The Digital Omnibus Package proposal coming from the European Commission has now been published, aiming at restructuring the EU’s digital regulatory landscape.
Reducing legal fragmentation, creating a more coherent framework, and easing compliance for organisations operating across data protection, privacy, cybersecurity and AI are the stated purposes of the initiative.
The proposal includes targeted amendments to the AI Act, the GDPR, the ePrivacy Directive, the Data Act and the NIS2 Directive, including:
- Clearer guidance on the use of personal data for technological development and more streamlined mechanisms for incident notification;
- Revision on cookie and device-access rules to reduce unnecessary friction for users while reinforcing meaningful control over their data;
- Consolidation of existing data legislation around the Data Act, integrating provisions from instruments such as the Data Governance Act and removing provisions considered outdated or redundant;
- A single EU portal solution for cybersecurity and data-breach reporting, replacing the current patchwork of parallel reporting channels.
Overall, these reforms aim to make compliance more practical and cost-efficient, to enhance legal certainty, and to support Europe’s technological competitiveness, while maintaining EU’s high standards of privacy, security and fundamental rights.
Our Technology, and Personal Data team is monitoring the topic and will share more detailed updates shortly. Stay tuned.
