The European Commission is preparing to ease some of its toughest digital and AI regulations, as the European Commission slams the European Commission for sacrificing privacy to secure big tech investments.
The commission is expected to unveil a “digital omnibus” next week that will streamline compliance rules for AI companies and adjust controversial GDPR provisions.
Europe has struggled to keep pace with US tech giants in AI development. Companies like Meta, Google, and OpenAI have all cited privacy and regulatory hurdles as key barriers, slowing the rollout of AI across the continent. Meta, for example, refused to sign up to the EU’s implementing regulations on general-purpose AI models earlier this year, warning that the rules created “legal uncertainty” and went beyond the intended scope of the AI Act.
Europe has long been accused of suppressing regulation. Last month, we reported that Google had warned that new UK regulations could “stymie innovation and growth” after the Competition and Markets Authority (CMA) formally designated Google Search as a strategic market position (SMS), giving the regulator new powers to oversee how the platform operates.
Meanwhile, the Trump administration has repeatedly threatened to impose tariffs on countries whose digital regulations and taxes it deems discriminatory against U.S. tech companies. Against this backdrop, Brussels appears ready to bow to both political and economic pressure, offering temporary compliance relief to avoid slowing innovation and international backlash.
Critics warn that this realism comes at a cost. By giving regulatory freedom to big tech companies, the EU risks undermining the strict standards that once distinguished AI and privacy frameworks on the world stage.
The AI Act, which took effect in August 2024 as the first comprehensive global law regulating artificial intelligence, has faced criticism from Big Tech and even the US government for stifling AI development and innovation.
According to reports, the European Commission is considering imposing a one-year “grace period” for companies that violate rules on high-risk AI applications. Generative AI providers that already have products on the market (systems that can generate text, images, and other content) may continue to operate before reaching full compliance.
Fines for breaching AI transparency obligations may also be delayed until August 2027. High-risk AI developers may have more flexibility in monitoring their products and will be able to follow more prescriptive guidance than originally required. For businesses, these measures reduce legal risk, enable faster product rollouts, and provide critical time to adapt without disrupting operations.
GDPR relaxation
Perhaps the most controversial aspect of the package is the proposed relaxation of certain GDPR provisions that have long been considered a barrier to AI innovation. Under the draft rules, sensitive data such as health information, ethnicity and religion would be more freely processed in certain circumstances.
Planned reforms to cookie and online tracking requirements will further simplify operations and create a clearer framework for AI and digital service providers.
trade off
For businesses, the potential benefits are significant. Grace periods, enforcement delays, and clarity on data rules increase certainty, reduce compliance costs, and enable faster adoption of AI products. European companies, alongside global high-tech companies, are positioned to gain a competitive advantage in the region by operating in a regulatory environment that is less constrained by early-stage obligations.
But critics warn that these concessions come at a cost. As the EU balances competitiveness and protection, citizens’ fundamental rights may be weakened. By prioritizing market growth and innovation, the European Commission risks undermining the very privacy and protection measures that once made Europe stand out on the world stage.
Once the omnibus proposal is formally published, it will need to be approved by EU member states and the European Parliament. If adopted, these are likely to accelerate AI innovation and deployment across Europe, but questions remain as to whether the benefits to business will outweigh the potential erosion of privacy and digital rights.
Related articles
UK ‘hampered’ by cloud regulations as reliance on hyperscalers deepens
UK regulator designates searches with strategic market position, Google warns of ‘onerous’ rules
