Overview on Report on B2B Data Sharing and Cloud Computing Contracts

The European Commission Expert Group released a report on April 2, 2025, detailing model contractual terms (MCTs) and standard contractual clauses (SCCs) for B2B data sharing and cloud computing contracts. As cloud services become indispensable and data-sharing fuels innovation, this report offers valuable, non-binding guidelines designed to promote fairness and transparency in data access and use within the B2B sector.

These non-binding, voluntary terms are designed to facilitate data access and use between various parties, including data holders, users, and third-party recipients, without affecting existing rights and obligations under the Data Act, General Data Protection Regulation (GDPR), or other laws.

The report is structured into five chapters:

1. Key Principles: Establishes fairness, transparency, and reasonable use as foundational principles for B2B data use.
2. Fair Contract Terms: Identifies potentially unfair clauses and explains their causes of imbalance, such as unilateral changes to terms without adequate notice, data lock-in, where exiting a service is made excessively difficult, and IP overreach, where one party claims excessive intellectual property rights.
3. Model Contract Clauses: Offers voluntary, example clauses to foster fairer negotiations, particularly concerning access, usage rights, liability, and data portability.
4. Cloud Contract Specificities: Focuses on cloud-specific risks like vendor lock-in, exit costs, service reversibility (the ability to return data and systems to a pre-cloud state), and SLA asymmetries.
5. Recommendations to the Commission: Suggests further regulatory or policy tools, such as non-binding standard terms or codes of conduct under the Data Act.

The model contractual terms (MCTs) provided in this report cover full contracts designed for four distinct data sharing scenarios: a) data holder to user, b) user to data recipient, c) data holder to data recipient, and d) data sharer to data recipient. The MCTs aim to help parties draft and negotiate contracts for access to and use of both personal and non-personal data, ensuring fair, reasonable, and non-discriminatory contractual rights and obligations, including reasonable compensation and the protection of trade secrets.

On the other hand, the standard contractual clauses (SCCs) provide six standard clauses addressing essential aspects and general structures of cloud computing contracts, such as switching and exit processes, termination, security and business continuity, non-dispersion, liability, and non-amendment, for use in data processing service agreements.

This report marks a significant step towards streamlined and transparent data-sharing practices in the B2B sector.

To ensure data sharing is conducted in accordance with legal regulations and to avoid exposing your company to legal liability, contact us for:

1. Reviewing or drafting data sharing agreements in line with the Model Contractual Terms (MCTs).
2. Drafting or amending cloud computing agreements using Standard Contractual Clauses (SCCs) to protect your interests when dealing with cloud service providers.
3. Verifying contract balance and ensuring the absence of unfair terms, such as data lock-in or unilateral modifications.
4. Ensuring compliance with the General Data Protection Regulation (GDPR) and the European Data Act, while considering relevant local and international frameworks.
5. Providing legal and technical consultations on usage rights, trade secret protection, and preventive measures upon contract termination.

You may contact us for legal support through:

• Ms. Mahitab Ajlan, Legal Advisor at the firm, via email: [email protected]
• Ms. Nehal Al Akkad, Legal Assistant, via email: [email protected]