European data spaces as structural advantage in the global agentic commerce race

Agentic commerce (the deployment of autonomous software agents to perform end-to-end commercial workflows including product discovery, negotiation, payment initiation, and post-transaction settlement) represents a qualitatively distinct phase in the application of artificial intelligence to economic activity. Where earlier AI deployments acted as decision-support tools subordinate to human operators, agentic systems act as principals in their own right, consuming data, invoking services, and committing resources without per-transaction human authorisation. The data architectures underpinning these systems therefore become a determinant of competitive position, not merely an operational detail.

The global landscape for agentic commerce data infrastructure is currently defined by three distinct structural models. US hyperscalers, namely Amazon Web Services, Microsoft Azure, and Google Cloud, offer vertically-integrated stacks in which data storage, model inference, identity management, and payment processing are co-located within a single platform boundary, with access governed by proprietary API contracts. Chinese platform ecosystems, led by Alibaba Cloud and Baidu's AI Cloud, operate under a structurally similar integration model, with the additional characteristic that regulatory instruments in the People's Republic of China allow state actors to mandate data sharing arrangements at the platform level. European data infrastructure, by contrast, has evolved along a federated, interoperability-first path, instantiated most concretely in the Gaia-X initiative and the connector architecture specified by the International Data Spaces Association (IDSA).

The normative and commercial argument advanced most frequently by European policymakers and industry consortia is that this federated architecture constitutes a structural advantage: that consent-governed, sovereignty-preserving data access enables European agentic systems to operate across sectoral and national boundaries in ways that vertically-integrated stacks, constrained by their own data-lock-in economics, cannot readily replicate. This paper subjects that argument to systematic scrutiny.

This paper makes three contributions. It characterises the specific properties of the Gaia-X and IDSA connector model that are structurally relevant to agentic commerce requirements (specifically data access latency, consent-chain traceability, cross-sector interoperability, and identity portability) and distinguishes these from the governance properties that are relevant primarily to regulatory compliance rather than runtime performance. It identifies two jointly necessary conditions that must hold simultaneously for the claimed advantage to be operative, drawing on the literature on digital sovereignty [1][2], data governance models [3], federated learning [4], and data space design [5]. It specifies the evidentiary gaps that prevent the advantage from being asserted unconditionally at present, and identifies the measurements and regulatory milestones that would resolve those gaps.

The paper proceeds as follows. Section 2 (Motivation) establishes the economic and regulatory stakes that make the question urgent. Section 3 (Related Work) positions this analysis against prior scholarship on digital sovereignty, data governance architectures, and federated learning. Section 4 (Methodology) describes the analytical framework and the decision rules applied. Section 5 (Results) presents the findings structured around the two necessary conditions and the mechanisms linking them to agentic commerce performance. Section 6 (Discussion) interprets those findings against the prior literature and identifies the mechanisms through which the advantage can consolidate or collapse. Section 7 (Conclusion) synthesises the contribution and states the posture required of practitioners and regulators.

Throughout, the paper maintains a strict separation between what the evidence from Gaia-X and IDSA deployments currently supports and what remains aspirational in the European data space discourse. That separation is itself a contribution: the literature reviewed in Section 3 reveals a recurrent pattern in which architectural ambition is presented as demonstrated capability, a conflation that misleads both investment decisions and regulatory timetables.

The urgency of the question addressed in this paper derives from a convergence of three independent pressures, each of which individually would justify attention, and which in combination define a narrow window within which architectural choices become path-dependent.

The first pressure is regulatory momentum. The EU AI Act entered into force on 1 August 2024. Its prohibited-practice provisions became applicable in February 2025, its obligations on general-purpose AI models apply from August 2025, and its high-risk system requirements (the provisions most directly relevant to agentic commerce deployments) phase in through 2026 and 2027. The EU Data Act entered application in September 2025, establishing positive obligations on data holders to share data with users and third parties under fair, reasonable, and non-discriminatory terms. The European Health Data Space regulation extends these obligations into one of the highest-value domains for agentic commerce workflows. Taken together, these instruments impose enforceable obligations on data holders regarding provenance, consent, and access control. Federated data space architectures designed around IDSA connector specifications were built with precisely these obligations in mind [5]. Vertically-integrated stacks were not.

