Consultation response to the European Commission’s call for evidence on the Digital Omnibus

Calling “deregulation” for what it is

The Digital Omnibus is part of the Commission’s broader “simplification” agenda, a political drive explicitly aimed at deregulation across EU and national levels, as recently confirmed by Commission President Ursula von der Leyen. This is far from a neutral administrative exercise: it risks weakening long-standing protections – from environmental safeguards to privacy and data protection – while deepening the influence of corporate interests in policymaking.

By presenting simplification as a way to streamline rules, the Digital Omnibus threatens to reopen settled legislation and undermine the EU’s hard-won digital acquis, as similar Omnibuses initiatives have already done. Rules to protect are increasingly framed as obstacles to “competitiveness,” the guiding principle adopted by this mandate regardless of social or democratic costs.

Alongside the Digital Omnibus, the Commission is also expected to conduct a “digital fitness check”, a broad review of the EU’s digital rulebook aimed at assessing whether existing laws remain “fit for purpose.” Such a review could have significant implications for the future direction of EU digital policy, charting out a longer-term deregulation plan.

Weakening rights through substance and process

The EDRi network submitted a response to the European Commission’s call for evidence, highlighting the social and economic benefits of the EU’s digital laws. Failing to protect these rules puts 500 million people at risk of privacy, data protection, equality, and security breaches.

The GDPR, the ePrivacy framework and the AI Act are not obstacles to innovation, they are the foundation of Europe’s human-centric digital model. Yet, under the pretext of coherence, the Commission seems prepared to blur the line between personal and industrial data, to dilute ePrivacy protections in the name of tackling “cookie fatigue”, and to revisit key safeguards in the AI Act before it has even entered into force.

This approach prioritises quantity of reforms over the quality of protections. Counting the number of laws “simplified” is not the same as improving them, and the Digital Omnibus risks creating a procedural imbalance that mirrors its substantial flaw. Its process is built on exclusion by design, at the expense of EU democratic accountability. Consultation timelines have been extraordinarily short, “reality checks” focused almost exclusively on industry voices, and impact assessment assumptions implausibly optimistic, claiming no negative effect on fundamental rights despite clear evidence to the contrary.

A call to protect Europe’s digital legacy

In its submission, EDRi urges the Commission to resist reopening democratically agreed digital safeguards and instead focus on enabling compliance and accountability. Europe’s digital laws – from the GDPR and ePrivacy to the AI Act and Data Governance Act – have delivered tangible benefits for individuals and societies. Their challenges lie not in overreach, but in under-enforcement and under-resourcing. This is why EDRi’s propose alternatives and innovative options that could foster compliance while guaranteeing justice, accountability, and safety for individuals and communities.

Rather than catering to corporate interests, the EU should invest in enforcement, strengthen the application of its laws, ensure regulators can act effectively, and empower individuals and communities to defend their rights.