By Fred Roeder, EU Technews with Euronews
Published on
ADVERTISEMENT
This story first appeared on EU Technews and has been published as part of an agreement with Euronews.
The European Commission has initiated a call for evidence regarding the Digital Omnibus, a component of the broader Digital Package on Simplification. This initiative will be accompanied by the Digital Fitness Check, aiming to evaluate the EU’s digital acquis’s coherence and cumulative impact on business operations.
The consultation, open to all Europeans to provide their views, will continue until October 14, 2025. It follows three previous consultations: the Data Union Strategy, the Cybersecurity Act review, and the Apply AI Strategy, which collectively have already received 718 unique feedback responses.
This Omnibus aims to tackle existing challenges and promote simplification in a) the data acquis (Data Governance Act, Free Flow of Non-Personal Data Regulation, Open Data Directive); b) cookie rules under the e-Privacy Directive; c) cybersecurity incident reporting obligations; d) the application of AI Act’s rule; and e) aspects related to the European Digital ID framework.
Draghi’s call for a comprehensive GDPR reform: what now?
The primary goal of this call for evidence is to decrease businesses’ administrative compliance expenditures without “undermining the objectives of the underlying rules”. Achieving this balance is challenging, and while reforming GDPR is a daunting task, it’s imperative.
In the explanatory document, the Commission cautiously indicates a willingness to “further investigate the potential need for simplification measures in data regulation to boost data availability and sharing”.
This commitment should be more ambitious. Recently, Mario Draghi urged for a more comprehensive GDPR reform — the issue has been recognized, and it’s time to tackle it.
Focusing the Omnibus only on the Data Governance Act, the Open Data Directive, and non-personal data will not resolve the core issue: GDPR’s excessively broad definition of personal data, Member States’ gold-plating, and their hesitation to share data with European startups and scaleups, often citing GDPR compliance.
Additionally, there is a persistent fear that increased openness could result in data being transferred to the US. These issues are addressable — and it’s urgent that they be resolved.
Some argue that “this is not how the EU operates” — that the topic belongs in another forum, that the Danish Presidency is handling it, or that GDPR reform cannot be incorporated into this call for feedback due to legal constraints. Comprehensible — but this is precisely where interservice consultations and the principles of simplification and better governance come into play.