The second pressure is the pace of agentic standardisation in the US and Chinese markets. Major US platform operators have moved rapidly to establish agentic API frameworks, payment delegation protocols, and authentication standards that, if adopted as defaults by global merchants and service providers, will define the interoperability baseline for agentic commerce globally. Once a critical mass of counterparties has integrated with a given API standard, the switching costs for agentic commerce system operators become significant. The network externalities of the dominant standard create coordination barriers that technical merit alone cannot dissolve. The window in which European federated standards can establish themselves as a credible alternative rather than a niche compliance layer is therefore time-bounded.

The third pressure is the economic value at stake. Agentic commerce is not confined to consumer retail. Industrial procurement, logistics coordination, financial settlement, and healthcare resource allocation are all domains in which autonomous agent workflows are being piloted or deployed. In each of these domains, the data required for competent agent decision-making crosses organisational and sectoral boundaries. This is precisely the problem that data spaces are architecturally designed to address: enabling data access across trust boundaries without requiring centralisation [5]. The economic scale of the workflows at stake means that architectural choices made at the infrastructure level will determine value capture patterns for years. If European agentic systems must route through US or Chinese platform APIs to access data required for cross-sector reasoning, the economic surplus from that data access flows to the platform operator, not to the European data provider or the European agent developer.

The actors most directly affected are European industrial data providers, namely manufacturing firms, logistics operators, healthcare institutions, and financial intermediaries, who hold high-value operational data and have regulatory obligations to preserve sovereignty over it. They are affected also as potential beneficiaries: if the federated model delivers on its governance-coherence promise, these actors gain programmatic access to counterparty data under terms they have set, enabling agentic commerce workflows that vertically-integrated stacks structurally cannot support without requiring data centralisation. The question is whether the architecture delivers this benefit at runtime performance levels that make it economically viable.

The literature relevant to this paper spans four domains: the conceptual and political analysis of digital sovereignty, the taxonomy of alternative data governance models, the technical literature on federated learning, and the architectural documentation of data space design. Each domain informs a distinct dimension of the argument.

Digital sovereignty as concept and policy instrument. Floridi [1] provides one of the most cited philosophical treatments of digital sovereignty, distinguishing it from earlier notions of territorial sovereignty and grounding it in the capacity of an entity to control the conditions under which its information is accessed, processed, and used. Floridi's framework is normative: it identifies what sovereignty over data ought to mean for democratic societies and why the EU's position (as a large economic actor without dominant providers in the consumer-layer platform segment) makes the question structurally different for Europe than for the United States or China. This paper builds on that normative grounding but moves beyond it: where Floridi argues for the importance of digital sovereignty as a value, this paper asks whether the specific architectural implementation of that value in Gaia-X and IDSA creates measurable operational advantages for agentic systems. The transition from normative claim to system-level performance claim is not made by Floridi and is the core analytical move this paper attempts.

Pohle and Thiel [2] offer a more critical reading, arguing that digital sovereignty operates primarily as a discursive and political practice, mobilised by a range of actors with divergent interests, rather than as a settled legal or organisational instrument. Their analysis documents how the term has been appropriated across contexts from authoritarian state control to civil society data empowerment, and cautions against treating any single deployment of the concept as its canonical form. This paper accepts that caution as a methodological discipline: the claim examined here concerns the specific architectural choices made in Gaia-X and IDSA, justified by a particular interpretation of digital sovereignty [1], and whether those choices have properties that may advantage agentic systems in specific competitive contexts. The discursive contestation documented by Pohle and Thiel [2] is treated as a governance risk rather than a reason to dismiss the architectural claims.

