EU Digital Omnibus: Mapping supporters, critics and key arguments

Last November, the European Commission made waves in data protection by releasing the official proposal for its Digital Omnibus initiative. 

‍

The reactions poured in from all directions, from enthusiastic supporters to the most fervent detractors, to the point that it has been hard to keep track of the various camps and opinions about the European initiative.

‍

In this article, we map out a comprehensive picture of the key talking points surrounding the project and their most vocal voices.

‍

Quick recap: What is the Digital Omnibus?

The EU Digital Omnibus is a proposal published by the European Commission on November 19, 2025, that bundles together a set of amendments aimed at simplifying Europe’s digital rulebook, cutting compliance friction and costs, and making the online experience smoother for users.

‍

It’s positioned as part of a broader push to reduce regulatory overlaps and make the framework easier to navigate and apply. In practical terms, the package touches several areas at once:

‍

• AI rules (via proposed AI Act amendments)
• Cybersecurity reporting (with a single reporting platform)
• GDPR changes
• Data access simplification
• “Modernized” cookie/consent rules

‍

It’s important to note that, at the time of publishing this article, it remains a proposal and does not require any action from companies. The legislative process is underway, and the final shape (and timeline) will depend on negotiations and adoption, hence the importance of understanding the various camps and arguments floating around.

‍

To learn about the simplification project in more detail, head to our dedicated article:

‍

{{learn-more-digital-omnibus}}

‍

Key players, opinions, and arguments about the EU Digital Omnibus

In the following sections, we break down the supporters, detractors, and sceptics of the Digital Omnibus initiative, painting a picture of where each group stands and what their main talking points are. 

‍

Disclaimer: Keep in mind that the Digital Omnibus is a complex topic that will continue to evolve over the next few months (and possibly years). While we can’t expect to build a definitive overview, this is a great place to start understanding the various opinions out there.

‍

Camp 1: Digital rights and civil society (stance: strongly opposed)

This camp comprises digital rights NGOs, privacy advocates, and human rights organisations. They generally see the EU’s recent digital rulebook (GDPR, AI Act, ePrivacy) as hard-won protections, and view the Digital Omnibus as a reopening that risks weakening those protections.

‍

Key actors/figures

• Max Schrems, Chairperson of noyb
• European Digital Rights (EDRi), a collective of NGOs, experts, advocates, and academics working to defend and advance digital rights across Europe.
• Damini Satija, Programme Director at Amnesty Tech

‍

Core narrative

1. The Digital Omnibus is a rollback: The package reopens core safeguards and creates new loopholes that reduce meaningful control for individuals.
2. It introduces new risks related to AI: The proposals make it easier to process personal (including sensitive) data for AI development, and they expand surveillance/profiling risks rather than adding clarity.
3. Updated cookie rules are a flashpoint: Shifting device-access rules into GDPR and adding exceptions may, in practice, normalize more tracking, even if framed as reducing pop-ups.
4. The project is politically driven: The package is rushed, and the EU should focus on enforcement and guidance rather than rewriting laws.

‍

Key quotes

‍

This is the biggest attack on European’s digital rights in years.

- Max Schrems, Chairperson of noyb, privacy lawyer, author, and speaker (source: noyb)

‍

Europe’s rulebook doesn’t need a facelift. It needs a backbone.

- Itxaso Domínguez de Olazábal, Policy Advisory at EDRi (source: EDRi)

‍

The EU’s ongoing deregulatory push will lead to a weakening of people’s rights and expose them to digital oppression.

- Damini Satija, Programme Director at Amnesty Tech (source: Amnesty International) 

‍

Opinion on the Digital Omnibus in a nutshell

Digital rights and civil society see the Digital Omnibus as deregulation disguised as simplification, weakening privacy and AI accountability in ways that primarily benefit powerful actors rather than people.

