European Commission Moves to Simplify GDPR and Digital Laws

On 19 November 2025, the European Commission presented its Digital Omnibus Package. It is a sweeping set of proposals that aims at revising the General Data Protection Regulation (GDPR) and harmonising other digital laws to reduce compliance burdens for businesses. The initiative is framed as both a competitiveness measure and a simplification effort, designed to help European companies innovate while maintaining high standards of privacy and fundamental rights. 

The package introduces targeted amendments to the GDPR, the AI Act, and the Data Act. It seeks to clarify obligations and eliminate overlapping requirements. For example, the Commission proposes streamlined rules for cross-border data transfers, simplified consent mechanisms for low-risk processing, and clearer guidance on the lawful bases for data use in AI training. These changes are expected to cut down administrative costs, with the Commission estimating potential savings of up to €5 billion by 2029. 

Another key element is the creation of European Business Wallets, a digital tool that could save companies an additional €150 billion annually by reducing paperwork and enabling secure, standardised data exchanges across the EU. The Omnibus also emphasises legal certainty, aiming to reduce litigation risks and compliance confusion that have arisen since GDPR’s enforcement in 2018. 

The proposals also address cybersecurity and breach reporting, introducing more consistent timelines and thresholds for notifying regulators and affected individuals. For AI, the revisions align with the forthcoming AI Act, ensuring that data protection rules do not stifle innovation while still safeguarding against profiling and misuse. 

The legislative process will now move to the European Parliament and Council, where the proposals are expected to undergo significant debate and possible amendments before adoption. If passed, the Digital Omnibus Package would mark the most substantial recalibration of EU digital regulation since GDPR came into force.  

📰 Mini Headlines 

• German Watchdogs Call for Ban on Children’s Data in Online Ads 

Germany’s data protection authorities have urged a complete ban on the use of children’s personal data for online advertising. The watchdogs argue that minors are particularly vulnerable to profiling and targeted marketing, which can exploit their behaviour and preferences. The proposal seeks to strengthen protections under the EU’s GDPR and ensure that platforms cannot monetise children’s digital footprints. Regulators emphasised that safeguarding young users’ privacy is essential to building trust in digital services. 

Children’s Personal Data  

Read More →   https://www.mlex.com/mlex/articles/2413656/ban-use-of-children-s-data-for-online-advertising-german-data-watchdogs-say  

• Google Launches Private AI Compute to Enhance Data Privacy 

Google has unveiled Private AI Compute. It is a new framework designed to process sensitive data securely while maintaining user privacy. The system allows AI models to run computations locally or in controlled environments without exposing raw personal data to external servers. By integrating privacy-preserving techniques such as differential privacy and federated learning, Google aims to balance innovation with compliance across industries. The initiative is positioned as a response to growing regulatory demands and consumer concerns over data misuse. 

Private AI Compute 

Read More →    https://www.datamation.com/artificial-intelligence/google-private-ai-compute/  

• Apple Tightens App Store Rules on AI Data Sharing 

Apple has announced stricter App Store policies requiring developers to obtain explicit user permission before sharing personal data with AI systems. The new rules mandate clear disclosures and opt-in consent for any AI-driven data processing, including training models or personalisation features. Apple said the move is intended to reinforce transparency and protect user privacy amid the rapid expansion of generative AI apps. Developers failing to comply risk removal from the App Store. 

Personal Data   

Read More →      https://www.thehansindia.com/technology/tech-news/apple-tightens-app-store-rules-explicit-permission-needed-for-ai-data-sharing-1023317