The European Commission is planning to pause, reflect and examine coherence between different European Union legal instruments through its digital simplification omnibus, but "there's not going to be an overall moratorium on the AI Act,” according to a Commission representative 22 Sept.
Yvo Volman, the Director of Data for the European Commission Directorate-General for Communications Networks, Content and Technology, appeared at the first post-summer recess meeting of European Parliament's Committee on Civil Liberties, Justice and Home Affairs and said a full pause on the AI Act was "not on the table." When asked whether the statement also meant there will not be a partial "stop-the-clock" on targeted aspects of the AI Act, Volman only said the Commission's focus "is to support companies to make sure that the rules work in practice."
He also linked his remarks to the importance of legal certainty and the need to take into account the reality of compliance, where companies feel the need to prepare themselves in case the EU decides to change the regulatory landscape again.
Volman's remarks came as Politico reported the Commission is weighing its options to pause aspects of its landmark regulation. Among the proposals under consideration is a potential pause of six or 12 months on the enforcement of high-risk AI use, which is currently set to being August 2026. The Council of the European Union discussed AI Act simplification options 23 Sept. while Parliament will have its own discussions 15 Oct.
The digital simplification omnibus, which is expected to be published by the end of this year, aims to streamline parts of the EU digital rulebook and cut red tape, specifically addressing EU instruments in the areas of data, cybersecurity and AI. The Commission is currently conducting a public consultation on the file, which is runs through 14 Oct. IAPP News Editor Joe Duball reported on the details of the consultation, including how it approaches targeted AI Act changes.
Simplification goals for AI
During the debate at the LIBE Committee meeting, some MEPs expressed concerns about the AI Act being part of the upcoming omnibus. They voiced skepticism over the Commission's plans to simplify a law and its enforcement when it has barely been implemented.
Volman said the goal of potential simplification of the AI Act, and other EU legislation such as the Data Act, is to make sure industry understands the rules and can apply them in practice. He also referred to the additional direct support that will come from the European AI Office, with the launch of the AI Act Service Desk slated for October. The service desk is in the works since April and is planned to act as a one-stop-shop for AI Act-related information — from interactive tools to determine applicability to personalized guidance.
Volman added the simplification efforts are specifically aimed at boosting the competitiveness of European companies in the AI space. The Commission will provide a more detailed breakdown of EU plans via its Apply AI Strategy, which is set to publish 8 Oct.
Other omnibus objectives
Volman clarified a default user opt-out mechanism, which would require consumers to actively opt in to any website tracking, is not the Commission's preferred solution to third-party cookie-related issues under the ePrivacy Directive. The upcoming omnibus may also bring targeted changes to the eID framework, as the Commission wants to simplify matters for Trust Service Providers and set the stage for the EU Business Wallet project.
In terms of data acquis, the Commission is planning to look at the regulation on the free flow of personal data, the coherence between the Data Governance Act and the Open Data Directive, and aspects of the Data Act. For cybersecurity, the package will address the Cybersecurity Act and will target issues in relation to reporting obligations.
German MEP Birgit Sippel called out the Commission for proposing multiple laws, oftentimes without impact assessment and without analyzing their cumulative effects and therefore resulting in a need to repair or update a given regulation. Volman responded by assuring that the Commission has learned from its prior work, which will result in fewer new proposals this mandate, while also raising more critical assessment of the instruments already in place.
The Commission is working to immediately address perceived ambiguity with several guidance tools, including an upcoming report on the interplay between the Digital Services Act and other EU legislation that will be published together with the digital simplification package, and guidelines on the intersections between the EU General Data Protection Regulation and the AI Act.
Volman explained the upcoming digital omnibus is the first step of the digital simplification process. After the simplification omnibus proposal is finalized, the Commission will be launching a Digital Fitness Check with a large-scope consultation to look at the wider digital rulebook. The Commission's plan is to address not only the cumulative effect of the EU's horizontal digital legislation, but also the sectoral laws and to simplify "not just the rules but also the daily reality of business-to-government and business-to-business interactions," he said.
GDPR simplification
The LIBE Committee meeting had additional discourse about other EU simplification initiatives. EU institutions discussed the Omnibus IV proposal introduced in May to simplify EU legislation for small and medium-sized enterprises and extend benefits to a new category of companies, small mid-caps, with up to 750 employees.
Part of the SME omnibus proposes changes to the GDPR, including the record-keeping exemption under Article 30(5). With the amendment, there will only be one threshold for record-keeping instead of the three current requirements.
Record keeping will only be necessary for high-risk processing, which Julien Mousnier, Director for the Rule of Law and Fundamental Rights and Democracy in the Commission’s Directorate-General for Justice and Consumers, said is best explained through European Data Protection Board guidelines. He added national data protection authorities have publicly accessible guidance on the matter as well.
European Commission Directorate-General for Internal Market, Industry, Entrepreneurship and SMEs Deputy Director Marie-Hélène Pradines indicated the Commission expects the Council’s mandate for negotiations with the Parliament on the SME omnibus will come 24 Sept.
Laura Pliauškaitė is the European operations coordinator for the IAPP.