Data governance models. Micheli et al. [3] provide the most systematic taxonomy of emerging data governance models in the literature, identifying four archetypes: data pools, data cooperatives, data trusts, and personal data sovereignty models. Their analysis establishes that each model encodes a different allocation of control rights between data providers, data users, and intermediary institutions, and that these allocations have material consequences for the kinds of data flows each model can sustain. This paper is structurally similar to Micheli et al. in its focus on governance architecture rather than data content, but differs in two respects. First, Micheli et al. analyse governance models in the context of general-purpose data use, while this paper focuses on agentic commerce as a specific runtime context with distinctive latency, throughput, and consent-chain requirements. Second, Micheli et al. do not engage with the IDSA connector model as a concrete instantiation of their taxonomy, whereas this paper treats the connector as the unit of analysis.

Federated learning. Yurdem et al. [4] provide a comprehensive review article synthesising federated learning strategies, applications, and tooling, covering horizontal and vertical federation schemes, differential privacy mechanisms, and the open challenges of communication efficiency and model aggregation under heterogeneous data distributions. As a review, its authority on overhead magnitudes is secondary: it surveys and organises findings from empirical benchmark studies rather than generating original measurements. That caveat noted, the review establishes the technical foundations that underpin the claim that federated architectures can support AI model development without requiring data centralisation. This paper draws on that foundation to characterise the learning-layer properties of federated data spaces, but identifies a gap that Yurdem et al. do not address: the surveyed benchmark studies address tasks such as image classification and next-word prediction, and do not report results on agentic commerce-specific workloads such as dynamic pricing, real-time demand sensing, or autonomous negotiation. That gap is treated in this paper as one of the two principal evidentiary deficits.

Data space architecture. Otto, ten Hompel, and Wrobel [5] provide the most comprehensive technical and governance documentation of the data space concept, covering the IDSA connector specification, the Gaia-X trust framework, the role of identity providers, and the interplay between sovereignty-preserving data sharing and commercial data ecosystems. Their work is the primary technical reference for this paper's characterisation of the federated architecture. This paper extends their analysis by asking what specific properties of the connector model are relevant to agentic commerce requirements and which properties are governance-layer features that do not translate into runtime performance advantages.

This paper employs a structured qualitative analysis organised around a conditional hypothesis. The hypothesis specifies two jointly necessary conditions for the claimed structural advantage to be operative. Each condition is examined through two findings in the Results section: the regulatory condition (Condition 1) is addressed through the governance-coherence properties of the IDSA connector architecture (Finding 1) and the current state of regulatory enforceability (Finding 3); the technical performance condition (Condition 2) is addressed through the runtime performance evidence base (Finding 2) and the active agentic standardisation race (Finding 4). The analytical task across all four findings is to assess the current state of evidence for each condition, characterise the mechanisms through which each condition is satisfied or fails, and identify the specific measurements that would resolve the remaining uncertainty. This is a mechanism-tracing analysis rather than a causal inference study; it synthesises the existing evidence base to determine whether the structural claims in the European data space discourse are supported, unsupported, or indeterminate given current evidence, without generating new empirical data.

Corpus construction. The analytical corpus was constructed from five sources spanning academic scholarship, technical documentation, and architectural design literature. Sources were selected on three criteria: (1) direct relevance to at least one of the four domains identified in the related work (sovereignty discourse, data governance models, federated learning, data space architecture); (2) sufficient methodological transparency to assess the scope and limits of their findings; (3) publication between 2020 and 2024, reflecting the period in which both the Gaia-X initiative and the EU regulatory instruments under analysis reached operational maturity. No sources were excluded on the basis of their conclusions.

Condition mapping. Each of the two necessary conditions was decomposed into constituent sub-claims, each sub-claim was mapped to the corpus sources that bear on it, and an evidential status was assigned: supported (evidence directly addresses the claim and is consistent with it), unsupported (evidence directly addresses the claim and is inconsistent with it), or indeterminate (evidence does not directly address the claim, or is insufficient to resolve it). This mapping procedure is reproducible: a second analyst working from the same corpus and the same condition decompositions should reach the same evidential status assignments, subject to the interpretive disagreements inherent in any qualitative synthesis.

