EU’s Digital Omnibus Leaves Tech Chiefs Fuming Over Half-Measures on Red Tape

The EU's Digital Omnibus aimed to slash red tape in GDPR and the AI Act but has left industry frustrated with watered-down reforms and civil society alarmed by privacy rollbacks. Delays to high-risk rules offer some relief, yet core obligations remain. Real impact will unfold over the next 18 months.
EU’s Digital Omnibus Leaves Tech Chiefs Fuming Over Half-Measures on Red Tape
Written by Maya Perez

Brussels set out to torch layers of digital rules last year. Industry leaders cheered at first. Then the fine print arrived.

The European Commission’s Digital Omnibus promised relief from overlapping obligations in the GDPR, AI Act and related laws. Executives expected breathing room to innovate faster against U.S. and Chinese rivals. What they received instead were targeted tweaks, procedural delays and fresh uncertainties that few find sufficient.

Richard Longden, general counsel at chemicals giant INEOS, captured the frustration. The EU remains “hardwired” to create rules but stays poor at removing them, he told Politico. His view echoes across boardrooms. Martynas Barysas of BusinessEurope added that burden-reduction efforts now drown in “the inertia” of endless working-level talks.

From Promise to Pushback

Ursula von der Leyen pledged in late 2024 to lighten the regulatory load. Business groups applauded the signal. By February 2025 the Commission had rolled out roughly a dozen omnibus packages spanning defense, energy, chemicals, agriculture and digital policy. Officials claimed these steps would deliver billions in savings. They described the pace as “unprecedented.”

Yet the digital slice drew immediate heat. A leaked draft surfaced in October 2025. Euractiv reported that the plan would centralize AI oversight in the Commission, broaden legal bases for processing sensitive data to train models, and scale back certain GDPR and ePrivacy provisions. Privacy advocates recoiled. Tech companies said the changes didn’t go far enough.

One hundred thirty-three civil society organizations and unions fired off a blunt warning. They urged the Commission to halt plans that would weaken core protections in the GDPR, ePrivacy framework and AI Act. The coalition called it “the biggest rollback of digital rights in EU history,” according to EDRi.

Amnesty International joined the chorus months later. Its April 2026 analysis framed the omnibus as a corporate-backed effort to feed AI development at the expense of individual rights. “Rolling back these protections puts all of us at risk,” the group stated in its campaign brief.

Industry responses split along predictable lines. Trade groups such as the Information Technology Industry Council welcomed the direction but pressed for deeper cuts to fragmentation and compliance costs. A January 2026 mapping by Didomi showed big tech broadly supportive yet vocal that the proposals fell short of delivering predictable, innovation-friendly rules. Smaller firms and mid-caps gained some extended exemptions. Many still face the same thicket of reporting duties.

Negotiations turned messy. Talks collapsed after 12 hours in April 2026. By May the AI-focused portion reached provisional agreement. The Council gave final approval on June 29, 2026. The package delays applicability of high-risk AI obligations from August 2026 to December 2027 for many systems, with some extensions into 2028. It scraps the mandatory AI literacy requirement, replaces it with non-binding encouragement, and removes the need to register certain exempted systems in the EU database. A new six-month transition applies to generative AI content marking. Post-market monitoring gains flexibility.

Critics inside the privacy community see a pattern. The changes prioritize AI rollout over data safeguards. The omnibus broadens lawful bases for using personal data to detect bias across all AI systems, not just specific high-risk ones. It also trims overlaps with existing machinery rules and strengthens the AI Office’s role in supervising general-purpose models.

But. Several of the Commission’s bolder GDPR reforms vanished during Council talks. The entity-relative personal data test, relocation of cookie consent rules, and a dedicated legitimate-interest basis for AI training all disappeared from later compromise texts, per analysis from the Law & Economics Center. The result hands more interpretive power back to regulators whose strict readings prompted the simplification drive in the first place.

So companies now operate under a hybrid regime. High-risk deadlines have shifted. Core transparency obligations for AI systems that interact with humans remain in force. Watermarking rules for certain generated content carry their own staggered timeline. Prohibitions on non-consensual intimate imagery generation take effect in December 2026. Enforcement powers in member states like Finland have already kicked in.

Recent coverage shows the debate refuses to settle. A June 2026 Gibson Dunn client alert noted that the deferral acknowledges missing harmonized standards and infrastructure but leaves the AI Act’s fundamental architecture untouched. Their summary called it pragmatic yet no dismantling. White & Case and Sidley Austin echoed the point: businesses gain time yet must still prepare documentation and explainability measures that apply today.

Even pro-simplification voices express caution. A BDO analysis circulating on X in early July highlighted improvements to workability from a privacy angle but stopped short of declaring victory. Recent X posts from governance experts stress that pausing programs after hearing “delay” risks missing live obligations under Articles tied to general-purpose AI and transparency.

The Commission defends its record. It blames national capitals for slow implementation of agreed simplifications. Officials point to the broader 2025 work program that targeted overlapping, unnecessary or disproportionate rules. Sustainability reporting now focuses on the largest companies. Smaller players receive targeted carve-outs across multiple omnibus packages.

Yet the digital domain exposes deeper tensions. Europe built a global reputation on high standards for privacy and accountable AI. Loosening those standards to chase competitiveness carries risks. Civil society letters emphasize that strong digital rules serve as defense against exploitation by both domestic and foreign actors. Industry counters that excessive fragmentation and legal uncertainty already deter investment.

Consultancies and trade bodies surveyed by The Next Web and Politico in recent months paint a consistent picture. Seventeen respondents across sectors called the process too slow, too costly and too complicated. Some suggest a five-to-ten-year regulatory pause would deliver more value than constant tinkering. Others argue the real barriers sit elsewhere: energy prices, carbon costs, skills shortages.

Implementation will test these arguments. The AI Omnibus enters into force shortly after publication in the Official Journal. Member states and companies have until late 2027 to align many high-risk systems. Data protection authorities must adapt guidance. The European Data Protection Board and Supervisor issued a joint opinion in January 2026 that backed simplification only where it preserved enforceability and fundamental rights. They flagged several provisions as potential dilutions of accountability.

Tech executives now face a practical choice. They can treat the delays as runway to build compliant systems. Or they can continue lobbying for the next wave of changes. Early signals suggest the latter. Trade associations describe the current package as a constructive start that requires follow-through. Privacy groups vow to fight any further erosion.

Brussels has lit its bonfire. The flames, so far, feel more like controlled burns than a cleansing blaze. Whether the resulting framework spurs the innovation Europe seeks or simply adds new layers of interpretive complexity remains the open question that boardrooms and regulators will wrestle with for years ahead.

Subscribe for Updates

DigitalTransformationTrends Newsletter

The latest trends and updates in digital transformation for digital decision makers and leaders.

By signing up for our newsletter you agree to receive content related to ientry.com / webpronews.com and our affiliate partners. For additional information refer to our terms of service.

Notice an error?

Help us improve our content by reporting any issues you find.

Get the WebProNews newsletter delivered to your inbox

Get the free daily newsletter read by decision makers

Subscribe
Advertise with Us

Ready to get started?

Get our media kit

Advertise with Us