A trust framework, not a rule about which data you share
The Data Governance Act is a horizontal instrument: it applies across sectors rather than targeting logistics, and it deliberately says nothing about the content or ownership of data. Regulation (EU) 2022/868 entered into force on 23 June 2022 and, after a fifteen-month grace period, has applied since 24 September 2023. What it regulates is trust — the conditions under which data can move between organisations without either side fearing misuse. The Commission frames it as a set of measures resting on three operational pillars: the re-use of certain protected data held by public bodies that cannot be released as open data, data intermediation services acting as trustworthy organisers of sharing within the Common European Data Spaces, and data altruism for objectives of general interest. A European Data Innovation Board coordinates the approach across Member States. None of these create an entitlement to any particular dataset; they create the plumbing and the guarantees that make voluntary sharing credible.
Data intermediation services: neutral carriers you can check
The pillar most directly relevant to supply-chain data is the regulated data intermediation service. A provider that connects data holders with data users must notify a competent authority of its intention to operate, and must then function as a genuinely neutral third party. The neutrality conditions have real content: the intermediary may charge for facilitating the exchange, but it cannot use the data it intermediates for its own profit — it may not sell that data on or fold it into its own products — and any data or metadata it does acquire may be used only to improve the intermediation service itself. The Commission also requires structural separation: the intermediation activity must be legally separated from any other service the provider offers. A provider that meets these conditions may present itself as a 'data intermediation services provider recognised in the Union' and carry the common EU logo. For logistics this is the point: negotiated rates, volumes, lane and routing information and cargo details are commercially sensitive, and a neutral, checkable intermediary lets competitors or chain partners pool such data without handing an advantage to whoever runs the platform.
Public-sector data re-use and data altruism
Two further pillars widen the pool of data that can be put to work. The first governs the re-use of protected data held by public bodies — data covered by others' rights, such as personal data, confidentiality or intellectual property — which may be released for re-use under safeguards rather than as fully open data. In practice that means techniques such as anonymisation, pseudonymisation or access inside secure processing environments; fees that may not exceed the costs the public body incurs; limits on exclusive re-use arrangements; and, as the Commission describes it, generally up to two months for a public authority to decide on a request. The second, data altruism, lets organisations register as a 'data altruism organisation recognised in the Union' if they are not-for-profit and meet transparency and safeguard requirements, supported by a common European consent form so data can be gathered uniformly across Member States. For a logistics planner the relevance is concrete but conditional: where a public body releases infrastructure, traffic or network data for re-use, it becomes a lawful input for routing and capacity planning — though whether any specific dataset is available depends on the Member State and body concerned.
Distinct from the Data Act — read both together
The Data Governance Act is routinely confused with the Data Act, and the distinction matters for anyone mapping their obligations. The DGA (Regulation (EU) 2022/868) supplies the framework and the actors — the neutral intermediaries, the public-sector re-use rules, the altruism organisations — that make voluntary sharing trustworthy; it does not grant anyone a right to a specific dataset. The Data Act (Regulation (EU) 2023/2854), which entered into force on 11 January 2024 and has applied since 12 September 2025, does the complementary job: it lays down harmonised rules on fair access to and use of data, letting users access the data their connected products co-generate and share it with third parties, curbing unfair business-to-business contract terms, and easing switching between cloud services. The Commission characterises the Data Act as clarifying 'who can use what data and under which conditions' — that is, it decides rights and terms of access, whereas the DGA provides the trusted machinery to move data once those questions are settled. Because the two operate at different layers, an operator planning to share or receive supply-chain data is best served by assessing both instruments together rather than assuming one answers the other's questions.
What it means for a transport or logistics operator
Because the DGA is horizontal, it imposes no logistics-specific duty; its practical effect on the sector is as an enabler and, occasionally, a status test. Your organisation is likely within the intermediation regime if it runs a neutral platform that pools or brokers supply-chain data between independent parties — in which case notification, recognition and the neutrality conditions would apply — whereas simply exchanging your own data with a counterparty generally would not trigger them. If you are building or joining a transport data space, the DGA supplies the trust rules those spaces rely on; if you consume released public-sector data, the re-use regime is what makes it lawful. One caveat belongs on the record: national implementation lagged the regulation. The Commission confirmed the Act has applied since 24 September 2023, but in May 2024 it had to call on eighteen Member States to designate the authorities responsible for registering data altruism organisations and supervising intermediation providers — so the register of recognised intermediaries has been maturing unevenly. An operator relying on a provider's 'recognised in the Union' status should therefore verify it against the relevant national authority rather than take it as given. This dossier is an information source, not legal advice; where a specific arrangement is at stake, confirm the position against the primary texts and the competent authority.
What to do
Map every arrangement in which your organisation pools or brokers supply-chain data with third parties, and for each platform or party involved, check whether it is acting as a data intermediation service under the DGA and whether it is notified to, and recognised by, a national competent authority — do not rely on a claimed 'recognised in the Union' status without verifying it against that authority.
Sources
Last verified against the primary sources: 2026-07-09
More on Data & connectivity
Follow this topic
Get an email whenever something changes here. No account needed; confirm by email (double opt-in).
We use your email address only to send updates about this topic. You can unsubscribe at any time. See our privacy policy.
← All transport & logistics topics