Decision rules for structural advantage assessment. An architectural feature was classified as a structural advantage for agentic commerce if and only if it satisfied two criteria simultaneously: (a) the feature is operative at runtime, meaning it affects the execution of agent tasks, not only the governance record of those tasks; and (b) the feature is differential, meaning it is present in the federated architecture and absent or structurally more costly to replicate in vertically-integrated stacks. Features that satisfy only criterion (a) were classified as necessary conditions for competitive parity rather than advantages. Features that satisfy only criterion (b) were classified as governance-layer properties with indeterminate commercial significance.

Scope boundaries. The analysis addresses agentic commerce in the specific sense of autonomous software agents performing commercial workflows across organisational boundaries with data access requirements that cross sectoral and jurisdictional lines. It does not address single-enterprise agentic deployments, consumer-facing AI assistants operating within a single platform's data perimeter, or the broader question of AI competitive advantage between economic blocs. The Gaia-X and IDSA deployments referenced are treated as architectural instantiations of the federated model; individual deployment performance figures, where not publicly reported in the corpus, are not imputed.

Assumptions. The analysis assumes that regulatory instruments currently in force or in advanced application stages (AI Act, Data Act, EHDS) will reach full application on their stated timelines. It assumes that the IDSA connector specification as documented in [5] remains the operative technical standard for European data spaces during the analysis window. It does not assume that Gaia-X and IDSA deployments have achieved the adoption scale required to generate network externalities comparable to those of US or Chinese platforms; that assumption would beg the central question.

The analysis produces findings structured around four dimensions, organised under the two jointly necessary conditions introduced in the methodology. Condition 1 (regulatory) is examined through Findings 1 and 3; Condition 2 (technical performance) is examined through Findings 2 and 4.

Finding 1: Governance-coherence properties are structurally present and differentially distributed.

The IDSA connector architecture, as documented in [5], encodes four governance properties that are directly relevant to agentic commerce: (a) policy-based access control at the data transfer level, enabling an agent to receive data only under terms that match its declared usage context; (b) cryptographically verifiable data provenance, allowing post-transaction audit without requiring centralised logging; (c) cross-organisational identity management through a federated identity layer, enabling agent credentials to be recognised across participating organisations without requiring a single identity provider; and (d) consent-chain traceability, enabling the full sequence of data access authorisations to be reconstructed for regulatory purposes.

None of these properties is inherently incompatible with vertically-integrated stacks. However, replicating all four within a vertically-integrated architecture requires the platform operator to implement them as optional features made available to tenants, which introduces a principal-agent problem: the platform operator's commercial interest in retaining data within its own perimeter is in direct tension with the requirement that data access be governed by terms set by the data provider rather than the platform. This tension is structural, not incidental. The four governance properties identified in [5] are constitutive of the IDSA architecture; they are add-on features in the vertically-integrated model.

The analysis in [3] supports this finding. Micheli et al.'s taxonomy identifies that data pool and platform models (the structural category that US and Chinese vertically-integrated stacks occupy) allocate control rights to the platform operator, while trust and cooperative models allocate them to data providers or collectives. The agentic commerce context amplifies this distinction because agents acting autonomously require data access terms that are legally and technically attributable to the data provider, not to a platform intermediary.

Finding 2: Runtime performance evidence is indeterminate.

The federated learning literature surveyed in [4] establishes that federation introduces communication overhead relative to centralised training. The benchmark studies synthesised by Yurdem et al. document that the magnitude of this overhead varies with federation strategy (horizontal versus vertical), data heterogeneity, and communication protocol efficiency, and that recent advances in gradient compression and asynchronous aggregation have reduced overhead significantly in benchmark tasks. However, no published benchmark in the corpus, and no benchmark identified in the corpus's own cited literature, addresses the specific workloads characteristic of agentic commerce: sub-second inference for dynamic pricing decisions, multi-party negotiation protocols requiring synchronised data access across connector boundaries, or high-frequency event-driven triggers for autonomous payment initiation.

The absence of this evidence is not merely a gap in the literature; it is an evidentiary gap in the structural advantage claim itself. The claim that federated architectures are competitively viable for agentic commerce cannot be assessed without latency and throughput measurements on these specific workload types. The current state of the evidence supports the claim that federated architectures can sustain learning workloads with acceptable overhead under certain conditions, but does not extend that support to real-time agentic inference across connector boundaries.

