Tech Law Standard

Tech Law Standard

Share this post

Tech Law Standard
Tech Law Standard
Europe’s AI Act is Not Playing Nice with GDPR and That is a Big Problem for You
Copy link
Facebook
Email
Notes
More

Europe’s AI Act is Not Playing Nice with GDPR and That is a Big Problem for You

Did you think the AI Act will overshadow the GDPR? Not so fast. This post delves into their tangled relationship, and what it means for you.

Tech Law Standard's avatar
Tech Law Standard
May 10, 2025
∙ Paid
3

Share this post

Tech Law Standard
Tech Law Standard
Europe’s AI Act is Not Playing Nice with GDPR and That is a Big Problem for You
Copy link
Facebook
Email
Notes
More
2
4
Share

In case you missed the emerging developments from the EU, the implementation of the AI Act is approaching at warp speed. But in its slipstream, it is kicking up a lot of questions, especially for those of us already wrestling with the GDPR. Now that the Council has released a fresh summary of how these two “titans” will interact, it's time for us to dig in.

The document is a confidential Council of the EU summary from April 2025 outlining the key takeaways from a joint debate on how the Artificial Intelligence (AI) Act will interact with the General Data Protection Regulation (GDPR).

Held under the Polish Presidency, the meeting brought together data protection and telecom policymakers from EU Member States.

The discussion focused on practical challenges of implementing both laws simultaneously, particularly for regulators and AI system providers.

Key concerns included the differing approaches of the two laws: the GDPR centres on data protection and fundamental rights, while the AI Act takes a product safety and risk-based approach to regulating AI systems.

This creates legal uncertainty, risk of double sanctions, and overlapping compliance obligations, especially for high-risk AI applications using personal data.

Member States called for clearer EU-level guidance, shared templates for assessments, closer cooperation between data protection and AI authorities, and integrated national governance structures.

The role of regulatory sandboxes was also discussed as a way to support innovation while ensuring legal compliance.

The document reflects growing pressure on EU institutions to harmonise interpretations, streamline enforcement, and clarify expectations ahead of the AI Act’s full implementation, particularly in scenarios where both laws apply at once.

Two Tech Laws, Two Philosophies 😵‍💫

Let us not sugar-coat it. The AI Act and the GDPR might both be EU laws, but they don’t exactly operate on the same wavelength.

This post is for paid subscribers

Already a paid subscriber? Sign in
© 2025 Tech Law Standard
Publisher Privacy ∙ Publisher Terms
Substack
Privacy ∙ Terms ∙ Collection notice
Start writingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More