According to the wishes of the EU Commission, Internet users should in future have to make fewer clicks for cookie settings. Despite massive criticism from data protection advocates, the authority also wants to work on further digital rules and, for example, weaken the European AI law, as was announced in Brussels.
The focus of the extensive package, which is intended to simplify the EU digital rules, is particularly on the areas of data protection, cybersecurity and artificial intelligence (AI). There have recently been repeated complaints about European legislation, particularly from the USA. With the proposals, the EU Commission also wants to respond to the desire of member states and companies to reduce bureaucracy and enable more innovations – but this has already received strong criticism from data and consumer advocates.
Cookie queries should become less frequent
When it comes to data, the EU Commission wants to tackle the General Data Protection Regulation (GDPR), which has been in force since 2018. For example, it obliges operators of online shops or digital platforms to obtain consent from customers or users if their personal data is to be processed. The GDPR also results in the unpopular cookie queries that follow when a website is accessed.
Cookies are small files that are stored on a user’s online device while surfing. Because these files often contain unique identifiers, websites can use them to recognize their visitors. A browser can therefore remember a login or the contents of a virtual shopping cart. Above all, cookies make personalized advertising possible.
According to the EU Commission’s plans, cookie queries should pop up less frequently when surfing the Internet. Certain activities that are harmless and simply necessary for the administration of a website should not require user consent in the future, the Commission said. In addition, according to the project, users should be able to save their settings for cookies in their browser.
Trump and US companies had criticized digital rules
Larger digital companies, such as Tiktok or the Facebook group Meta, have described the current EU digital rules as contradictory or anti-competitive in the past. In view of several proceedings by the EU Commission against US companies – including Google, Amazon, Apple and Microsoft – US President Donald Trump also criticized the regulations.
However, the laws on digital services (DSA) and digital markets (DMA), on the basis of which most of the Commission’s proceedings against the corporations are run, remain essentially unaffected by the proposals.
More suggestions for more AI innovations
As the Commission also announced, rules for handling non-personal data will also be merged. Specifically, it is about four legal texts that are to be merged into one – the already existing EU data law (“EU Data Act”). Similar mergers are planned when it comes to cybersecurity: in the future, companies will only have to report security-related incidents in one place.
The EU AI law is also affected by the proposed changes – even before it is fully enforced. The EU Commission boasted of having the world’s first legal text of its kind. It regulates extensively what obligations ChatGPT, Gemini and Co. have when training their models. The European AI Office should partially enforce the rules from August next year.
However, the industry has recently repeatedly asked for more time to make the necessary adjustments and could now get it. The EU Commission’s proposal stipulates that the rules for AI systems with particular risks can also be enforced later. Accordingly, companies could have until December 2027, 16 months longer.
In addition, smaller AI companies should benefit from simplified regulations for technical documentation. The EU Commission states that this would save at least 225 million euros. At the same time, according to a Commission strategy paper, more high-quality data sets should be made available to AI developers in the future.
Germany and France also put pressure on them
The Commission’s planned simplifications are part of the so-called omnibuses, which are intended to reduce bureaucracy. Recently, there have been repeated calls from companies and member states to reduce bureaucracy.
Just yesterday, Chancellor Friedrich Merz (CDU) and French President Emmanuel Macron took up the wishes of the tech industry at a Franco-German digital summit in Berlin and called for less strictness in European digital rules.
Criticism from interest groups and the EU Parliament
Data protection and consumer advocates, however, criticized that weakening the laws would be tantamount to giving in to the tech lobby. The head of the Federal Association of Consumer Organizations (vzbv), Ramona Pop, criticized the EU Commission for putting consumers’ trust at risk with its plans. “If the EU relaxes these rules, it will hand loopholes to companies on a silver platter while weakening the rights of consumers,” Pop added.
In addition, before the proposals were officially announced, more than 120 organizations – including Amnesty International – warned the European Commission in an open letter against undermining the rights of EU citizens. The EU’s digital rules are the most important line of defense against digital exploitation and surveillance by domestic and foreign actors.
There is already criticism from the EU Parliament. Katarina Barley (SPD), Vice President of the EU Parliament, said: Artificial intelligence has a lot of potential, but also needs limits. The EU has created appropriate rules for this. “Any suspension of the rules, even temporarily, would expose citizens to considerable risks – that would be fatal,” added the German politician. Both the EU states and Parliament must agree to the EU Commission’s proposals for legal changes.