Finding 3: Regulatory enforceability is advancing but the timeline is contested.

The EU Data Act and AI Act create positive obligations and transparency requirements that, when fully applied, will make governance-layer compliance more costly for vertically-integrated stacks that were not designed with those obligations in mind. Floridi's analysis [1] establishes the normative foundations for why such obligations are directed particularly at large platform operators. However, the conversion of voluntary Gaia-X participation into programmatically enforceable data access rights — the specific condition required for agentic systems to rely on federated data access at runtime — requires secondary implementing acts and sector-specific regulatory instruments (notably EHDS) that are not yet fully operative. The AI Act's high-risk provisions, which bear most directly on agentic commerce deployments, do not phase in fully until 2026 and 2027, meaning the regulatory floor for agentic system governance is still rising rather than established.

Pohle and Thiel [2] provide analytical grounds for caution here: the political-discursive contestation of digital sovereignty means that the regulatory instruments advancing enforceability are themselves subject to lobbying, reinterpretation, and implementation delays across member states. The enforceability condition is therefore in progress rather than satisfied.

Finding 4: The standardisation race is active and the outcome is not predetermined.

Vertically-integrated US platforms are actively deploying agentic API frameworks, payment delegation schemes, and authentication standards. The network externalities of early adoption are real: once a critical mass of merchants, financial service providers, and logistics operators has integrated with a given API standard, the coordination cost of switching to a federated alternative increases. This mechanism is structurally equivalent to the lock-in dynamics documented in platform economics literature. The federated data space model has a counter-mechanism: the EU Data Act's fair, reasonable, and non-discriminatory access obligations create a floor below which platform operators cannot restrict interoperability. Whether that floor is high enough to neutralise network externality lock-in is an open empirical question that the current corpus does not resolve.

The domain in which these two forces meet is not uniform. In heavily regulated sectors (financial services, healthcare, industrial logistics), the governance-coherence properties identified in Finding 1 provide agentic system operators with a concrete incentive to adopt the federated model independent of its network externality position, because demonstrating authorised data access at the transaction level is a legal requirement. In less regulated commercial domains, where governance-coherence compliance is not a primary selection criterion, the standardisation advantage of US platforms has greater force and may determine market structure before European regulatory instruments reach full application. This domain segmentation is introduced here as an empirical observation from the structural properties of the two competing models; its implications for strategy and regulatory prioritisation are elaborated in the Discussion.

The results establish a picture that is more differentiated than either the position common in European policy discourse (which tends to assert the federated architecture's advantages without specifying the conditions under which they hold) or the position common in platform-centric technology commentary (which tends to dismiss federated models as too slow and too complex to compete at commercial scale). The federated data space model has genuine structural properties that are directly relevant to the governance requirements of agentic commerce. It also carries unresolved runtime performance risk and is exposed to a standardisation race in which the sequencing of regulatory enforceability and de facto API adoption matters more than the normative quality of either architecture.

The governance-coherence advantage is real and underappreciated in the technical literature.

The finding that governance-coherence properties are structurally present and differentially distributed is more significant than the technical literature has acknowledged. The federated learning literature [4] frames the comparison between federated and centralised architectures primarily in terms of model performance and privacy guarantees. The data governance literature [3] frames it in terms of control right allocation. Neither framing captures the specific relevance of governance coherence to agentic commerce, which is this: an autonomous agent acting as a commercial principal must be able to demonstrate, at the time of acting and in retrospect, that its data access was authorised under terms set by the data provider. In a vertically-integrated stack, this demonstration requires the platform operator's cooperation and is therefore contingent on the platform's contractual and regulatory obligations. In the IDSA connector model, the demonstration is encoded in the transaction record itself [5]. This difference is operationally significant in regulated industries (financial services, healthcare, logistics), precisely those industries where agentic commerce workflows are most valuable.

