How I Recovered My Proxmox Ceph Cluster After Multiple OSD Failures
December 7, 2025
Split Email Setup: Use Microsoft 365 and Hostinger on the Same Domain
December 10, 2025
Europe is known for some of the toughest digital laws in the world. Now the European Commission’s new “Digital Omnibus” proposal promises simpler rules and less red tape for businesses. Supporters see a long-overdue clean-up. Critics fear a quiet rollback of privacy and AI protections.
What is the EU Digital Omnibus?
The Digital Omnibus is a single proposal published on 19 November 2025. It tweaks several flagship laws at once: the GDPR, the AI Act, the Data Act and parts of the e-Privacy framework, with the aim of cutting overlaps and compliance costs, especially for SMEs.
One of the most sensitive changes targets the definition of personal data. Information would not count as personal data for a controller if they have no reasonable way to identify the person behind it. That could shrink the set of data covered by GDPR, particularly for pseudonymised and aggregated datasets.
Cookie rules also move house. Today many tracking provisions sit in the e-Privacy Directive. The Omnibus would fold them into GDPR and streamline consent. Browsers and operating systems could store central consent preferences, which websites would have to honour, and sites would face a six-month minimum before asking again after a user says no.
On AI, the proposal offers more time. High-risk AI systems, due to face strict rules from 2026, would gain extended deadlines into 2027. Enforcement would also be linked more closely to technical standards and official guidance, reflecting the reality that regulators and vendors are not fully ready.
The Commission insists this is not deregulation. It argues that core protections stay in place while duplicate paperwork, confusing banners and conflicting obligations are stripped away so that European firms can compete more effectively in AI and data-driven services.
Privacy rollback or overdue reset?
Reactions inside Europe are sharply split. Digital rights groups describe the Omnibus as a rollback disguised as simplification. They fear that narrowing the concept of personal data will let large platforms and AI labs lean harder on vaguely anonymised datasets for model training, with weaker consent from users.
Civil society organisations are uneasy about the cookie changes too. Central browser-level consent sounds user-friendly, but it shifts power towards a few browser vendors. If the rules are not written tightly, new loopholes could open for profiling and cross-site tracking, and once design patterns are embedded they are hard to unwind.
Business voices sound very different. European software and industrial leaders have long argued that the EU spends more energy on control than on growth. They welcome extra time for high-risk AI and clearer signals on when data is out of scope, and warn that without flexibility Europe will continue to import US and Chinese AI tools while its own firms fall behind.
The truth is likely somewhere in the middle. Europe does need simpler, more coherent rules if it wants ambitious tech companies to scale at home. But speed and simplicity cannot come at the expense of trust. If people believe their data is being traded away quietly, the backlash could be severe.
The Digital Omnibus is still under negotiation, but it shows where EU policy is heading. For ordinary users, the basics still matter most. Use strong, unique passwords, turn on multi-factor authentication and be careful what you paste into AI tools or online services. New rules may ease some consent flows, but they will not remove the risks.
Europe now faces a hard question. Can it stay the world’s privacy and AI watchdog while trying to catch up in the global tech race? How lawmakers handle the Digital Omnibus will be an early test of that balancing act.