Changeflow GovPing Data Privacy & Cybersecurity EDPB Conference on GDPR, DMA, DSA Cooperation
Routine Notice Added Final

EDPB Conference on GDPR, DMA, DSA Cooperation

Favicon for www.edpb.europa.eu EDPB News
Published March 17th, 2026
Detected March 24th, 2026
Email

Summary

The European Data Protection Board (EDPB) held a conference on March 17, 2026, discussing cross-regulatory cooperation between data protection authorities and those overseeing competition, the Digital Markets Act (DMA), and the Digital Services Act (DSA). Key takeaways included the need for aligned approaches between data protection and competition regulators, and the importance of coherent interpretation of the DMA and GDPR, as well as the DSA and GDPR.

View original document View source feed page

What changed

The European Data Protection Board (EDPB) hosted a conference on March 17, 2026, focusing on the interplay between data protection regulations (GDPR) and other key EU digital laws: the Digital Markets Act (DMA) and the Digital Services Act (DSA). Discussions highlighted the necessity for enhanced cooperation among regulatory bodies, particularly between data protection and competition authorities, emphasizing the need for aligned approaches and recognizing synergies. The conference also addressed the joint guidelines on the DMA and GDPR, noting their role in fostering consistency and legal certainty, while also considering potential improvements for proportionality and respecting regulatory competences.

While this event is primarily informational and does not impose new direct obligations, it signals ongoing efforts to harmonize regulatory interpretations across different EU digital frameworks. Compliance officers should note the emphasis on cross-regulatory cooperation and the development of joint guidelines, which aim to simplify compliance for businesses operating within the EU. The discussions suggest a trend towards more integrated regulatory oversight in the digital space, impacting how companies approach data protection, market competition, and digital service provision.

Source document (simplified)

Brussels, 23 March - On 17 March 2026, the EDPB conference “Cross-regulatory interplay and cooperation in the EU: a data protection perspective” took place in Brussels. The event showcased high-level discussions, featuring contributions from representatives of key EU institutions, European Data Protection Authorities, academia and industry.

Key takeaways from the panel discussions

Throughout the day, three panels were held, focusing on 1) data protection and competition, 2) the Digital Markets Act (DMA) and the GDPR, and 3) the Digital Services Act (DSA) and the GDPR.

During the first panel, speakers emphasised the critical need for cooperation between regulatory bodies in the fields of data protection and competition and shared views on what regulators in the two fields can learn from each other, especially in the aftermath of the Bundeskartellamt ruling. A speaker emphasized that regulators should align their approaches and recognize synergies between the two fields, such as protecting consumers and data subjects. Others pointed out that fixing harm to end users does not always solve competition issues, and that data protection should be considered in competition analysis only when relevant, on a case-by-case basis. Panellists also highlighted the need to cooperate not just on individual cases, but on broader concepts and legal principles.  In this context, the EDPB has recently agreed to develop joint guidelines with the European Commission to address the interplay between competition law and data protection.

The discussions in the second panel centred on the joint guidelines on the DMA and the GDPR, which were developed by the European Commission and the EDPB and recently underwent public consultation. The joint guidelines are an unprecedented work and a good example of regulatory cooperation paving the way for further examples ahead, in line with the EDPB Strategy 2024-2027 and Helsinki Statement ’s objectives to strengthen cross-regulatory cooperation. A crucial goal of the guidelines is the development of a coherent and compatible interpretation of the DMA and the GDPR while respecting the regulatory competences. It was emphasised that these guidelines help break silos, strengthen consistency, and provide further clarity and legal certainty. All of this contributes to easier compliance, which is valued by stakeholders and increases trust. At the same time, certain speakers suggested improvements to the final version of the guidelines, bearing in mind the DMA should not be given primacy over the GDPR and that the measures companies have to comply with should be proportionate.  Other examples of cooperation in this domain were also mentioned, such as the participation in the High Level Group for the Digital Markets Act and specific instances of cooperation on concrete cases.

The last panel of the day explored how the Digital Services Act (DSA) and the GDPR interact. Panellists provided the example of the protection of minors: age **** verification should be effective yet fully in line with data protection legislation.  They highlighted the growing need for strong coordination between the two frameworks, including the role of the European Board for Digital Services and other ways for the Commission and the EDPB to work together. A speaker also underlined the challenges and ongoing work on cross-regulatory cooperation from the perspective of a national authority. Another speaker urged regulators to work on building a fully coherent interpretation of the two frameworks and more globally of the digital legislation. Panellists also stressed that emerging technologies such as artificial intelligence are reshaping online ecosystems and, as a result, the role of the DSA and the GDPR.  The panel concluded with a clear message: online safety under the DSA and the lawful processing of personal data are two sides of the same coin, both calling for the DSA and the GDPR to be read coherently.