The Micheli et al. taxonomy [3] reveals a related mechanism. The four governance models they identify differ in control right allocation and in the degree to which the governance terms are portable across organisational boundaries. Data pool and platform models embed governance terms in the platform's terms of service, which are not portable. Trust and cooperative models embed them in the data transfer itself. For agentic systems operating across organisations and sectors, portability of governance terms is a functional requirement rather than a normative preference. The IDSA connector architecture satisfies this requirement by design; vertically-integrated stacks satisfy it only insofar as the platform operator chooses to expose governance metadata through its API, and only within the boundary of that platform's ecosystem.

The runtime performance gap is the most consequential unresolved question.

The federated learning evidence surveyed in [4] establishes that federation imposes communication and aggregation overhead. For training workloads distributed across many data holders, this overhead is manageable with current techniques. The specific concern for agentic commerce is inference latency and data access latency across connector boundaries. An agentic system performing dynamic pricing must access current inventory, demand, and competitor pricing data within a time window that may be measured in tens or hundreds of milliseconds. A multi-party negotiation agent must synchronise state across counterparties in near real-time. The connector-level policy enforcement and provenance recording that constitute the governance advantage introduce latency at each data access event. The magnitude of this latency, and whether it falls within commercially viable thresholds for the highest-frequency agentic commerce workloads, is not established by the current evidence base.

This is not a reason to conclude that federated architectures are unviable for agentic commerce. It is a reason to require that the claim of structural advantage be supported by latency and throughput benchmarks before it is treated as established. The Gaia-X and IDSA architecture documentation in [5] provides the specification from which such benchmarks could be derived, but the benchmarks themselves have not been published in the corpus reviewed. Practitioners considering investment in federated data space infrastructure should treat the performance question as open rather than resolved.

The discursive contestation of digital sovereignty creates a governance risk that is distinct from technical risk.

Pohle and Thiel [2] document that digital sovereignty is mobilised by actors with divergent interests, and that the concept can be reinterpreted to serve centralising as well as decentralising agendas. This is directly relevant to the regulatory enforceability condition. The EU AI Act, Data Act, and EHDS are designed within a particular interpretation of digital sovereignty, one that Floridi [1] would characterise as autonomy-preserving, and their implementation through national regulatory bodies, sector-specific authorities, and platform compliance programmes introduces opportunities for reinterpretation that can dilute their operational force. The enforceability condition is therefore not simply a matter of regulatory text reaching application date; it requires sustained institutional commitment to the autonomy-preserving interpretation at the implementation level.

This observation reframes one strand of the existing literature. The scholarship on digital sovereignty has largely treated the concept's contestedness as a reason for philosophical caution [2] or a reason for EU-level normative commitment [1]. This paper identifies a third consequence: discursive contestation is a vector through which the regulatory enforceability condition can be satisfied formally while remaining unsatisfied operationally, creating a gap between legal compliance and the runtime data access rights that agentic systems require.

The standardisation race has an asymmetric structure that the European position partially addresses, with domain-specific variation in outcome probability.

Vertically-integrated stacks benefit from network externalities: the value of a standard increases with adoption, creating incentives for early movers to establish their APIs as defaults. The European data space model does not currently have comparable network externality dynamics because the connector model is designed for interoperability across many participants rather than lock-in to a single platform. This is a structural difference: the European model trades network externality accumulation for governance portability. Whether that trade is commercially viable depends on whether governance portability generates sufficient incremental value for agentic system operators to accept the integration costs of the connector model.

As introduced in Finding 4, the answer to that question differs systematically by regulatory density. In financial services, healthcare, and industrial logistics, the legal requirement to demonstrate authorised data access at the transaction level provides agentic commerce system operators with a direct incentive to adopt the federated model that is independent of its network externality position. The governance-coherence properties of the connector architecture resolve a compliance obligation that vertically-integrated stacks require additional engineering to satisfy. In less regulated commercial domains, such as consumer marketplace transactions or advertising-adjacent data flows, governance-coherence compliance is not a primary selection criterion for most operators. In those domains, the standardisation advantage of US platforms carries greater weight: each additional merchant, logistics provider, or financial institution that integrates with a US platform's agentic API standard raises the coordination cost of adopting a federated alternative, and the EU Data Act's interoperability floor, while operative, does not by itself generate positive adoption incentives. The implication for regulatory strategy is that the EU's instruments are better calibrated to defending the federated model in regulated-industry contexts than in expanding it into less regulated commercial domains where network externality dynamics predominate.

