The impending EU Data Act will require cloud providers in Europe to make it easier for customers to switch to competitors.

The act is currently set to go into force on January 11, 2024, and provisions of the act will begin to apply 20 months later meaning that businesses must be ready to comply by 12 September 2025.

In addition to impacting the cloud computing sector, new rules regarding GDPR, IoT data sharing, and smart contracts are included.

European Commission
– dimitrisvetsikas1969 / 15115 images

The Data Act will require public and private cloud computing service providers to remove "obstacles to effective switching" between their own and competing cloud services, including commercial, contractual, technical, or organizational hurdles.

This includes common deterrents such as egress fees, where cloud providers charge costs to users sending data from their cloud environments to another location.

Cloud service providers will not be required to develop new technologies or services, disclose digital assets protected by intellectual property, or take measures compromising the integrity and security of their service in aid of this.

The Act argues in favor of a "self-regulatory approach to the problem of ‘vendor lock-in’ at the level of providers of data processing services, by introducing codes of conduct to facilitate switching data between cloud services (the industry-developed ‘Switching Cloud Providers and Porting Data (SWIPO)’ Codes of Conduct)."

"This proposal further builds on this, helping businesses and citizens to make the most of the right to switch cloud providers and port data. It is also fully consistent with the Unfair Contract Terms Directive as regards contract law."

While the Act clearly states that cloud switching should be made more accessible, there is some doubt as to how this will actually be regulated. Cloud switching can be very complex for some workloads, and the act has not given detailed attention to those technical complexities within its ruling.

The cloud market has been under discussion for its alleged anti-competitive practices over the past few years. The UK's Competition and Markets Authority (CMA) has launched an investigation into the market after Ofcom identified several features that make it difficult for customers to switch and use multiple cloud suppliers including egress fees, cloud repatriation fees, and discounts to incentivize customers to use only one provider.

Similar occurrences have been seen in Europe and the US.

In 2022, Microsoft was the target of an antitrust campaign, led by OVHcloud and backed by cloud trade association CISPE which includes Amazon, and a complaint was filed with the European Competition watchdog. In May 2022, Microsoft agreed to adjust the terms of its cloud computing service to avoid a full antitrust investigation.

In June 2023, Google accused Microsoft and Oracle of anti-competitive practices in a letter to the Federal Trade Commission. At the same time, Oracle accused AWS of similar practices.