*Result*: DPIAs' role in fundamental rights governance.

*This paper examines the role of Data Protection Impact Assessments (DPIAs) under the General Data Protection Regulation (GDPR) as frameworks for decentralized governance of fundamental rights. The paper argues that DPIAs extend beyond accountability tools, positioning data controllers as quasi-judicial actors responsible for adjudicating fundamental rights conflicts. By mandating necessity and proportionality assessments, DPIAs reflect a shift from public oversight to private governance. However, DPIAs face significant challenges, including subjectivity, legitimacy concerns, and inconsistencies in rights balancing. To address these, the paper recommends reforms, including standardized guidelines, enhanced transparency, robust stakeholder engagement, and increased resources for oversight by Data Protection Authorities. By situating DPIAs within EU data protection law and addressing their limitations, the paper highlights their potential as pivotal tools in protecting fundamental rights in the digital age. [ABSTRACT FROM AUTHOR]

Copyright of Information & Communications Technology Law is the property of Taylor & Francis Ltd and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)*