This paper has examined whether federated, consent-governed data architectures (as instantiated in Gaia-X and the IDSA connector specification) constitute a structural advantage for European agentic commerce systems competing against vertically-integrated US and Chinese platform stacks. The analysis produces a conditional conclusion grounded in four findings organised under two jointly necessary conditions.

The governance-coherence properties of the IDSA connector architecture are structurally present, differentially distributed relative to vertically-integrated stacks, and directly relevant to the operational requirements of autonomous agents acting as commercial principals in regulated industries. These properties, namely policy-based access control at transfer time, cryptographic provenance, federated identity portability, and consent-chain traceability, are constitutive of the federated model and additive-optional in the vertically-integrated model. This distinction has commercial force in financial services, healthcare, and logistics, where the ability to demonstrate authorised data access at the transaction level is a legal requirement rather than a design preference. The mechanism through which this distinction generates a competitive advantage is not reputational or normative: it is that an agentic system built on the IDSA connector model satisfies the attribution requirement for authorised data access by construction, whereas an agentic system built on a vertically-integrated stack satisfies it only through additional platform-specific contractual and technical arrangements that are subject to the platform operator's commercial incentives.

The runtime performance claim (that federated data access across connector boundaries meets the latency and throughput requirements of real-time agentic inference and autonomous negotiation) is not supported by the current evidence base. The communication overhead documented in the federated learning literature [4] is manageable for training workloads distributed across many data holders; whether connector-level policy enforcement introduces latency that exceeds commercially viable thresholds for sub-second pricing decisions, synchronised multi-party negotiation, or high-frequency payment event triggers is an open empirical question. Investment decisions and regulatory timetables that presuppose a resolved performance claim rest on an unsupported assumption. The specification documented in [5] provides the technical basis from which benchmark protocols could be derived; commissioning and publishing those benchmarks is the most direct action available to resolve this uncertainty.

The regulatory enforceability condition is advancing on a defined but extended timeline. The AI Act's prohibited-practice provisions and its general-purpose AI model obligations are in application, but the high-risk system requirements directly relevant to agentic commerce deployments do not phase in fully until 2026 and 2027. The Data Act's fair, reasonable, and non-discriminatory access obligations create a programmatic floor for interoperability, but the conversion of that floor into reliably accessible data access rights at the connector level requires secondary implementing acts and sector-specific instruments that are not yet complete. The discursive contestation of digital sovereignty [2] compounds this risk: implementation through national regulatory bodies and platform compliance programmes introduces interpretive latitude that can widen the gap between the formal text of an obligation and the runtime data access behaviour it is intended to produce.

The standardisation race is active and its outcome varies by domain. In regulated sectors, the governance-coherence properties of the federated model generate direct adoption incentives for agentic commerce system operators because they resolve a compliance obligation that vertically-integrated stacks must address through supplementary engineering. In less regulated commercial domains, the network externality dynamics of US platform API adoption are the dominant structural force, and the EU Data Act's interoperability floor provides a constraint on lock-in rather than a positive incentive for federated adoption.

The posture required of practitioners is one of domain-differentiated deployment: committing federated data space infrastructure to regulated-industry agentic commerce contexts where governance-coherence properties already deliver measurable compliance value, while conditioning investment in latency-sensitive commercial domains on the publication of connector-architecture benchmarks against the specific workload profiles of agentic commerce (sub-second pricing inference, synchronised multi-party negotiation, high-frequency payment event processing). Regulators must accelerate two parallel tracks: the secondary implementing acts that convert Data Act obligations into programmatically reliable data access rights at the connector interface, and the independent benchmarking programmes that establish whether the IDSA connector specification sustains those rights at the throughput and latency levels that agentic commerce workflows require. The structural advantage identified in this paper is present and materially significant at the governance layer. Extending that advantage to the runtime layer requires resolving the performance evidence deficit before the standardisation race in less regulated domains reaches an irreversible network externality threshold.