The EU Digital Omnibus: Europe’s Bold Move to Simplify Digital Regulation

The European Commission launched today an ambitious initiative that could fundamentally reshape how businesses interact with EU digital regulations. The Digital Omnibus, part of the broader Digital Package on Simplification, represents the most significant attempt yet to address what many consider the growing complexity burden of Europe’s digital regulatory landscape.

The Problem Brussels Finally Acknowledges

After years of stakeholder complaints about regulatory fragmentation and implementation complexity, the Commission has officially recognized what industry has been saying: Europe’s digital rulebook has become unwieldy. The call for evidence document is surprisingly candid about the challenges, noting that “multiple horizontal, and sector-specific rules were adopted, leading to complexity in implementation, fragmentation in their application at the national level and misalignment in the enforcement approaches.”

This acknowledgment is significant. For too long, Brussels seemed to operate under the assumption that more regulation automatically meant better protection for citizens and businesses. The Digital Omnibus suggests a more mature approach—one that recognizes regulatory effectiveness isn’t just about comprehensive coverage, but about practical implementation.

Five Critical Areas Under Review

According to the official documentation, the Digital Omnibus will include measures targeting problems and seeking simplification in the following areas:

  • the data acquis (Data Governance Act, Free Flow of Non-Personal Data Regulation, Open Data Directive)
  • rules on cookies and other tracking technologies laid down by the ePrivacy Directive
  • cybersecurity-related incident reporting obligations
  • the smooth application of the AI Act rules
  • other aspects related to electronic identification and trust services under the European Digital Identity Framework, in view of the regulatory alignment with the forthcoming proposal for an EU Business Wallet, and applying the ‘one in, one out’ principle

Let’s examine each area in detail:

Data Legislation Consolidation: The current data acquis is admittedly “fragmented,” with rules that “logically concern the same areas” scattered across multiple instruments. That has created particular challenges for smaller and mid-cap companies trying to build data-driven business models. The Commission’s recognition of the “cliff edge” problem—where small mid-caps suddenly face the full regulatory burden despite limited resources—shows an understanding of how regulatory design can inadvertently stifle innovation.

Cookie Consent Reform: The document’s reference to “consent fatigue” is telling. Rather than continuing to pile on consent requirements, the Commission is exploring “pragmatic and immediate clarifications” that could reduce cases where consent is required. That suggests a shift from the maximalist approach to user consent that has dominated recent years.

Cybersecurity Reporting Streamlining: Perhaps the most practically urgent area, the Commission acknowledges the “significant burden” from overlapping incident reporting obligations. The promise of “streamlined reporting processes” while maintaining “high cybersecurity protection” will be closely watched by the industry.

AI Act Implementation Support: Notably, the focus here isn’t on changing the AI Act itself, but on ensuring “optimal application” and providing “legal predictability.” That suggests the Commission recognizes that good law requires good implementation infrastructure.

Digital Identity Framework: The preparation for the EU Business Wallet, coupled with the “one in, one out” principle, indicates Brussels is finally taking seriously the cumulative regulatory burden on businesses.

Reading Between the Lines

Several aspects of the Digital Omnibus reveal essential shifts in EU regulatory philosophy:

The Consultation Strategy: The initiative builds on three previous consultations on Data Union Strategy, Cybersecurity Act review, and Apply AI strategy. This sequential approach suggests that the Commission is moving away from isolated regulatory interventions toward a more systematic approach to regulatory coherence.

The “Digital Fitness Check”: Perhaps most intriguingly, the document announces a forthcoming comprehensive assessment of “the coherence and cumulative impact of the EU digital acquis.” That represents the most significant regulatory review since the creation of the Single Market. The fitness check could reveal whether Europe’s digital regulatory approach is fundamentally sound or requires more profound structural changes.

Technical Adjustments, Not Philosophical Shifts: The Commission explicitly states these are “technical” adjustments that “do not modify the spirit of the laws.” That suggests the underlying regulatory philosophy remains unchanged - the focus is on implementation efficiency rather than substantive policy reconsideration.

The Stakeholder Response So Far

The early feedback reveals predictable divisions. The French citizen contributor advocates for mandatory open-source adoption for transparency reasons, reflecting ongoing European skepticism about proprietary technology systems. Meanwhile, AI & Partners B.V. from the Netherlands warns against “substantive amendments to primary law,” advocating for implementation support rather than legal changes.

These early responses highlight a fundamental tension in European digital policy: the desire for technological sovereignty and transparency often conflicts with business needs for legal certainty and implementation flexibility.

What This Means for the Future

The Digital Omnibus represents a maturation of EU digital policy. Rather than the reactive, crisis-driven regulation that characterized much of the past decade, this initiative suggests a more systematic approach to regulatory management.

However, several questions remain unanswered:

Scope Limitations: The focus on immediate, technical adjustments may miss deeper structural problems in EU digital regulation. The Commission’s insistence on maintaining the “spirit of the laws” suggests reluctance to acknowledge that some regulatory approaches may be fundamentally flawed.

Implementation Timeline: The Q4 2025 timeline is ambitious given the complexity of coordination across member states and regulatory frameworks.

Enforcement Consistency: While the initiative promises streamlined compliance processes, it’s less clear how it will address the “misalignment in enforcement approaches” across member states that the document identifies as a core problem.

The Bigger Picture

The Digital Omnibus should be understood within broader European competitiveness concerns. The Commission’s reference to “opportunities that can be generated to boost the competitiveness and innovation of the digital sector” reflects growing awareness that regulatory burden affects Europe’s position in global technology competition.

The timing is notable. As the US potentially moves toward technology deregulation and China continues its state-directed technology approach, Europe is attempting to find a third way: maintaining high regulatory standards while reducing implementation burden.

Conclusion

The Digital Omnibus represents either a genuine turning point in EU digital regulation or an elaborate exercise in regulatory housekeeping. The distinction will depend on execution.

If successful, it could demonstrate that Europe can maintain its values-based approach to technology governance while remaining competitive in global markets. If it fails to reduce regulatory burden while maintaining protection levels meaningfully, it may confirm critics’ views that European digital regulation is structurally unsuited to rapid technological change.

The consultation period runs until October 14, 2025. For businesses operating in the EU digital space, this represents a rare opportunity to influence the regulatory framework’s practical implementation. The Commission appears genuinely interested in stakeholder input - a refreshing change from the sometimes top-down approach of previous digital initiatives.

Whether the Digital Omnibus fulfills its promise of “same protection standards, significantly lower administrative burden” remains to be seen. However, the initiative’s existence suggests that Brussels finally understands that reasonable regulation isn’t just about comprehensive coverage - it’s about smart, implementable rules that achieve their objectives without stifling the innovation they’re meant to protect.

Related hashtags

#DigitalOmnibus #EURegulation #DigitalSimplification #EuropeanCommission #AIAct #GDPR #Cybersecurity #DataGovernance #CookieConsent #DigitalIdentity #EUBusinessWallet #RegulatoryReform #DigitalPolicy #TechRegulation #Compliance #DigitalSingleMarket #SMEs #TechIndustry #LegalTech #RegTech