The European Commission has introduced a wide-ranging “digital omnibus” package aimed at reducing regulatory burdens across AI, data governance, and cybersecurity, asserting that streamlined rules will strengthen business growth. The proposal consolidates data obligations under the Data Act and GDPR, amends the AI Act to ease administrative requirements, and delays full enforcement of high-risk AI rules until supporting standards are in place.
The Commission estimates the plan will cut up to $5.4 billion in administrative costs by 2029 and deliver roughly $162 billion in annual savings through a unified digital identity system. Additional measures include a single portal for all cybersecurity incident reporting, greater access to data for AI development, and expanded regulatory sandboxes, including an EU-level sandbox set to launch in 2028.
Targeted adjustments to the AI Act are expected to save small and medium-sized firms at least $243 million per year, while proposed GDPR changes would “harmonize, clarify, and simplify” rules to support compliance. EU Executive Vice-President Henna Virkkunen stated, “We have all the ingredients in the EU to succeed. We have talent, infrastructure, and a large internal single market. But our companies, especially our start-ups and small businesses, are often held back by layers of rigid rules.” The package will now move to the European Parliament and Council for consideration, coinciding with the Commission’s recent launch of a multibillion-dollar Scaleup Europe Fund.
