EU Digital Laws: Mapping the Interplays with the GDPR
This infographic series maps different EU digital laws with the GDPR.
Contributors:
Müge Fazlioglu
CIPP/E, CIPP/US
Principal Researcher, Privacy Law and Policy
IAPP
Additional Insights
Envisioned by the European Commission's 19 February 2020 communication on a European strategy for data and streamlined through the emerging Data Union Strategy, numerous new EU digital laws have recently come into force.
This infographic series, drawing from the EU Digital Laws Report 2025, maps different EU digital laws with the GDPR.
The IAPP additionally hosts a European Strategy for Data series of charts, which provide an overview of EU privacy, cybersecurity and AI legislation.
Series overview
Data Governance Act
This resource provides an overview of the rules and requirements that sit at the intersection of the EU Data Governance Act and the EU GDPR. As a legal framework to create an infrastructure for the public sharing of both non-personal and personal data, the DGA intersects in several ways with the rights enshrined within and the rules laid down by the GDPR.
View infographic
Data Act
The EU Data Act creates new rules on who can access and use data generated in the EU across all economic sectors. It aims to ensure fairness in the allocation of value from data, stimulate a competitive data market, open opportunities for data-driven innovation and make data more accessible to all users. It focuses primarily on industrial, nonpersonal data but is relevant to data protection.
View infographic
Digital Markets Act
The Digital Markets Act applies to the core platform services of designated gatekeepers, which may also qualify as controllers or processers under the EU General Data Protection Regulation, creating numerous points of intersection between the two laws.
View infographic
Digital Services Act
The DSA aims to create a safe, predictable and trusted online environment by preventing the dissemination of illegal content, reducing societal risks stemming from the spread of disinformation and preserving fundamental rights. These aims are complementary to those of the GDPR, which seeks to protect the fundamental rights of data subjects.
View infographic
Coming Soon
- EU AI Act
- NIS2 Directive
This content is eligible for Continuing Professional Education credits. Please self-submit according to CPE policy guidelines.
Submit for CPEs
