effort.
It is important to note that FRAND under the EU Data Act differs from its application in patent licensing. Data holders retain control over their data but also have a legal duty to cooperate. This combination leads to stricter safeguards against abuse and excessive pricing, reflecting the essential role of data access in the European data economy.
Charging compensation is not mandatory. Data holders may choose to provide data free of charge if this aligns with their business model or strategic objectives. Where compensation is applied, it may vary depending on the volume, format, and nature of the data. A margin may be included, but only where it is objectively justified.
The Data Act introduces specific protections for small and medium-sized enterprises and not-for-profit research organisations. These entities may only be charged the direct costs of making the data available, and no margin may be added. This ensures that access to data does not become a barrier to innovation, research, or market entry.
The Guidelines make a clear distinction between recoverable costs and non-recoverable expenses. Only costs that are necessary, incremental, measurable, and proportionate, and that are directly linked to a specific data request, may be charged. This includes activities such as preparing or selecting datasets, anonymising personal data, implementing incremental measures to protect trade secrets, and operating the technical means used to share data. Storage costs may also be charged, provided they are directly attributable to data sharing.
By contrast, general overheads, sunk costs, inefficiencies, ordinary business expenses, and unnecessary data enhancement are explicitly excluded. The underlying principle is that data recipients should not bear costs that the data holder would have incurred regardless of the data sharing obligation.
In certain circumstances, investments in data collection or production may justify a limited margin. Relevant investments may include infrastructure and systems used to collect existing data, as well as sensors, devices, or technologies that generate new data. However, any margin must remain within reasonable limits.
The Guidelines require margins to be reduced or excluded altogether where the relevant investments have already been recovered, for example, through product or service pricing. The same applies where data is co-generated by users, or where the data holder already uses the data for its own commercial or operational purposes. This approach is designed to prevent double recovery and ensure that compensation remains proportionate.
Data holders may offer data in bundles rather than on a per data point basis, provided certain conditions are met. Bundling must reflect genuine demand and intended use, and access to required data must not be made conditional on accepting unnecessary or unrelated data. Bundling must also not distort choice or undermine the access rights granted by the Data Act.
Transparency plays a central role in ensuring compliance with FRAND principles. Data recipients are entitled to request an explanation of how compensation has been calculated. Data holders must provide sufficient information to allow verification of fairness and reasonableness, while remaining free to protect confidential information and trade secrets.
Where disagreements arise, the Guidelines provide for resolution by the courts, certified dispute resolution bodies, or national competent authorities. These mechanisms are intended to provide effective remedies without undermining the broader objective of data sharing.
Taken together, the Guidelines establish a strict, cost-focused, and investment-aware framework for compensation under the EU Data Act. Data holders may recover what is necessary to make data available, and only a limited, well-justified margin where investments genuinely warrant it. At the same time, small enterprises and research organisations are shielded from profit-based charges.
At Ximedes, we work with organisations across the European Financial and Public Transport ecosystem to design data platforms, access models, and interoperability frameworks that align regulatory requirements with real-world operational needs. By combining deep technical expertise with a practical understanding of European regulation, we help our partners turn compliance with initiatives such as the EU Data Act into a foundation for scalable, future-ready data ecosystems.