The European Commission is preparing to ease some of its most stringent digital and AI regulations, with critics blasting the commission of sacrificing privacy to secure big tech investment.

The commission is expected to unveil its “digital omnibus” next week, which would streamline compliance rules for AI companies and controversially adjust GDPR provisions.

Europe has struggled to keep pace with American tech giants in AI development. Companies like Meta, Google, and OpenAI have all delayed AI rollouts across the continent, citing privacy and regulatory hurdles as key barriers. Meta, for example, refused to sign the EU’s code of practice for general-purpose AI models earlier this year, warning that the rules introduced “legal uncertainties” and exceeded the AI Act’s intended scope.

Europe has long been accused of stifling regulations. Last month we reported that Google has warned that new UK regulations could “inhibit innovation and growth” after the Competition and Markets Authority (CMA) formally designated Google Search with Strategic Market Status (SMS), giving the regulator new powers to oversee how the platform operates.

Critics warn that this pragmatism comes at a cost. By providing regulatory leeway to big tech, the EU risks trading away the strict standards that once distinguished its AI and privacy frameworks on the global stage.

The AI Act, which came into force in August 2024 as the first comprehensive global legislation regulating artificial intelligence, has faced criticism from Big Tech and even the U.S. government for allegedly stifling AI development and innovation.

Reports suggest the European Commission is considering a one-year “grace period” for companies that breach rules on high-risk AI applications. Generative AI providers (systems capable of producing text, images, or other content) who have already placed products on the market could continue operating before full compliance.

Fines for violations of AI transparency obligations could also be delayed until August 2027. High-risk AI developers may gain additional flexibility in monitoring their products, allowing them to follow less prescriptive guidance than originally required. For companies, these measures reduce legal risk, enable faster product rollouts, and provide crucial time to adapt without disrupting operations.

Easing GDPR

Perhaps the most controversial aspect of the package is its proposed loosening of certain GDPR provisions, long considered a barrier to AI innovation. Under the draft rules, sensitive data such as health information, ethnicity, or religion could be processed more freely under specific circumstances.

Planned reforms to cookie and online tracking requirements would further simplify operations, creating a clearer framework for AI and digital service providers.

The trade-off

For companies, the potential benefits are significant. Grace periods, delayed enforcement, and clarified data rules provide certainty, lower compliance costs, and enable quicker deployment of AI products. European firms, alongside global tech players, stand to gain a competitive advantage in the region, operating in a regulatory environment less constrained by early-stage obligations.

However, critics warn that these concessions come at a cost. Citizens’ fundamental rights could be weakened as the EU balances competitiveness against protection. By prioritising market growth and innovation, the Commission risks undermining the very privacy and safeguards that once set Europe apart on the global stage.

Once the omnibus proposals are formally released, they will need approval from EU member states and the European Parliament. If adopted, they are likely to accelerate AI innovation and deployment across Europe—but the question remains: will the benefits to business outweigh the potential erosion of privacy and digital rights?

RELATED STORIES

UK ‘dragging its feet’ on cloud regulation as reliance on hyperscalers deepens

Google warns of ‘onerous’ rules as UK regulator designates Search with strategic market status