This study examines two key pillars of European digital law: the General Data Protection Regulation (GDPR) and the Digital Services Act (DSA).

In simple terms, the GDPR sets the rules for how our personal data is collected and used, placing emphasis on transparency, lawfulness, and the rights of individuals. At the same time, the DSA regulates how digital platforms (such as social media) operate, introducing obligations aimed at greater transparency, safety, and accountability.

The study highlights how these two legal frameworks interact in practice and how they affect critical aspects of our everyday online lives, such as targeted advertising, user profiling, and the protection of minors.

The analysis shows that, although the GDPR and the DSA have different roles, they operate in a complementary way. The GDPR establishes the basic limits for the use of personal data, while the DSA introduces additional obligations for platforms, effectively strengthening user protection in practice.

Their interaction is particularly evident in areas such as targeted advertising and the protection of minors, where European law becomes both stricter and more substantive.

Overall, these two frameworks contribute to creating a safer, more transparent, and more accountable digital environment. However, their effectiveness will depend on their consistent implementation and on the cooperation between competent authorities, in order to strike the right balance between innovation and the protection of individuals’ rights.

The full study is available here (in EL).

The author of the study is Eleftheria Papanikolaou, Lawyer and Member of Homo Digitalis.

The study was conducted with the support of European Digital Rights (EDRi).