BRUSSELS - The European Commission today unveiled a wide-ranging digital package, dubbed the „Digital Omnibus“, which aims to simplify regulation in the areas of artificial intelligence, cybersecurity and data protection. The Commission said the package is designed to reduce the administrative burden on businesses, especially SMEs, while boosting innovation in the competition with tech giants, Reuters reported.
Among the key measures is an extension of the deadline for applying stricter rules for so-called „higher risk“ AI systems from the original August 2026 deadline to December 2027, a move Reuters reports will give companies more time to prepare for the new obligations. Other measures include simplifying documentation for smaller firms and unifying cyber incident reporting through a central interface, as detailed by The Verge in its article on European digital legislation.
Amendments to the existing GDPR are also an important part of the package. According to TechPolicy, some proposals have narrowed the definition of personal data, which would mean that pseudonymised identifiers such as cookies or advertising IDs might no longer fall under strict protection. In addition, the new exemptions would allow companies to process sensitive data, such as health or political views, for AI training purposes even without explicit user consent if it is a so-called „legitimate interest,“ as Reuters pointed out.
The package also reforms the rules on cookies. Users would be able to manage their settings more easily directly in the browser, and some lower-risk cookies might not require a pop-up bar asking for consent, The Verge reports.
The Commission presents its proposals as „simplification, not deregulation“. Henna Virkkunen, executive vice chair of the Commission on Technology Sovereignty, told The Verge that the changes will allow start-ups and smaller companies to scale and innovate faster.
On the other hand, there are growing concerns about the potential weakening of digital rights in the EU. Privacy activists, such as Max Schrems of the noyb or organisations European Digital Rights (EDRi), calling the changes „the death of GDPR by a thousand cuts“. According to Reuters, the new rules could restrict rights to access or delete data while allowing AI firms to gain wider access to sensitive data without users' explicit consent. Similarly, TechPolicy warns that the changes could lead to confusion about how personal data will be used to train AI.
Journalists from The Verge remind us of the wider context: the Commission is not only trying to digitise the rules, but also to make Europe more competitive globally. The reforms are aimed at lowering the regulatory barrier for big tech firms, which could benefit from freer access to European data.
The Digital Omnibus proposal will now go to the EU Member States and the European Parliament for discussion. The approval process is likely to be complex and politically sensitive, as it involves a fundamental rethink of EU digital legislation and possibly a redefinition of the balance between protecting privacy and promoting technological development.
gnews.cz - GH
Czech 
English 
Spanish 
French 
Italian 
Russian 
Chinese 
German