The digital rulebook is fit for purpose: better enforcement is needed, not simplification

EDRi responded to the European Commission’s consultation on the Digital Fitness Check, emphasising the importance of the rights-based digital framework developed over the years. Rather than simplifying people's rights protections, it should focus on stronger enforcement and closing gaps. Only in this way, the EU can continue to lead in building a digital environment that works for people, democracy and innovation alike.

By EDRi · July 16, 2026

EDRi’s response

EDRi responded to the European Commission’s call for contributions to the Digital Fitness Check, which tests the cumulative impact of digital regulations and determine how well they support the EU’s values and fundamental rights. This is the second stage of the Commission’s plan to simplify the EU’s digital regulations, following the adjustments proposed under the Digital Omnibus Regulation.

In its submission, the EDRi network emphasised the meaningful benefits of the EU’s digital rulebook for people and businesses alike, stressing that Europe’s rights-based approach is a competitive advantage, not a barrier to innovation. It enables businesses to develop trustworthy, ethical and sustainable technologies while ensuring that people’s rights are protected by clear boundaries. When abuses occur, individuals have access to redress.

Why the rights-based model is a strength

Several cornerstone laws have demonstrated that this rights-based model is a strength. For instance, the General Data Protection Regulation (GDPR) has not only strengthened the protection of personal data within the EU, but it has also shaped global standards, establishing Europe as a leader in rights-based digital governance. It provides a high level of protection and legal certainty for those operating in the digital economy.

However, this framework is now under pressure. The GDPR and the Artificial Intelligence Act are central to the proposed Digital Omnibus, which has raised serious concerns about the potential rollback of key protections undermining both fundamental rights and legal certainty. The priority should be to strengthen enforcement and support compliance through effective and timely implementation.

Similarly, the Commission should not reopen nor dilute the Digital Services Act (DSA) and Digital Markets Act (DMA), which have significantly improved online protections and created fairer conditions for competition. Yet, in the past year, they have been subjected to a growing political pressure, particularly from the US, reflects their impact in challenging Big Tech’s market power and reinforcing Europe’s digital sovereignty. Both of these regulations already include mechanisms for democratic oversight and review, the focus should be on making them work in practice.

More broadly, the current push for “simplification” advanced by the current Commission risks overlooking and compromising the full value of Europe’s digital framework. Human rights protections, as well as social and environmental safeguards, generate significant benefits across society, even if these are harder to quantify than short-term cost savings for businesses.

Policymaking must not be reduced to narrow metrics that fail to capture the public interest. This is why, to ensure a coherent and comprehensive digital rulebook, the EU should focus on robust enforcement and on addressing real gaps, including:

  • advancing the Digital Fairness Act;
  • introducing a total ban on spyware;
  • developing a dedicated regulation for the online advertising ecosystem (AdTech);
  • and modernising the ePrivacy framework to effectively address pervasive online surveillance, while avoiding unnecessary overlap.

By maintaining a rights-based approach, the EU can continue to lead in building a digital environment that works for people, democracy and innovation alike.