A data intermediary (also referred to as a data intermediation service) is a neutral entity that enables the trusted exchange of data between data holders and data users, without economically exploiting the data itself or using it for its own substantive purposes.
The objective of a data intermediary is to establish transparency, control, and legal certainty in data sharing—particularly in complex multi-party scenarios and cross–data space environments.
Key characteristics of a data intermediary
- Neutrality: The data intermediary does not use the mediated data for its own purposes and does not act as a data buyer or seller.
- Purpose-bound data sharing: Data is shared exclusively on the basis of clearly defined purposes and conditions agreed between the data holder and the data user.
- Contractual safeguards: The data intermediary provides standardized data agreements (Data Agreements) that regulate, among other things, purpose, processing, retention period, responsibilities, and obligations.
- Transparency and traceability: Data flows, access events, and intermediation activities are documented and can be reviewed by authorized parties.
- Technical and organizational security: The service implements appropriate technical and organizational measures to protect data against unauthorized access, misuse, and manipulation.
Legal framework
Data intermediaries are regulated under the EU Data Governance Act (DGA). The DGA establishes a harmonized European legal framework for data intermediation services and defines, among other aspects:
- Requirements for neutrality and independence
- Transparency obligations towards users
- Rules on the separation of intermediation services from other business activities
- Obligations to comply with data protection and security standards
Distinction from other actors
A data intermediary is not:
- a data marketplace that trades data on its own account,
- a cloud or storage provider that makes independent use of data, or
- an analytics or AI service that evaluates or exploits data content.
Instead, it acts as a trusted intermediation and governance layer, enabling legally compliant data sharing between independent parties.
Benefits for data holders and data users
- Data holders retain control over their data and its use
- Data users gain legally secure and transparent access to data
- Both parties benefit from standardized processes, reduced complexity, and increased trustworthiness