Data Act Switching in Italy: Sccs, Two‑month Notice, No Switching Fees by 2027

The EU Data Act’s data act switching provisions are now live, and Italian cloud customers face a narrowing compliance window that demands immediate contract action. Since 12 September 2025, customers of in‑scope data‑processing services have held a statutory right to switch providers and receive technical cooperation for data porting. From 12 January 2027, all switching charges will be prohibited outright, eliminating one of the most persistent mechanisms of vendor lock‑in in the cloud market. For in‑house counsel, procurement managers and IT vendor managers operating in Italy, the practical challenge in 2026 is clear: audit existing agreements, insert compliant clauses now, and ensure pricing models are restructured before fee‑free switching becomes mandatory.

Quick Legal Timeline, Data Act Switching: What Changes and When

The EU Data Act timeline follows a phased activation model. Cloud customers and providers need to track two critical dates that determine contractual obligations and fee structures. The switching charges ban in 2027 is the date that will force the most significant commercial renegotiations.

Key Milestone Dates Explained

The 12 September 2025 activation date marks the point from which cloud switching rights become enforceable across the EU. The subsequent transition period, running until 12 January 2027, allows providers to gradually reduce and then eliminate switching charges. During this window, industry observers expect providers to restructure their pricing, moving residual switching costs into base subscription fees. Italian businesses should treat 2026 as the critical preparation year, ensuring all new and renewed contracts reflect the incoming fee prohibition.

What Are Data Act Switching Rights?

Data Act switching rights give customers of data‑processing services a legally enforceable entitlement to change providers without facing contractual barriers, technical obstacles or punitive fees. These rights apply to all customers, enterprises, SMEs and public‑sector entities, that use in‑scope cloud, edge and SaaS services within the EU.

Who Is a Customer Under the Data Act?

The Data Act defines the customer broadly. Any natural or legal person that uses a data‑processing service falls within scope. For Italian businesses, this covers direct subscribers to IaaS, PaaS and SaaS platforms as well as entities that access data‑processing services through reseller or partnership arrangements. The definition is technology‑neutral and applies regardless of whether the customer is a private company, a public administration or a non‑profit organisation.

What Services Are in Scope?

The switching provisions apply to data‑processing services, which the Data Act defines to include cloud computing services (IaaS, PaaS and SaaS) and edge computing services. Purely on‑premise software deployed on the customer’s own hardware falls outside scope, as does bespoke software development where no ongoing hosted processing occurs. The critical test is whether the service involves the processing of data on infrastructure managed by the provider. For Italian enterprises running hybrid environments, the likely practical effect will be that any component hosted or processed in the provider’s cloud falls under the switching regime even if other components remain on‑premise.

The practical takeaway for cloud switching rights in Italy is direct: if an organisation uses any form of externally hosted data‑processing, it should assume the Data Act switching rules apply and adjust its contracts accordingly.

Article 30 of the Data Act: Technical Porting and Switching Obligations

Article 30 of the Data Act establishes the technical framework that makes switching operationally possible. It requires providers of data‑processing services to take all reasonable measures to facilitate switching, including removing commercial, technical and organisational barriers. This article works alongside Articles 25 and 26, which address the contractual terms that must govern the switching relationship.

Technical Porting Obligations

Under Article 30, providers must support data porting in a structured, commonly used and machine‑readable format. The obligation extends beyond simply making data available for download, providers must actively cooperate with the receiving provider or the customer’s own systems to ensure functional equivalence where technically feasible. The data act switching requirements under Article 30 include:

• Data export capability. The provider must offer tools or interfaces (typically APIs) that allow the customer to extract all data, including metadata, configurations and application settings, in a portable format.
• Technical cooperation. Both the originating and receiving providers must cooperate to facilitate the transition, including providing reasonable technical support during the migration window.
• Barrier removal. Providers may not impose technical obstacles, such as proprietary formats, incompatible APIs or encryption barriers, that would impede switching.
• Reasonable timeframes. The porting process must be completed within a reasonable period, which industry observers expect competent authorities to benchmark at no more than 30 calendar days for standard data sets.

Data Act Standard Contractual Clauses Required by Practice

While the Data Act does not prescribe a single template of standard contractual clauses for switching, Articles 25 and 26 require that contracts include specific minimum terms. Early indications suggest that market practice is converging on a set of “SCC‑like” clauses that Italian customers should insist on. A compliant clause set should cover the following elements:

• Scope of exportable data. Define precisely which data categories, configurations and digital assets the customer may extract.
• Export format and method. Specify the format (e.g., CSV, JSON, open API) and the technical method for export.
• Cooperation obligations. Require the provider to cooperate with the replacement provider during the transition period.
• Notice period. State the minimum notice period for switching (market practice: two months).
• Transition timeline. Set a maximum number of days from notice to completion of data export.
• Fee provisions. From 12 January 2027, include an express prohibition on switching charges; before that date, cap any permitted fees at the reduced rate required by the transitional provisions.
• Post‑switching data deletion. Require the originating provider to certify deletion of customer data within a defined period after export is complete.

Operational Obligations During Data Act Switching: Service Continuity and the Two‑Month Notice

Providers must maintain service continuity throughout the switching period. This obligation exists to prevent a gap in service that could harm the customer’s business operations. For Italian customers, the practical implication is that SLA commitments should explicitly extend through the transition window.

Minimum Service Continuity Standards

During the switching period, the originating provider is expected to maintain the service at the same performance level as during normal operations. The vendor lock‑in ban under the Data Act means providers cannot degrade service quality to discourage switching. Recommended SLA language should address:

• Uptime commitment. Maintain the contractually agreed uptime percentage throughout the transition period.
• Support availability. Continue providing technical support at the same tier during switching.
• Data integrity. Guarantee that no data is lost, corrupted or made inaccessible during the export and migration process.
• Parallel running. Where technically feasible, allow the customer to run the old and new services in parallel for a defined overlap period.

Sample Two‑Month Notice Clause

Market practice is converging on a two‑month notice period for data act switching. The Mural platform’s EU Data Act addendum provides a notable example of how providers are adopting this standard. The two‑month notice period gives both parties sufficient time to plan the technical migration without disrupting operations.

A sample clause might read:

Contract Checklist for Italian Cloud Customers: Clauses to Include Now

Italian cloud customers should treat the 2026 transition window as the deadline for contract remediation. Every new agreement, and every renewal, should include a comprehensive set of data act switching clauses. The checklist below covers the essential elements that in‑house counsel and procurement teams should negotiate into their contracts.

Sample Clause Set

• Switching right. An express, unconditional right for the customer to switch to a replacement provider or migrate data to an on‑premise environment.
• Notice period. A defined notice period of no more than two months, triggering the provider’s cooperation obligations.
• Data export format. A requirement that all customer data (including metadata, configurations and derived data) be exported in a structured, machine‑readable and non‑proprietary format.
• Technical cooperation. An obligation on the provider to cooperate with the replacement provider, including providing API access, documentation and reasonable technical support.
• Service continuity. An obligation to maintain service at the agreed SLA levels throughout the entire switching period.
• No switching fees (from 12 January 2027). A clause expressly prohibiting the provider from imposing any charge specifically attributable to the act of switching. For contracts executed before 12 January 2027, include a sunset provision that eliminates any switching fees from that date forward.
• Transition timeline. A maximum period (e.g., 30 calendar days) within which data export and technical cooperation must be completed.
• Data deletion and certification. A requirement that the originating provider delete all customer data within a specified period after completed migration and provide written certification of deletion.
• Security during transition. An obligation to maintain all security, encryption and access controls during the switching period.
• Audit rights. A right for the customer to audit the provider’s compliance with switching obligations, including technical readiness and data‑deletion certification.
• Dispute resolution. A specified mechanism for resolving switching‑related disputes, including escalation procedures, mediation and, for Italian contracts, reference to the competent Italian court or agreed arbitration seat.

Negotiation Playbook: What Vendors Will Resist

Industry observers expect cloud providers to push back on several data act switching requirements during contract negotiations. Awareness of these pressure points helps Italian customers prepare effective counter‑arguments:

• Broad data export scope. Vendors may argue that derived data, analytics outputs or custom configurations fall outside the scope of exportable data. Counter: the Data Act requires porting of all data generated by or related to the customer’s use of the service.
• Extended timelines. Vendors may seek longer transition periods (90+ days) to reduce their operational burden. Counter: insist on a maximum of 30 days for standard data sets, with defined extensions only for demonstrably complex migrations.
• Cost allocation for cooperation. Vendors may attempt to charge for the technical cooperation that Article 30 requires them to provide. Counter: cooperation is a statutory obligation, any fee for cooperation risks being classified as a disguised switching charge after 12 January 2027.
• Limiting API access. Vendors may offer read‑only or rate‑limited APIs that make bulk export impractical. Counter: require full API access at sufficient throughput to complete the export within the agreed timeline.

A “what to avoid” checklist is equally important:

• Do not accept clauses that condition switching on payment of outstanding invoices beyond the standard payment terms.
• Do not agree to proprietary data formats as the sole export option.
• Do not permit the provider to retain copies of customer data after the post‑switching deletion deadline.
• Do not accept service degradation clauses that reduce SLA commitments during the notice period.

Compliance Risks and Liability Allocation in Italy

Non‑compliance with the Data Act’s switching provisions creates both regulatory and commercial risk for providers and customers operating in Italy. Proper liability allocation in the contract is essential to manage these risks.

Public Procurement Considerations

Italian contracting authorities face particular obligations when procuring cloud and data‑processing services. Data Act switching requirements intersect with the Italian Public Contracts Code (Codice dei Contratti Pubblici), which governs procurement procedures for public administrations. Early indications suggest that public procurement templates will need to be updated to include mandatory switching clauses, ensuring that no single vendor can lock in a public administration through contractual or technical barriers. Contracting authorities should ensure their technical specifications and award criteria expressly evaluate a bidder’s compliance with Articles 25, 26 and 30 of the Data Act.

Competition and Unfair Terms Risk

Cloud switching provisions also interact with Italian competition and consumer protection law. The Italian Competition Authority (AGCM) has historically scrutinised clauses that restrict customers’ freedom to change suppliers. Contract terms that impose hidden switching costs, use proprietary lock‑in mechanisms or otherwise obstruct the customer’s statutory switching rights may be challenged as unfair commercial practices. Recommended contract language for liability allocation should include:

• Indemnification. The provider indemnifies the customer for losses arising from the provider’s failure to comply with its Data Act switching obligations.
• Liability caps. While general liability caps may apply, exclude from those caps any liability arising from the provider’s wilful non‑compliance with switching obligations.
• Remedies. Include a right to specific performance (requiring the provider to complete the data export) in addition to monetary damages.

Implementation Roadmap for 2026: Practical Steps for Legal and Procurement Teams

The following eight‑week project checklist provides a structured approach for Italian legal and procurement teams to achieve data act switching compliance before the 12 January 2027 fee prohibition takes effect.

Project Checklist: Weeks 1–8

Case Studies and Market Examples

Real‑world adoption of data act switching clauses is already underway. The following examples illustrate how the market is responding.

Example 1, Vendor Adds a Two‑Month Clause

Mural, the visual collaboration platform, published an EU Data Act addendum to its terms of service that expressly incorporates a two‑month notice period for switching. The addendum requires Mural to cooperate with the customer’s migration, provide data in a portable format and maintain service levels during the notice period. This approach aligns with the statutory requirements and represents emerging best practice for SaaS providers operating in the EU market.

Example 2, Vendor Resists Porting Tools

In an anonymised negotiation scenario involving an Italian enterprise and a major IaaS provider, the vendor initially offered only a proprietary binary export format and a 120‑day transition timeline. Following legal review, the customer’s counsel invoked Article 30’s technical cooperation obligations and the forthcoming switching charges ban in 2027 to negotiate the clause down to a 30‑day export window in JSON format with full API access. The outcome demonstrates that informed negotiation, grounded in the Data Act’s specific provisions, can overcome initial vendor resistance.

Conclusion: Three Steps to Data Act Switching Compliance in Italy

The data act switching regime has fundamentally changed the contractual landscape for cloud services in Italy. With the switching charges ban taking effect on 12 January 2027, the window for proactive contract remediation is closing. Italian businesses, whether private enterprises or public administrations, should act on three immediate priorities:

1. Audit and remediate. Review every cloud and SaaS contract against the clause checklist above. Identify gaps and prioritise vendor negotiations for agreements that lack switching, porting and cooperation provisions.
2. Standardise and deploy. Adopt a bilingual switching‑clause addendum as the standard for all new and renewed contracts. Ensure the addendum covers notice periods, data export formats, service continuity, fee prohibitions and post‑migration deletion requirements.
3. Test and document. Run data‑export tests with critical vendors, validate that porting tools produce usable output and maintain a compliance file for audit purposes.

Data act switching compliance is not merely a legal exercise, it is an operational imperative that protects business continuity, preserves competitive flexibility and ensures alignment with the EU’s framework for open, interoperable data‑processing services. Italian organisations that act now will be well positioned when the final switching‑charge prohibition takes effect in January 2027.

Sources

1. European Commission, Data Act policy page
2. Latham & Watkins, EU Data Act switching requirements
3. DLA Piper, Understanding switching rights under the Data Act
4. McCann FitzGerald, EU Data Act switching cloud provider
5. Pinsent Masons, Switching and porting rules under the EU Data Act
6. Mural, EU Data Act addendum
7. eu-data-act.com, Article 25 explained