EU Digital Omnibus: Analysis of key changes

Announced 19 Nov. 2025 as one of three parts of the European Commission's Digital Package, which also includes the Data Union Strategy and European Business Wallets, the Digital Omnibus is a proposal to simplify the EU's Digital Rulebook on data, cybersecurity, and artificial intelligence. It seeks to reduce business costs and improve innovation.

As the first attempt at optimizing the EU's "digital acquis," the Omnibus consists of two proposed regulations: a Digital Omnibus that would amend, amongst other legislation, the EU General Data Protection Regulation, ePrivacy Directive, NIS2 Directive and Data Act and a Digital Omnibus on AI that would amend the EU AI Act.

The official publication of the Commission's proposals triggers the formal legislative process, which will include trilogue negotiations with the Commission's co-legislators, the European Parliament and the Council of the European Union. The process will also include opinions from the European Data Protection Board and European Data Protection Supervisor. This legislative process will likely take many months. Until that time, it is worth delving into the motivation behind and substance of the key proposals made by the Commission while closely monitoring debate over the scope of the reforms.

Motivation for the Digital Omnibus

The Digital Omnibus comes at a critical time for Europe, whose "accumulation of rules has sometimes had an adverse effect on competitiveness." It marks the Commission's most significant effort to date to implement recommendations made in the Draghi report, which called for action to spur innovation in Europe, whose "growth model is fading" as "inaction threatens not only [the EU's] competitiveness but [its] sovereignty itself," in the words of Professor Draghi.   

The Commission seeks to pursue a balance between the following aims: