Brussels, 23 March - On 17 March 2026, the EDPB conference “Cross-regulatory interplay and cooperation in the EU: a data protection perspective” took place in Brussels. The event showcased high-level discussions, featuring contributions from representatives of key EU institutions, European Data Protection Authorities, academia and industry.
Key takeaways from the panel discussions
Throughout the day, three panels were held, focusing on 1) data protection and competition, 2) the Digital Markets Act (DMA) and the GDPR, and 3) the Digital Services Act (DSA) and the GDPR.
During the first panel, speakers emphasised the critical need for cooperation between regulatory bodies in the fields of data protection and competition and shared views on what regulators in the two fields can learn from each other, especially in the aftermath of the Bundeskartellamt ruling. A speaker emphasized that regulators should align their approaches and recognize synergies between the two fields, such as protecting consumers and data subjects. Others pointed out that fixing harm to end users does not always solve competition issues, and that data protection should be considered in competition analysis only when relevant, on a case-by-case basis. Panellists also highlighted the need to cooperate not just on individual cases, but on broader concepts and legal principles. In this context, the EDPB has recently agreed to develop joint guidelines with the European Commission to address the interplay between competition law and data protection.
The discussions in the second panel centred on the joint guidelines on the DMA and the GDPR, which were developed by the European Commission and the EDPB and recently underwent public consultation. The joint guidelines are an unprecedented work and a good example of regulatory cooperation paving the way for further examples ahead, in line with the EDPB Strategy 2024-2027 and Helsinki Statement’s objectives to strengthen cross-regulatory cooperation. A crucial goal of the guidelines is the development of a coherent and compatible interpretation of the DMA and the GDPR while respecting the regulatory competences. It was emphasised that these guidelines help break silos, strengthen consistency, and provide further clarity and legal certainty. All of this contributes to easier compliance, which is valued by stakeholders and increases trust. At the same time, certain speakers suggested improvements to the final version of the guidelines, bearing in mind the DMA should not be given primacy over the GDPR and that the measures companies have to comply with should be proportionate. Other examples of cooperation in this domain were also mentioned, such as the participation in the High Level Group for the Digital Markets Act and specific instances of cooperation on concrete cases.
The last panel of the day explored how the Digital Services Act (DSA) and the GDPR interact. Panellists provided the example of the protection of minors: age verification should be effective yet fully in line with data protection legislation. They highlighted the growing need for strong coordination between the two frameworks, including the role of the European Board for Digital Services and other ways for the Commission and the EDPB to work together. A speaker also underlined the challenges and ongoing work on cross-regulatory cooperation from the perspective of a national authority. Another speaker urged regulators to work on building a fully coherent interpretation of the two frameworks and more globally of the digital legislation. Panellists also stressed that emerging technologies such as artificial intelligence are reshaping online ecosystems and, as a result, the role of the DSA and the GDPR. The panel concluded with a clear message: online safety under the DSA and the lawful processing of personal data are two sides of the same coin, both calling for the DSA and the GDPR to be read coherently.
Highlights from the keynote speeches
The event also featured the participation of the Executive Vice-President of the European Commission for Technological Sovereignty, Security, and Democracy Henna Virkkunen and the European Parliament’s LIBE Committee Chair Javier Zarzalejos.
Vice President Virkkunen welcomed the EDPB’s commitment to clarity, support and engagement in its Helsinki statement, aiming to ensure the work of the EDPB is clear, practical and consistent with the policy choice to protect individuals. EVP Virkkunen underlined the Commission’s commitment to seamless cooperation between different frameworks, mentioning several examples of successful cooperation, and highlighted that the Commission and the EDPB have heard the stakeholders’ call to provide support to compliance through stronger cooperation among regulators.
LIBE Chair Zarzalejos underlined that close cross-regulatory cooperation is essential to ensure consistency, to maximise the effectiveness of enforcement efforts and to ensure trust. Chair Zarzalejos highlighted the intersections between data protection law on the one hand, and, on the other hand, competition law, the DMA, and the DSA, emphasizing the interconnected challenges for policymakers and businesses. He ended his speech with a call in favour of EU digital sovereignty.
A forward-looking approach
EDPB Chair Anu Talus closed the conference by reiterating that the EDPB and European Data Protection Authorities are committed to continue supporting stakeholders in navigating the new cross-regulatory landscape.
The EDPB will continue working with the Commission on joint guidelines on the interplay between the AI Act and the GDPR, as well as on the final version of the joint guidelines on the interplay between the DMA and the GDPR. Moreover, work will start on the recently announced Joint Guidelines on the interplay between data protection and competition law.
In this process, stakeholders play a key role and, as stated in the Helsinki statement, the EDPB remains fully committed to further strengthening the dialogue with them.
Cross-regulatory cooperation is the future: speakers weigh in
During the conference, we took the opportunity to ask several speakers about the importance of cross-regulatory cooperation and how they see the role of Data Protection Authorities evolving in the years to come. Watch the video to hear what they have to say.