Thursday 23 May 2024
Class Room
Open Universiteit (NL)


The GDPR promised to bring effective enforcement of data protection law, but 5 years after its entry into force it can be established that it did not fully deliver. Questions have arisen on diverse issues such as the ability of national authorities to get a grip on large multinational firms (forum shopping), the effectiveness of cooperation mechanisms between national authorities, and the ability to enforce a largely principle based regulation.  The AI-act and GDPRs enforcement mechanism have several similarities, such as national supervisory authorities, a European Artificial Intelligence Board (similar to the EDPB) and corrective measures such as high turnover based fines and bans on processing. Against this background this panel asks which lessons should be learned for effective enforcement of the AI-act?

  • Did the lessons learned from the GDPR contribute to a better system of enforcement in the AI-act?
  • Is a risk-based approach the right way to go for effective enforcement?
  • What are the key elements of an effective system of enforcement?
  • What does the experience of GDPR enforcement teach us about effectively enforcing open norms?


Did you see these?

You might be interested in these panels as well: