Navigating the Maze of Overlapping Roles and Emerging Authorities in the “New” EU Data (Protection) Framework

Abraham Lincoln stated, ”Laws without enforcement are merely suggestions.” This quote rings true in the current EU regulatory landscape, where safeguarding data is paramount. The efficacy of new and established tools for data protection is a topic of frequent discussion. While the GDPR has emphasised the critical components of effective enforcement, its practical impact remains to be seen especially in correlation with the “new” AI Act. This panel explores the implications of a system in which roles can easily overlap when establishing new authorities. The potential for confusion and ambiguity arises when roles overlap. Although Member States may choose to rely on existing authorities, such as Data Protection Authorities (DPAs), some may prefer to create new authorities, resulting in differences among Member States. As such, how best to implement and enforce data protection regulations remains a complex and multifaceted issue.

• What are the critical components of effectively guaranteeing a coexistence in enforcing data protection and the AI Act in the “new” EU digital landscape?
• How does the AI Act impact the GDPR enforcement and, consequently, the data subjects?
• What are the potential implications of a system where roles can easily overlap when establishing new authorities?
• How can Member States ensure consistency in implementing and enforcing data protection regulations while allowing for some flexibility in creating new authorities (in)directly linked to data protection?