Particle.news
Download on the App Store
31 ARTICLES
·
5d ago

EU Unveils Digital Omnibus to Ease GDPR and Delay High-Risk AI Rules to 2027

The draft now goes to EU governments and MEPs for negotiations following praise from industry and sharp criticism from privacy advocates.

AI (Artificial Intelligence) letters and robot hand are placed on computer motherboard in this illustration created on June 23, 2023. REUTERS/Dado Ruvic/Illustration/File Photo
German Chancellor Friedrich Merz and French President Emmanuel Macron pose for a photo with a group of investors at the Summit on European Digital Sovereignty, in Berlin, Nov. 18, 2025 (AP photo by Ebrahim Noroozi).
EU flags flutter in front of the European Commission headquarters in Brussels, Belgium October 2, 2019. REUTERS/Yves Herman
Image

Overview

  • Brussels proposed targeted changes to GDPR, including a narrower definition of personal data, a new legitimate-interest basis for AI training, and clarifications on when anonymized information falls outside privacy law.
  • High-risk AI obligations under the AI Act would be pushed back about 16 months to December 2027, covering uses such as biometrics, hiring and exams, health services, creditworthiness, public services and law enforcement.
  • Cookie rules would be streamlined so users face fewer pop-ups, can give one-click consent, and store preferences in browser or operating-system settings, with some basic analytics no longer requiring banners.
  • The package includes business relief such as lighter documentation for SMEs, limited exemptions from cloud-switching rules and a proposed European Business Wallet, with the Commission citing significant cost savings.
  • Civil society groups, including 127 organizations, denounced the plan as a major rollback of digital rights, while the Commission argues it is a simplification to boost competitiveness; the proposals still require approval by EU countries and the European Parliament.