Summary statistics
Overlaps: 2 · Conflicts: 0 · Gaps: 2
4 article-level crossrefs catalogued between AI Act and Data Governance Act from the Fontvera EU regulatory corpus. Article numbers are verbatim from the underlying obligation_crossrefs table; descriptions are extracted, not paraphrased.
All crossrefs between these regulations
| Article (A) | Article (B) | Type | Severity | Description |
|---|---|---|---|---|
| AI Act Art 10 | Data Governance Act Art 7 | overlap | medium | [entity affected: provider] Both regulations require entities handling data for AI or re-use purposes to implement technical and organizational measures for data governance, including privacy preserva |
| AI Act Art 11 | Data Governance Act Art 8 | overlap | low | [entity affected: provider] Both regulations mandate the creation and maintenance of technical documentation or searchable asset lists to ensure transparency and accessibility of information regarding |
| AI Act Art ? | Data Governance Act Art ? | gap | high | [entity affected: data altruism organisation] Data altruism organisations sharing data for AI training may face unclear compliance boundaries regarding whether they are considered 'providers' under th |
| AI Act Art ? | Data Governance Act Art ? | gap | high | [entity affected: data intermediation services provider] Data intermediaries facilitating access to datasets for high-risk AI training are not explicitly defined as 'providers' in the AI Act, potentia |
Overlaps explained
No conflict-type crossrefs were catalogued for this pair, but the 2 overlaps below mean a single control can be designed to satisfy both regulations at once. Plan the controls jointly to avoid duplicate effort:
- AI Act Art 10 vs Data Governance Act Art 7 (medium severity) — [entity affected: provider] Both regulations require entities handling data for AI or re-use purposes to implement technical and organizational measures for data governance, including privacy preservation and secure processing environments.
- AI Act Art 11 vs Data Governance Act Art 8 (low severity) — [entity affected: provider] Both regulations mandate the creation and maintenance of technical documentation or searchable asset lists to ensure transparency and accessibility of information regarding the systems or data resources.
Which regulation takes precedence
EU law does not lay down a universal precedence rule between AI Act and Data Governance Act. In practice three resolution approaches apply: lex specialis (the more specific provision wins when both purport to govern the same conduct); regulator guidance (EDPB, EBA, ESMA and the AI Office have all issued joint readings on overlapping articles — check the most recent applicable opinion); and document the choice (when the regulations leave the call to the controller, the audit defence is your written reasoning, not the regulator's silence). Where the corpus surfaces a conflict rather than an overlap, treat that as an escalation path to legal — not a control-design question.
What this means for your compliance team
Treat the 2 overlaps as design opportunities — one control, two regulatory anchors. Treat the 0 conflicts as escalation paths to legal: the regulations themselves don't resolve them, you do, and you document the reasoning. The 2 gaps point at scenarios where one regulation is silent while the other speaks — assume the regulator who has the explicit rule will win.
Related Fontvera pages
- ai act art 17 provider obligations
- ai act art 70 commission obligations
- ai act authorized representative
- ai act automotive
Check your full compliance exposure with the 5-minute Fontvera diagnostic →