67. What bodies should Member States put in place to ensure that the Data Act is enforceable?

The Member States are required to designate at least one competent authority to deal with the enforcement of the Data Act and carry out the tasks listed in its Article 37(5). The competent authority may be newly created, but it can also be an already existing public sector body. It is possible that Member States will appoint more than one such competent authority. If so, they will also have to designate from among them a ‘data coordinator’ - an additional competent authority whose role will be to facilitate cooperation between competent authorities and help entities wishing to have their rights under the Data Act enforced (as a ‘single point of contact’). In practice, the data coordinator will be expected to receive questions from companies or consumers and guide them to the authority which will be the right ‘competent authority’ in their specific case. It is important to note that the DPAs remain responsible for monitoring the application of the Data Act insofar as the protection of personal data is concerned. Moreover, it is crucial that the Data Act is applied efficiently across all sectors. Competent authorities must therefore cooperate with sectoral authorities to ensure the Data Act is enforced consistently with other EU or national laws. The Commission will work closely with these authorities, including through the European Data Innovation Board, to ensure the seamless and uniform application of the Data Act. This effort may include issuing sector-specific guidelines for the effective application of data access and use rules.