Europe fragments AI oversight

Europe is starting to police artificial intelligence through a growing list of sector regulators, not one continent-wide chain of command. (openrijk.nl) The clearest example is the Netherlands, where State Secretary Zsolt Szabó Aerdts opened a public consultation on April 21, 2026 for a national AI Act implementation bill that would spread oversight across existing authorities. The consultation runs until June 1, 2026. (nldigitalgovernment.nl) Under the Dutch plan, regulators would supervise AI inside their own sectors, while the Dutch Data Protection Authority would lead in areas without a designated watchdog and coordinate the system with the Digital Infrastructure Inspectorate. Pinsent Masons reported the model would involve 10 regulators. (openrijk.nl) (pinsentmasons.com) That approach fits the European Union’s AI Act, which is a risk-based law that took effect on August 1, 2024 and leaves much of day-to-day enforcement to national authorities. The biggest compliance wave for many companies arrives on August 2, 2026, when broad rules for high-risk AI systems start to apply. (commission.europa.eu) (ai-act-service-desk.ec.europa.eu) The result is that companies using AI in Europe are not just reading one new law. They are matching the AI Act to older rules such as the General Data Protection Regulation, which governs personal data and can apply at the same time to the same system. (iapp.org) The International Association of Privacy Professionals said on April 21 that the AI Act is a product-safety law, while the General Data Protection Regulation is a rights-based privacy law. Its mapping shows that a high-risk AI deployment may require a fundamental rights impact assessment under the AI Act and a separate data protection impact assessment under the privacy law. (iapp.org) Hotels show how that overlap reaches ordinary businesses. Hotel News Resource reported on April 22 that European hotel operators using AI for pricing, marketing, customer service, and demand forecasting may face added duties on transparency, data protection, and documentation, including for tools bought from outside vendors. (hotelnewsresource.com) That means a hotel chain, bank, hospital, or manufacturer may need to answer to different regulators depending on what the AI system does, what data it uses, and which country it operates in. The Dutch government said it chose existing sector watchdogs so businesses would deal with “familiar bodies” rather than a single new AI agency. (nldigitalgovernment.nl) Brussels designed the AI Act as one regulation for all 27 European Union countries. In practice, enforcement is taking shape country by country and sector by sector, with compliance teams now preparing for a map of overlapping rules instead of one front door. (commission.europa.eu) (openrijk.nl)