Digital Fitness Check

DaTNet is taking part in the public consultation as part of the European Commission’s fitness check of digital regulations, which aims to assess the cumulative impact of EU digital regulations.

The Digital Fitness Check is the second phase of the European Commission’s plan to simplify EU digital regulations following the amendments introduced under the Digital Omnibus Regulation. To ensure that the EU’s digital regulations are effective, proportionate and future-proof, the fitness check on digital regulations will analyse the interplay between the various regulations, as well as their cumulative impact on businesses, their effectiveness in promoting competitiveness and their impact on the EU’s values and fundamental rights.

The Data Trustee Competence Network (DaTNet) acts as the voice of the emerging data trust community in Germany. Through its involvement in the Digital Omnibus process and in the fitness-for-purpose assessment of the digital regulations, DaTNet brings the perspectives of the research community, industry, public administration and civil society into the European debate. Thanks to its positioning, DaTNet continues its work at the interface between research, policy and practice and contributes to further raising the profile of the concept of data trusteeship within the European context. You can find our position statement on this page.

You can also download the full position statement in connection with the public consultation on the fitness check of the EU’s digital regulations (‘Digital Fitness Check’) in PDF format.

Position statement in connection with the public consultation on the fitness check of the EU’s digital regulations (‘Digital Fitness Check’)

The Competence Network for Data Trustee Models DaTNet welcomes the European Commission’s initiative to collect opinions as part of a ‘Digital Fitness Check’. DaTNet is happy to comment on the effects of the Data Governance Act (DGA) and the proposals set out in the Omnibus Regulation for the digital sector.

From DaTNet’s point of view, the regulatory objective of the DGA remains valid and important. Promoting the establishment of data intermediaries through a specific legal framework in order to simplify data exchange (Recital 27 DGA) is logical from a legal policy perspective. The fact that the number of data intermediation services and data altruism organisations entered in the EU register is still negligible does not preclude this. The low number of registrations is attributable, for example, to the fact that applications or registrations have not yet been possible due to delays in the adoption of implementing legislation in Germany and other Member States12.


Our statement focuses on the following aspects:

  • the replacement of the registration requirement for data intermediation services (Article 11 DGA) with voluntary registration
  • the concept of a data intermediation service
  • the removal of the requirement for organisational separation (Article 12(a) DGA)
  • the further conditions for data intermediation services and data altruism organisations.

1. Replacing the obligation to register data intermediation services with voluntary registration

Under Article 11 DGA, providers of data intermediation services are required to carry out registration. Furthermore, Article 12 DGA imposes further requirements. In our experience, these requirements have led service providers to structure their services such that they do not fall within the material scope of the DGA in order to avoid the associated administrative burden. This was achieved, for example, by not establishing commercial relationships between an undetermined number of data providers and data users (but only within a closed group) or by designing a service in accordance with Article 2(11)(a) DGA. The current form of the notification requirement therefore contributes little to the regulatory objective of facilitating data exchange through the establishment of trustworthy data intermediaries. In this respect, we welcome the European Commission’s proposal to replace the obligation to register with the option of voluntary registration in Article 32e(1) of the DA proposal.

2. Definition of a data intermediation service

The definition of data intermediation services, which determines the personal scope of application of this registration option, also needs to be reconsidered. It is not clear from the regulatory objectives why the option to register and the associated privilege of using the relevant designation and logo (Article 32a of the DA proposal) should be reserved solely for service providers which, in accordance with Article 2 (38a) of the DA proposal, establish ‘relationships of an economic character’ between data providers and data users. Furthermore, the definition raises the question of why a data intermediation service is conceptually premised on the establishment of relationships between data providers and data users to enable shared data use and therefore a structuring of this three-party relationship as a chain of contracts with agreements between data providers and the data intermediation service on the one hand and between the data intermediation service and data users on the other hand would likely not be covered. This requirement, according to which the data intermediation service must establish ‘relationships of an economic character’ between data providers and data users, does not always seem appropriate for services ‘for the purpose of exercising the rights of data subjects in relation to personal data’. As part of the definition of terms, the concept of joint data use or ‘data sharing’ should also be reconsidered, as it is not a good fit, in the context of exercising data subjects’ rights under data protection law and in the German-language version, for cases in which data is used solely by the data recipient. Insofar as they are still required by the definition of the data intermediation service, the definitions of ‘data sharing’ (Art. 2(10) DGA) and ‘data user’ (Art. 2(9) DGA) should also be included in the redrafted Data Act.

3. Removal of the requirement for organisational separation (Article 12(a) DGA)

Under Article 32c of the DA proposal, the requirement that the data intermediation service be provided by a separate legal entity, as currently provided for in Article 12(a) DGA, is to be removed. However, according to Article 32c(a) of the DA proposal, the provision stipulating that the data may not be used for any purposes other than the intermediation is to remain in force. The use of data for one’s own purposes is therefore likely to remain permissible only where there is an organisational separation between data transmission and use, which, in view of the regulatory objective of supporting the emergence of new data-driven ecosystems independent of operators with significant market power (Recital 27 DGA), appears to be appropriate in principle.

In the public debate on the ‘Digital Omnibus’, however, it is sometimes assumed that functional separation (‘Chinese walls’) might suffice instead. We do not find this interpretation convincing, as otherwise the provision in Article 32c(d)(iii) of the DA proposal would be superfluous; this provision, as an exception to the obligation under (a), explicitly provides for functional separation only in respect of value-added services. If Article 32c(a) of the DA proposal could already have been observed with functional separation, the provision in (d) would have been unnecessary. It would therefore be desirable for the legislature to provide clarification on this point.

4. Further conditions for data intermediation services and data altruism organisations

The European Commission’s proposals to make the requirements for the provision of data intermediation services (currently Article 12 DGA) more workable are, in principle, to be welcomed. However, in our view, it would be necessary to examine in detail which requirements are necessary for data intermediation services for the purposes of quality assurance and ensuring their reliability and which requirements, when measured against this objective in terms of the relationship of means to ends, entail a disproportionately high level of effort. This should be done in the context of both data intermediation services and data altruism organisations.

Against this backdrop, we believe is worth considering retaining the following in the new Data Act, with regard to data intermediation services, for example:

  • the conversion ban (Article 12(d) DGA) to prevent lock-in effects,
  • the obligation to ensure fair, transparent and non-discriminatory conditions of access (Article 12(f) DGA),
  • the obligation to ensure interoperability (Article 12(i) DGA),
  • the obligation to ensure data security (Art. 12( 12 k) and (l) DGA) and
  • the obligation to keep records (Article 12(o) DGA).

On the other hand, the removal of the obligation to provide insolvency cover under Article 12(h) DGA should be welcomed as it is difficult to reconcile with recognised principles of insolvency law.

With regard to data altruism organisations, consideration should be given to retaining the obligation to draw up activity reports (Art. 20(2) DGA), as this would make it possible to trace the data-altruistic activities carried out and build trust in the data intermediary.

11 March 2026

Professor Dr Petra Gehring (TU Darmstadt)
Professor Dr Anne Lauber-Rönsberg (TU Dresden)
Professor Dr Florian Möslein (Marburg University)
Professor Dr Sebastian Omlor (Marburg University)

  1. DatNet Paper 10: https://zenodo.org/records/18484562/files/DaTNeT-Paper10_Sarilar.pdf?download=1 ↩︎
  2. https://datnet.eu/2026/03/02/wie-viele-denn-nun-aktueller-blick-auf-die-eu-register-fuer-daten-
    vermittlungsdienste-und-datenaltruistische-organisationen/     ↩︎