Nov. 28, 2025 –
The European Commission has unveiled a sweeping EU digital package aimed at cutting red tape, accelerating AI innovation, and making cross-border business easier through unified digital identities. The plan bundles new data governance, cybersecurity simplification and European Business Wallets designed to remove duplication and ease compliance for companies of all sizes.
For eeNews Europe readers, the move is likely to reshape how European tech firms develop, deploy and scale AI and digital services. The package puts standards and tools first, giving semiconductor, embedded, and cloud vendors a clearer regulatory path while significantly reducing compliance overhead.
This package matters because it directly affects product certification timelines, R&D spend, and go-to-market speed for AI-enabled systems and connected products.
The centrepiece — dubbed the “digital omnibus” — combines reforms across AI, cybersecurity reporting and data access. High-risk AI regulation will only apply after required support tools and standards are available, with implementation timelines capped at 16 months. SMEs and small mid-cap companies stand to benefit most, with simplified documentation expected to generate savings of €225 million annually.
The proposal also expands regulatory sandboxes, including an EU-wide sandbox planned for 2028, opening more real-world testing for sectors such as automotive and industrial automation. At the same time, the AI Office takes on stronger oversight powers, especially for general-purpose AI models, aiming to reduce regulatory fragmentation.
Cybersecurity incident reporting — which currently spans NIS2, GDPR, DORA and sector rules — will shift to a single reporting interface. GDPR itself sees targeted clarifications intended to streamline compliance without weakening privacy safeguards. The Commission also wants to modernize cookie consent, reducing banner fatigue and enabling one-click preference management.
Access to high-quality datasets is another core theme. The Commission will consolidate the Data Act into a single framework that merges four data regulations into one and adds model contractual terms and cloud contract clauses. Exemptions around cloud switching for SMEs and mid-caps could save another €1.5 billion in one-off costs.