Summary statistics
Overlaps: 3 · Conflicts: 1 · Gaps: 2
6 article-level crossrefs catalogued between Data Governance Act and ePrivacy Directive from the Fontvera EU regulatory corpus. Article numbers are verbatim from the underlying obligation_crossrefs table; descriptions are extracted, not paraphrased.
All crossrefs between these regulations
| Article (A) | Article (B) | Type | Severity | Description |
|---|---|---|---|---|
| Data Governance Act Art 7 | ePrivacy Directive Art 5 | overlap | medium | [entity affected: Public sector bodies / Competent bodies] Both regulations require entities handling data to implement technical measures that preserve privacy, confidentiality, and integrity, such a |
| Data Governance Act Art 7 | ePrivacy Directive Art 9 | overlap | medium | [entity affected: Competent bodies / Service providers] Both regulations mandate mechanisms to obtain consent from data subjects or users for data processing or re-use, ensuring that consent is a prer |
| Data Governance Act Art 13 | ePrivacy Directive Art 15 | overlap | low | [entity affected: Data protection authorities / Working Party] Both regulations require cooperation and information exchange between data protection authorities and other relevant sectoral authorities |
| Data Governance Act Art 4 | ePrivacy Directive Art 5 | conflict | high | [entity affected: Public sector bodies] The DGA promotes broad data re-use and transparency for public sector data, while ePrivacy strictly prohibits interception or storage of communications without |
| Data Governance Act Art ? | ePrivacy Directive Art ? | gap | high | [entity affected: Data intermediation service providers] Neither regulation explicitly addresses the specific privacy impact assessments required for data intermediaries handling sensitive e-communica |
| Data Governance Act Art ? | ePrivacy Directive Art ? | gap | medium | [entity affected: Data altruism organisations] While DGA regulates data altruism registration and ePrivacy regulates consent, there is no clear guidance on how data altruism organisations must handle |
Conflicts explained
The 1 article-level conflicts between Data Governance Act and ePrivacy Directive mean a control that satisfies one can pull the wrong way on the other:
- Data Governance Act Art 4 vs ePrivacy Directive Art 5 — [entity affected: Public sector bodies] The DGA promotes broad data re-use and transparency for public sector data, while ePrivacy strictly prohibits interception or storage of communications without consent, potentially limiting the scope of data that can be made available for re-use.
Which regulation takes precedence
EU law does not lay down a universal precedence rule between Data Governance Act and ePrivacy Directive. In practice three resolution approaches apply: lex specialis (the more specific provision wins when both purport to govern the same conduct); regulator guidance (EDPB, EBA, ESMA and the AI Office have all issued joint readings on overlapping articles — check the most recent applicable opinion); and document the choice (when the regulations leave the call to the controller, the audit defence is your written reasoning, not the regulator's silence). Where the corpus surfaces a conflict rather than an overlap, treat that as an escalation path to legal — not a control-design question.
What this means for your compliance team
Treat the 3 overlaps as design opportunities — one control, two regulatory anchors. Treat the 1 conflicts as escalation paths to legal: the regulations themselves don't resolve them, you do, and you document the reasoning. The 2 gaps point at scenarios where one regulation is silent while the other speaks — assume the regulator who has the explicit rule will win.
Related Fontvera pages
- data governance act article 5 member state
- data governance act vs dma comparison
- data governance act vs dora comparison
- data governance act vs dsa comparison
Check your full compliance exposure with the 5-minute Fontvera diagnostic →