Reopening GDPR and ePrivacy through the Digital Omnibus: a risky path for EU digital rights
EDRi has assessed the Digital Omnibus proposals affecting the General Data Protection Regulation (GDPR) and the ePrivacy framework. While presented as simplification, the changes amount to deregulation in effect, weakening fundamental rights safeguards, increasing legal uncertainty, and advancing through a process that falls short of democratic lawmaking standards.
Filter resources
-
Reopening GDPR and ePrivacy through the Digital Omnibus: a risky path for EU digital rights
EDRi has assessed the Digital Omnibus proposals affecting the General Data Protection Regulation (GDPR) and the ePrivacy framework. While presented as simplification, the changes amount to deregulation in effect, weakening fundamental rights safeguards, increasing legal uncertainty, and advancing through a process that falls short of democratic lawmaking standards.
Read more
-
UK adequacy decision: a risk for the future and a lesson to be learnt
As the UK adequacy renewal comes to an end, EDRi member Open Rights Group reflects on its outcome and the broader implications for the future of EU-UK relatiopnships.
Read more
-
Fighting for algorithmic justice: lessons learned in working closely with affected people
Bits of Freedom shares lessons learned while working on “Amsterdam Top400”, an invasive municipality project which involved the use of predictive policing and led to unwanted interference in the private lives of young people. Together with a coalition of professionals from different background and affected individuals, they explored the possibility of holding the municipality of Amsterdam accountable for violations of children’s rights, data protection law, and fundamental freedoms.
Read more
-
When data relate to us
The EDPS vs. Single Resolution Board judgment goes to the heart of the EU’s fundamental right to data protection, shaping how artificial intelligence, data spaces and so-called privacy-enhancing technologies (PETs) will be governed in practice. The ruling of the Court of Justice of the European Union (CJEU) arrives at a crucial time to reiterate what counts as personal data, reinforcing the importance of the protection that the GDPR was designed to guarantee.
Read more
-
Press Release: Commission’s Digital Omnibus is a major rollback of EU digital protections
Today the European Commission has published two Digital Omnibus proposals, reopening the EU’s core protections against harm in the digital age. This step risks dismantling the rules-based system that was hard-won over decades, endangering the very foundation of human rights and tech policy in the EU.
Read more
-
Why the Digital Omnibus puts GDPR and ePrivacy at risk
On 19 November, the European Commission has published two Omnibus proposals: one that rewrites key parts of the General Data Protection Regulation (GDPR) and ePrivacy rules, along with other data-related laws, and another that amends the AI Act. This article focuses on the first proposal. It explains how the changes would weaken core rights to data protection and the confidentiality of communications, and why the combined effect risks reshaping long-standing safeguards for people in the EU.
Read more
-
EU adopts Digital Trade Agreement with Singapore despite warnings: a setback for digital rights and democratic oversight
The European Parliament has approved the EU–Singapore Digital Trade Agreement, rejecting a motion to seek a Court of Justice opinion on its legality. This decision weakens the Union’s capacity to safeguard privacy, data protection, and accountability over software systems, at a time when deregulation pressures are increasing across Europe.
Read more
-
Budget cuts incapacitate Austrian DPA: NGOs complaint to the EU Commission
Despite its growing responsibilities, the Austrian Data Protection Authority continues to be impaired by budget cuts. epicenter.works and noyb are filing a complaint with the European Commission about Austria not fulfilling its obligations of sufficiently funding its data protection authority and leaving millions of Austrians to deal with consequences of limited access to the fundamental right to data protection.
Read more
-
Open Letter: The EU weakens the rules that safeguard people and the environment
470 civil society society organisations, trade unions and public interest groups are making it clear to European Commission President Ursula von der Leyen, European Commissioners and EU Member States that our rights, planet, health and justice are not for sale. They call on EU lawmakers to protect and promote the rights enshrined in the EU Charter and international human rights law, instead of endangering them.
Read more
-
EDRi warns against GDPR ‘simplification’ at EU Commission dialogue
On 16 July 2025, EDRi participated in the European Commission’s GDPR Implementation Dialogue. We defended the GDPR as a cornerstone of the EU’s digital rulebook and opposed further attempts to weaken it under the banner of ‘simplification’. The discussion was more divided than the official summary suggests.
Read more
-
A missed opportunity for enforcement: what the final GDPR Procedural Regulation could cost us
After years of debate, the GDPR Procedural Regulation has been finalised. Despite some improvements, the final text may entrench old problems and create new ones, undermining people’s rights and potentially opening the door to weakening the GDPR itself.
Read more
-
Undermining the GDPR through ‘simplification’: EDRi pushes back against dangerous deregulation
EDRi has responded to the European Commission’s consultation on the GDPR ‘simplification’ proposal. The plan to remove documentation safeguards under Article 30(5) risks weakening security, legal certainty and rights enforcement, and opens the door to broader deregulation of the EU’s digital rulebook.
Read more