‍

Camp 2: European Commission and pro-simplification advocates (stance: strongly supportive)

This camp includes the European Commission and supportive “simplification-first” voices (often business and competitiveness advocates) who argue the EU’s digital rules have become too complex and overlapping, and that simplification is needed to boost innovation and competitiveness.

‍

Key actors/figures

• Henna Virkkunen, Executive Vice-President for Tech Sovereignty, Security and Democracy at the European Commission
• Valdis Dombrovskis, Commissioner for Economy and Productivity at the European Commission
• Markus J. Beyrer, Director General at BusinessEurope

‍

Core narrative

1. The Digital Omnibus makes the rules practical: Simplification is about making compliance workable and consistent while keeping core objectives in mind.
2. It promotes European competitiveness: Simplification is part of a broader push to cut administrative costs and help EU growth and innovation.
3. It reduces cookie fatigue while empowering users: Users should have clearer, more centralized choices (like one-click settings) and fewer pointless banners, while maintaining strong protections under GDPR.
4. It consolidates data laws and cybersecurity reporting: The proposals put forward overlapping rules and a single-entry point for cyber incident reporting.
5. It relieves the burden of overregulation: Simplification is necessary to help European businesses thrive.

‍

Key quotes

‍

We aim for less paperwork, fewer overlaps and less complex rules for companies doing business in the EU.

- Henna Virkkunen, Executive Vice-President for Tech Sovereignty, Security and Democracy (source: European Commission)

‍

Our approach to simplification will not change or undermine the main objectives of the EU's digital rules, such as protecting personal data or ensuring safe AI.

- Valdis Dombrovskis, Commissioner for Economy and Productivity at the European Commission (source: European Commission)

‍

The proposed Digital Omnibus is an important signal of the Commission’s recognition that overregulation has been a persistent burden for EU businesses.

- Markus J. Beyrer, Director General at BusinessEurope (source: BusinessEurope)

‍

Opinion on the Digital Omnibus in a nutshell

Advocates of the Digital Omnibus frame the proposals as necessary housekeeping to reduce overlap and the compliance burden, so Europe can innovate faster while ensuring that the underlying protections remain intact.

‍

Camp 3: Big tech and tech industry trade groups (stance: supportive)

This camp comprises trade associations and industry groups of large tech companies. Their stance is broadly to say “yes” to simplification, but also to say that the proposals are not enough and should go further. They emphasize fragmentation, legal uncertainty, and the cost of compliance.

‍

Key actors/figures

• Alexandre Roure, Head of Policy & Deputy Head of Office at CCIA Europe
• Thomas Boué, General Director, Policy EMEA at BSA (Business Software Alliance)
• Guido Lobrano, Director General for Europe at ITI (Information Technology Industry Council)

‍

Core narrative

1. The Digital Omnibus is a good first step, but it's too narrow: The proposals require a broader, more ambitious reset to address the complexity and fragmentation that slow innovation and adoption.
2. Clarity across overlapping regimes is required: Regulatory bodies must align definitions, timelines, and reporting to avoid contradictory obligations.
3. Streamlining is positive: More predictable AI implementation and single-entry reporting is a pragmatic step in the right direction.
4. Beware overly prescriptive privacy approaches: Principle-based rules and workable compliance must be encouraged over additional rigidity.

‍

Key quotes

‍

Today’s Digital Omnibus is a promising first step towards simplifying EU tech rules. But its narrow scope leaves much of the EU’s patchwork untouched.

- Alexandre Roure, Head of Policy and Deputy Head of Office at CCIA Europe (source: Computer & Communications Industry Association)

‍

These proposals send a positive signal that the EU is committed to reducing unnecessary complexity and supporting innovation.

- Thomas Boué, General Director, Policy EMEA at Business Software Alliance (source: BSA)

‍

Europe’s digital rulebook has become a maze. The Omnibus is a key opportunity to reduce uncertainty and complexity, but more ambition is essential to its success.

- Guido Lobrano, Director General for Europe at Information Technology Industry Council (source: ITI)

‍

Opinion on the Digital Omnibus in a nutshell

Big tech and tech industry trade groups support the Digital Omnibus as a constructive start, but argue that Europe needs a broader simplification push to cut fragmentation and provide industry with predictable, innovation-friendly compliance paths.

‍

Camp 4: Legal practitioners and pragmatic commentators (stance: mixed, critical on a technical level)

This camp includes law firms, legal analysts, and compliance-focused commentators. Less of a monolith than other groups on the list, their opinions vary but are generally less ideological in tone and more focused on what the text puts forward, what will change, what can be improved, and what companies should implement.

‍

Key actors/figures

• Peter Craddock, Partner - Data/Cyber/Tech/Law at Keller and Heckman LLP
• Dr Mark Leiser, Tech law consultant
• Law firms

‍

Core narrative

1. The proposal isn’t final: The Digital Omnibus will change in the legislative process, and companies should monitor closely.
2. Cookie simplification won’t end cookie banners: Even if rules shift and exemptions appear, real-world implementation will remain nuanced.
3. A “bundle” approach can create new complexity: Even when simplification is the headline, changing multiple laws at once can introduce interpretive/transition challenges.

‍

Key quotes

‍

The Digital Omnibus Proposal promises a cleaner, GDPR-based framework for cookies and consent, yet its narrow exemptions and technical fixes are unlikely to spell the end of cookie banners any time soon.

- Dr. Hendrik Schöttle and Dr. Claudio Calabro, Partner, Specialist lawyer for IT law, Germany, and Associate, Germany at Osborne Clarke (source: Osborne Clarke)

‍

While the Digital Omnibus proposals represent welcome simplification, the proposals do not overhaul the current regulatory regime and are less ambitious than many companies may ideally desire given the scale of the issues identified in the Draghi Report.

- Skadden (source: Skadden)

‍

This is not deregulation. It is the transition from a brittle, overextended system to one capable of addressing systemic harms with clarity and precision. It is how Europe avoids becoming a digital jurisdiction defined by conceptual sprawl and practical stagnation. And it is how the real work of digital governance can finally begin.

- Dr Mark Leiser, Tech law consultant (source: Substack)

‍

(on ePrivacy) Today's regime isn't good or workable because of disparate national approaches and overly restrictive exception interpretations (+ the whole issue of overbroad scope interpretations). The proposal just makes things more complex and challenges even approaches considered valid today in some jurisdictions.

- Peter Craddock, Partner - Data/Cyber/Tech/Law at Keller and Heckman LLP (source: LinkedIn)

‍

Opinion on the Digital Omnibus in a nutshell

They treat the Digital Omnibus as a meaningful but highly technical draft. While potentially helpful, it is full of moving parts, transition risk, and details that will shift during negotiations.

‍

Camp 5: Political opposition within EU institutions (stance: critical)

This camp is composed of MEPs and political groups (notably Greens/EFA and parts of the broader center-left spectrum) who argue that simplification shouldn’t reopen or weaken core rights protections. It features varying opinions but often emphasizes democratic scrutiny, enforcement, and red lines around GDPR and AI safeguards.

‍

Key actors/figures

• Kim van Sparrentak, Member of the European Parliament, Greens/European Free Alliance
• Fabienne Keller, Member of the European Parliament, Coordinator on the Civil Liberties Committee at Renew Europe
• Thierry Breton, former European Commissioner for the Internal Market

‍

Core narrative

1. The Digital Omnibus is too favorable to Big Tech: Simplification can become a vehicle to open loopholes, especially around personal data and AI.
2. Enforcement over reopening: Stronger, more coherent enforcement should be prioritized over rewriting rules that create uncertainty.
3. Mindful simplification: Removing real obstacles (like incident reporting duplication) is excellent, but we should be wary of anything that weakens privacy and other fundamental rights.

‍

Key quotes

It is disappointing to see the European Commission cave under the pressure of the Trump administration and Big Tech lobbies. By putting our digital acquis up for discussion the EU risks rolling out the red carpet to a business model based on stolen data, hype and zero regard for human rights or the planet. This model has nothing to do with competitiveness or innovation, this is about exploitation.

- Kim van Sparrentak, Member of the European Parliament, Greens/European Free Alliance (source: The Greens/EFA)

‍

We can’t let ourselves be intimidated. We should resist any attempt to unravel these laws, through “omnibus” bills or otherwise, mere months after they have entered into force, under the pretext of simplification or remedying an alleged “anti-innovation” bias. No one is fooled over the transatlantic origin of these attempts. So let’s not be useful idiots. The second expression of our digital sovereignty must involve protecting, at all costs, the integrity of our digital legal pillars, including at the geopolitical level.

- Thierry Breton, former European Commissioner for Internal Market (source: The Guardian)

‍

We fully support the simplification agenda, we need to boost Europe’s competitiveness and innovation in Europe. But simplification must not be done at the expense of our privacy standards and must not weaken the protection of our fundamental rights. Some of the provisions are concerning, eroding key principles of GDPR: some will weaken the protection of our most sensitive data, and lead to more discriminatory processing for instance. We should keep protecting privacy under this digital omnibus.

- Fabienne Keller Member of the European Parliament, Coordinator on the Civil Liberties Committee at Renew Europe (source: Renew Europe)

‍

Opinion on the Digital Omnibus in a nutshell

This camp generally accepts cutting real red tape as a step forward, but warns that the Digital Omnibus must not weaken GDPR/AI safeguards, and would prefer stronger enforcement over introducing new loopholes.

‍

What about Didomi? Our take on the EU Digital Omnibus

We anticipate that the European Commission initiative will continue to be a key topic for our industry in 2026:

‍

In 2026, the Digital Omnibus Package will keep many of us busy. With the trilogue underway, a lively battle of influence is already taking shape around some of the most delicate GDPR and ePrivacy topics. 

‍For lawyers, it has a familiar taste, very much a ‘pre-GDPR once again’ moment, where legal expertise briefly becomes fashionable inside companies. Didomi will be at the forefront of these discussions, actively contributing to every debate and consultation in the year ahead.

- Thomas Adhumeau, Chief Privacy Officer at Didomi

‍

As with every industry topic we address, from the Transparency and Consent Framework to artificial intelligence, we always aim to have a rational, fact-based outlook on industry news, especially when they touch on our field of expertise, as the Digital Omnibus does.

‍

We value the diversity of opinions and expert voices within our team, which we often share publicly through opinion pieces, media interviews, and our social media presence. Our priority always remains the same: protecting our customers, empowering them to comply with regulations while optimizing their data operations, and promoting better data privacy practices.

‍

While some of the ideas in the Digital Omnibus proposal are not technically realistic (e.g., browser-based consent, which we know is impractical for now), we are and will continue to be engaged in conversations with all parties involved, and to actively work towards building a new standard to fight consent fatigue, something our CEO, Romain Gauthier, as identified as his most important trend to watch out for in 2026:

‍

In 2026, I expect privacy standards to keep emerging and gaining traction. 

‍Consent fatigue and AI adoption by users will drive regulators to push the markets to build new standards (see the EU Commission Digital Omnibus). Standardization will be one of the most important levers we have to reduce complexity and make compliance easier to implement at scale for companies. 

‍It’s also, in my view, the only viable path to scale privacy, trust, and responsible data innovation across industries and regions, which is why Didomi intends to play an active role. Stay tuned.

- Romain Gauthier, CEO and Co-founder at Didomi

‍

Stay tuned for more information in the coming months, and head to our article gathering 20+ data privacy experts to read their predictions, many of which include the Digital Omnibus as a priority this year:

‍

{{2026-predictions}}