LHFor two years, German organizations have known the EU AI Act was coming and roughly what it would require. What they didn't know was the part every compliance officer actually needs: who supervises, who they report to, and who shows up when something goes wrong. As of this week, that gap is closed. The German implementation law for the EU AI Act – the Durchführungsgesetz – has cleared the Bundestag.
What the Bundestag actually passed
The law does one essential thing: it builds the national machinery the EU AI Act assumes every member state will have. It designates the German authorities responsible for oversight, market surveillance, and supporting businesses through the new rules, and it names the Bundesnetzagentur (the Federal Network Agency) as the central coordinating body, working inside a network with further authorities.
Bitkom, Germany's main digital-industry association, welcomed the milestone. As board member Susanne Dehmel put it, “Deutschland bekommt heute den lange erwarteten Rechtsrahmen für die Umsetzung des europäischen AI Act” – Germany is finally getting the long-awaited legal framework for implementing the European AI Act. After two years of strategy decks built on assumptions, companies have something concrete to plan against.
Naming the referee was the easy part
The harder problem starts the day after the vote. Dehmel's caution was blunt: the real test is uniform implementation across all 16 Bundesländer. Germany is a federal system, and AI oversight will inevitably touch authorities that answer to state governments, not Berlin. Bitkom's word for the risk is Flickenteppich – a patchwork, where the same AI system is treated one way in Bavaria and another in Bremen.
Its specific concern is pointed: AI systems used by regional and local public institutions could end up outside the central coordination the law sets up. To prevent that, Bitkom is calling for two things the statute alone doesn't guarantee:
- Binding coordination mechanisms between the federal coordinator and the state-level authorities – not just goodwill and quarterly calls.
- Uniform enforcement guidelines, so that a given deployment gets the same answer regardless of which authority happens to assess it.
Until those exist, the rulebook is written but the refereeing is not. For organizations that operate in more than one state – which is most of them – that ambiguity is itself a planning problem.
Why this lands hardest in the public sector
Private companies feel regulatory uncertainty, but they can usually pick their tools and their risk appetite. Public bodies can't. Ministries, municipalities, courts, and agencies are under real pressure to modernize, and AI assistants are the fastest visible win – drafting correspondence, summarizing case files, answering citizen queries. The data those workflows touch is exactly the kind the law cares most about: names, addresses, social-benefit records, health and social-care details, immigration status – much of it special-category data under GDPR Article 9.
Now layer Bitkom's warning on top. A municipal office adopting an AI assistant has to ask not only “is this allowed?” but “allowed according to whom?” If the supervising authority for a state-run institution is unclear, the safe assumption isn't “no rules apply” – it's “every rule applies, and someone will eventually decide who enforces it.” That is not a position any public administrator wants to defend after the fact. (It's the same tension we unpack in our public-sector overview.)
What doesn't change, whoever supervises
Here is the part that cuts through the federalism debate. The question of who supervises is genuinely unsettled. The question of what you're obliged to do is not.
The AI Act doesn't replace GDPR – it sits on top of it. The moment an employee pastes a citizen's personal data into a third-party AI tool, that's a processing operation, and the organization is the controller, with or without a designated AI authority looking over its shoulder. As we argued in our enterprise compliance guide, “trust us” was never a lawful basis under Article 6, and it certainly isn't one for Article 9 data. None of that depends on whether Berlin and the states finish harmonizing their guidelines.
So while the authorities sort out the org chart, the substantive obligation is fixed: control what data reaches the model in the first place. Whichever regulator eventually knocks, the evidence they'll ask for is the same – proof that protected information was handled lawfully, ideally proof that it never left your control at all.
Where local-first anonymization fits
This is the gap a local-first approach is built to close, and it's why SOWA Privacy exists. The extension detects protected data on the device – in the browser, before the prompt is sent – and replaces it with context-preserving placeholders. The model still gets a usable prompt; it just never gets the names, the case numbers, or the health details.
That property is quietly powerful in a fragmented enforcement landscape. If the sensitive data never crosses the boundary, there is no cross-border transfer to characterize, no third-party log to discover, and nothing for any of the 16 states' authorities to disagree about. It doesn't solve German federalism – nothing a browser extension does will – but it shrinks the surface that federalism has to govern down to almost nothing.
A patchwork of regulators is a problem you can plan around. A patchwork of leaked citizen data is not.
Germany now has its rulebook, and the coordination details will get worked out over the months ahead. The organizations that come through it calmly won't be the ones with the cleverest reading of which authority has jurisdiction. They'll be the ones who arranged, long before anyone asked, to have nothing sensitive to adjudicate in the first place.
Source: Bitkom press release, “Deutsche Umsetzung des AI Acts kommt” (June 11, 2026).