European Strategy for Data – Overview of New Regulations

Last Updated: January 2024

This is a multipart series intended to provide privacy professionals with an overview of new EU legislation adopted since May 2022 under the European Union’s Strategy for Data, such as the EU Data Governance Act, the Digital Services Act, the Digital Markets Act and the NIS2 Directive. Each brief will depict a legislation’s objective, material and territorial scope, main requirements, enforcement, and oversight structure. The IAPP additionally published an infographic which provides further context on the various EU data initiatives and draft legislation.


European Strategy for Data: 101 Charts

Data Governance Act

The DGA seeks to foster public sector information reuse; to create a supervisory framework for the provision of data sharing services; and to establish a framework for voluntary registration of entities which collect and process data made available for altruistic purposes.

View DGA Chart

Digital Markets Act

The DMA creates new obligations for big technology platforms acting as “gatekeepers providing core platform services” to create a fairer environment for business users that rely on gatekeepers, and to ensure consumers have access to better services and can easily switch providers.

View DMA Chart

Digital Services Act

The DSA aims to harmonize conditions for the provision of intermediary services and increases transparency requirements for online intermediaries.

View DSA Chart

EU Data Act

This chart provides an overview of the EU Data Act. The Data Act creates new rules on who can access and use data generated in the EU across all economic sectors.

View EU Data Act Chart

NIS2 Directive

This chart explores the NIS2 Directive on measures for a high common level of cybersecurity across the EU, which further improves the resilience and incident response capacities of the public and private sectors, and the EU as a whole.

View NIS2 Chart