Highlights from the keynote speeches

The event also featured the participation of the Executive Vice-President of the European Commission for Technological Sovereignty, Security, and Democracy Henna Virkkunen and the European Parliament’s LIBE Committee Chair Javier Zarzalejos.

Vice President Virkkunen welcomed the EDPB’s commitment to clarity, support and engagement in its Helsinki statement, aiming to ensure the work of the EDPB is clear, practical and consistent with the policy choice to protect individuals. EVP Virkkunen underlined the Commission’s commitment to seamless cooperation between different frameworks, mentioning several examples of successful cooperation, and highlighted that **** the Commission and the EDPB have heard the stakeholders’ call to provide support to compliance through stronger cooperation among regulators.

LIBE Chair Zarzalejos underlined that close cross-regulatory cooperation is essential to ensure consistency, to maximise the effectiveness of enforcement efforts and to ensure trust. Chair Zarzalejos highlighted the intersections between data protection law on the one hand, and, on the other hand, competition law, the DMA, and the DSA, emphasizing the interconnected challenges for policymakers and businesses. He ended his speech with a call in favour of EU digital sovereignty.

A forward-looking approach

EDPB Chair Anu Talus closed the conference by reiterating that the EDPB and European Data Protection Authorities are committed to continue supporting stakeholders in navigating the new cross-regulatory landscape.

The EDPB will continue working with the Commission on joint guidelines on the interplay between the AI Act and the GDPR, as well as on the final version of the joint guidelines on the interplay between the DMA and the GDPR. Moreover, work will start on the recently announced Joint Guidelines on the interplay between data protection and competition law.

In this process, stakeholders play a key role and, as stated in the Helsinki statement, the EDPB remains fully committed to further strengthening the dialogue with them.

Cross-regulatory cooperation is the future: speakers weigh in

During the conference, we took the opportunity to ask several speakers about the importance of cross-regulatory cooperation and how they see the role of Data Protection Authorities evolving in the years to come. Watch the video to hear what they have to say.

Controls: true

Named provisions

data protection and competition Digital Markets Act (DMA) and the GDPR Digital Services Act (DSA) and the GDPR

Related changes

Favicon for www.edpb.europa.eu EDPB Launches Coordinated GDPR Enforcement on Transparency
Priority review Mar 19, 2026 EDPB News Data Privacy & Cybersecurity
Favicon for www.edpb.europa.eu EDPB Conference on Cross-Regulatory Cooperation
Routine Mar 03, 2026 EDPB News Data Privacy & Cybersecurity
Favicon for www.edpb.europa.eu EDPB Adopts 2026-2027 Work Programme for GDPR Compliance
Routine Feb 13, 2026 EDPB News Data Privacy & Cybersecurity
Favicon for changeflow.com Ciphero Truthseeker AI Data Privacy Trademark Application
Routine Mar 24, 2026 ChangeBridge: Trademarks - Technology Services (Class 042) Telecom & Technology
Favicon for www.nmag.gov AG Torrez Leads 17 States Urging Congress to Close Data-Broker Loophole
Priority review Mar 24, 2026 AG: New Mexico Press Releases Government General
Favicon for changeflow.com USPTO Patent Grant: Data Lifecycle Discovery and Management
Routine Mar 24, 2026 ChangeBridge: Patent Grants - AI & Computing (G06N) Telecom & Technology

Source

Favicon for www.edpb.europa.eu
EDPB News edpb.europa.eu/news/news_en
Data Privacy & Cybersecurity
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
EDPB
Published
March 17th, 2026
Instrument
Notice
Legal weight
Non-binding
Stage
Final
Change scope
Minor

Who this affects

Applies to
Technology companies
Industry sector
5112 Software & Technology
Activity scope
Data Protection Compliance Digital Service Provision
Geographic scope
European Union EU

Taxonomy

Primary area
Data Privacy
Operational domain
Compliance
Compliance frameworks
GDPR
Topics
Antitrust & Competition Digital Markets Act Digital Services Act

Browse Categories

Agriculture & Food Safety 61 Banking & Finance 236 Consumer Protection 40 Courts & Legal 323 Data Privacy & Cybersecurity 64 Defense & National Security 48 Education 20 Energy 104 Environment 83 Government & Legislation 261 Healthcare 131 Housing 16 Immigration 9 Insurance 56 Labor & Employment 111 Legal & Courts 1 Pharma & Drug Safety 99 Securities & Markets 79 Tax 64 Telecom & Technology 47 Trade & Sanctions 124 Transportation 56

Get Data Privacy & Cybersecurity alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when EDPB News publishes new changes.

Free. Unsubscribe anytime.