EXPERT COLUMN

By Sindhu Kashyap, our Senior Content Strategist, Middle East and Africa

In this column, we’ ll be discussing the latest tech trends that are getting everyone talking. If you’ d like to get in touch, email sindhu. kashyap @ intelligentglobalmedia. com

Meeting the demands of the EU Data Act will test global firms, but robust governance could help them build trust and unlock cleaner, more valuable data.

The EU Data Act, first announced in 2023 and now entering its first implementation phase, is expanding the scope of European oversight beyond personal information and into the more complex realm of industrial and machine-generated data.

The Act obliges companies dealing with connected devices – such as cars, watches, and home sensors – to provide users with visibility and control over what their machines are sharing. This seemingly simple requirement has far-reaching implications.

“ It takes us from personal data into industrial data,” said Tim Pfaelzer of Veeam.“ Every organisation involved in IoT must now ensure users have access to what is being gathered and why.”

The rules are not confined to European borders. Much like the GDPR, the Data Act applies to any company trading in Europe, regardless of its headquarters. For Middle Eastern firms hoping to sell into EU markets, compliance will become a non-negotiable cost of doing business.

Greg Hanson of Informatica warned:“ If you have customers in the region, you will have to comply. That means being ready to answer requests not just from individuals but also from governments and third parties.”

The challenge lies in operationalising those rights. Regulators expect companies to respond promptly to data requests, extracting accurate information from vast datasets generated by machines. Without automated systems, firms risk falling behind.

“ You cannot respond unless you are actively managing your data,” Hanson said. Manual processes, once tolerable, will collapse under the sheer volume of queries.

The burden does not stop at access. The Act also demands portability and interoperability, ensuring customers can switch providers with ease. For cloud and SaaS vendors, that means designing for migration, not lock-in. In practice, companies will need to develop flexible data governance frameworks that can apply different rules across various jurisdictions. A request from Germany may require a different response than one from Dubai.

Some executives see opportunity in the pain. By demonstrating restraint and transparency, companies can win consumer trust in markets where data misuse remains a reputational landmine. Yet others note the risk of fragmentation as firms juggle multiple overlapping regimes.

Compliance, then, is both a shield and a sword. Firms that invest early in automated AI-driven data governance will not only avoid fines but also unlock competitive advantage through cleaner, more reliable data. Those that drag their feet will face sanctions, rising costs and an increasingly sceptical customer base.

For companies outside Europe, the lesson is clear. The EU is once again exporting its regulatory philosophy. Whether in Dubai or California, firms that aspire to European markets must prepare for a world where every byte of data – from a smart fridge to an autonomous lorry is regulated, traceable and portable. Europe is raising the bar; the rest of the world will have to follow. •

INTELLIGENT TECH CHANNELS 19