The rapidly evolving field of mobility data spaces, integral to the technological landscape, presents unique challenges and opportunities in the context of legal compliance. The EU Horizon MobiSpaces project serves as a prime example of how these challenges are navigated within operational and research environments. This article aims to explore the nuanced legal frameworks that govern mobility data space projects, focusing particularly on data protection, data security, and the implications of artificial intelligence (AI). The primary objective is to delineate the requirements that are shaping the development and utilisation of tools within projects like MobiSpaces. By doing so, it endeavors to ensure that these tools are not only technologically advanced but also aligned with ongoing legal reforms. This alignment is critical for fostering innovation that is responsible, compliant, and attuned to the societal values and norms within the EU. Through an in-depth analysis of MobiSpaces, this article aims to offer valuable insights and guidelines that could be instrumental for similar projects related to data mobility. Moreover, this article showcases how MobiSpaces has incorporated these legal mandates into its architectural design, adhering to the principles of data protection and data security by design. This approach not only ensures regulatory compliance but also embeds a culture of responsibility and societal value within the technological outputs.