Summary statistics
Overlaps: 3 · Conflicts: 1 · Gaps: 2
6 article-level crossrefs catalogued between DMA and ePrivacy Directive from the Fontvera EU regulatory corpus. Article numbers are verbatim from the underlying obligation_crossrefs table; descriptions are extracted, not paraphrased.
All crossrefs between these regulations
| Article (A) | Article (B) | Type | Severity | Description |
|---|---|---|---|---|
| DMA Art 13 | ePrivacy Directive Art 5 | overlap | high | [entity affected: gatekeeper / provider of publicly available electronic communications service] Both regulations require entities to obtain valid consent from users before processing personal data or |
| DMA Art 15 | ePrivacy Directive Art 5 | overlap | medium | [entity affected: gatekeeper / provider of publicly available electronic communications service] Both regulations mandate transparency regarding data processing activities, requiring gatekeepers to pu |
| DMA Art 1 | ePrivacy Directive Art 15 | conflict | high | [entity affected: Member States] DMA prohibits Member States from imposing further obligations on gatekeepers to ensure contestable markets, while ePrivacy allows Member States to restrict rights for |
| DMA Art ? | ePrivacy Directive Art 4 | gap | medium | [entity affected: provider of publicly available electronic communications service] ePrivacy requires specific technical and organizational security measures for electronic communications services, bu |
| DMA Art ? | ePrivacy Directive Art 13 | gap | medium | [entity affected: sender of electronic mail / gatekeeper] ePrivacy strictly regulates direct marketing via email requiring prior consent or opt-out, while DMA focuses on platform contestability and do |
| DMA Art 11 | ePrivacy Directive Art 18 | overlap | low | [entity affected: gatekeeper / Commission] Both regulations require the submission of reports to the Commission regarding compliance and application of the rules, ensuring regulatory oversight and tra |
Conflicts explained
The 1 article-level conflicts between DMA and ePrivacy Directive mean a control that satisfies one can pull the wrong way on the other:
- DMA Art 1 vs ePrivacy Directive Art 15 — [entity affected: Member States] DMA prohibits Member States from imposing further obligations on gatekeepers to ensure contestable markets, while ePrivacy allows Member States to restrict rights for national security or public security, potentially creating overlapping or contradictory enforcement scopes for gatekeepers.
Which regulation takes precedence
EU law does not lay down a universal precedence rule between DMA and ePrivacy Directive. In practice three resolution approaches apply: lex specialis (the more specific provision wins when both purport to govern the same conduct); regulator guidance (EDPB, EBA, ESMA and the AI Office have all issued joint readings on overlapping articles — check the most recent applicable opinion); and document the choice (when the regulations leave the call to the controller, the audit defence is your written reasoning, not the regulator's silence). Where the corpus surfaces a conflict rather than an overlap, treat that as an escalation path to legal — not a control-design question.
What this means for your compliance team
Treat the 3 overlaps as design opportunities — one control, two regulatory anchors. Treat the 1 conflicts as escalation paths to legal: the regulations themselves don't resolve them, you do, and you document the reasoning. The 2 gaps point at scenarios where one regulation is silent while the other speaks — assume the regulator who has the explicit rule will win.
Related Fontvera pages
- dma obligations digital sector
- dma obligations electronic communications
- dma obligations online advertising
- dma vs dora comparison
Check your full compliance exposure with the 5-minute Fontvera diagnostic →