The GDPR is considered a milestone in data protection and the link between new technologies and its compliance is a recurrent topic. This paper tackles two main obstacles to GDPR effectiveness: its outdatedness towards technological development and the restrictive interpretation in some Countries. The analysis focuses on the context of PA willing to use AI to categorize firms and plan inspections. Those crash against the heavy burden of compliance to an obsolete Regulation. This leads to PA putting in place defensive mechanisms detrimental to tech development and not truly justified by data protection. Besides, a lack of interlocution between collective actors results in not having a solid cohesive role in dialoguing with the DPA. The aim is to highlight such criticalities and propose a revision of a nowadays not-fit-for-purpose GDPR. This in view of softening the obstacles to enhancement of AI-supported regulatory enforcement, but always safeguarding the principle of data protection.