In recent years it has become evident that EU digital governance is no longer compartmentalised leading to an intersection between consumer protection, competition law, and data protection law, rendering siloed enforcement both inefficient and normatively inconsistent.(1) The GDPR, together with the Digital Services Act (DSA), the Digital Markets Act (DMA), the Data Act, and the AI Act form the EU’s digital rulebook with an increasing number of regulators from various different types of authorities. With up to 88 different governance structures, together with dispersed enforcement responsibilities across a range of authorities (including competition regulators, data protection authorities, and sectoral bodies such as telecommunications or cybersecurity regulators), some simplification needs to be found.