Article 19

11/13/2025 | Press release | Distributed by Public on 11/13/2025 02:11

EU: Uphold hard-won protections for digital human rights

ARTICLE 19 joins EDRi and 125 civil society organisations, trade unions and defenders of the public interest in emphasising our serious alarm at the forthcoming EU Digital Omnibus proposals, part of a wide deregulation agenda.

What is being presented as a "technical streamlining" of EU digital laws is, in reality, an attempt to covertly dismantle Europe's strongest protections against digital threats. These are the protections that keep everyone's data safe, governments accountable, protect people from having artificial intelligence (AI) systems decide their life opportunities, and ultimately keep our societies free from unchecked surveillance.

Unless the European Commission changes course, this would be the biggest rollback of digital fundamental rights in EU history. It is being done under the radar, using rushed and opaque processes designed to avoid democratic oversight.

This worrying approach has been seen extensively across existing Omnibus proposals, with democratic safeguards ignored. As a result, supposedly minimal changes under the guise of "simplification" have already jeopardised Europe's core social and environmental protections. Together, these changes risk worsening working conditions, allowing dangerous chemicals into cosmetics, and polluting the air and water - making people even more exposed to harm.

In the upcoming Digital Omnibus, the Commission will reportedly weaken the only clear rule that stops companies and governments from constantly tracking what people do on their devices, part of the ePrivacy framework. This will make it a lot easier for those in power to control people's phones, cars or smart homes, while also revealing sensitive information about where people go, and with whom.

This matters more than ever: a new investigation reveals that commercially-traded location data has been used to spy on EU officials, as well as people going about their daily lives. This included revealing their home addresses, as well as visits to healthcare clinics and places of worship. Weakening these protections now would legitimise those abuses.

Europe's recently-adopted AI rules are also at risk of being undermined, with the Omnibus set to remove some of the guardrails designed to ensure that AI is developed safely and without discrimination, as well as delaying key elements like penalties for selling dangerous AI systems.

Currently, anyone developing AI tools which could have an impact on important decisions (like whether people can access their benefits) would need to register in a public database. Yet with the proposed changes, those providing AI tools could unilaterally and secretly exempt themselves from all obligations - and neither the public nor authorities would know.

Even the EU's gold-standard data protection law, one of Europe's proudest achievements, is being reopened and hollowed out - with changes set to allow companies to mark their own homework. This would irreversibly alter one of the few laws that rightly gives all people - including workers, children and undocumented people - control over their sensitive information.

Whilst stronger enforcement is still needed, the GDPR is one of the few mechanisms that gives members of the public mechanisms to challenge powerful companies or authorities when they overstep - but deregulation is giving corporate actors more power than ever.

The Omnibus would also make it easier for tech companies to train resource-intensive AI systems at the expense of people and, ultimately, the planet. These systems ingest vast amounts of personal data and consume unsustainable amounts of natural resources such as energy and water - all without the benefits of this technology being clearly evidenced.

The EU's tech policy framework is the best defence we have against digital exploitation and surveillance by both domestic and foreign actors. If the EU truly aims to ease compliance with these laws, they should better support companies and authorities with the guidance and tools to keep people safe in the digital world - not dismantle the frameworks that provide legal clarity for businesses.

By recasting vital laws like the GDPR, ePrivacy, AI Act, DSA, DMA, Open Internet Regulation (DNA), Corporate Sustainability Due Diligence Directive and other crucial laws as "red tape", the EU is giving in to powerful corporate and state actors who oppose the principles of a fair, safe and democratic digital landscape and who want to lower the bar of EU laws for their own benefit.

We therefore urge the European Commission to:

Immediately halt any attempts to reopen the GDPR, ePrivacy framework, AI Act or other core digital rights protections;
Reaffirm the EU's commitment to rights-based digital governance, including strong enforcement of existing protections; and
Uphold institutional accountability, enable meaningful civil society and impacted community engagement, and preserve the integrity of the EU's democratic process.

It is not too late for the European Commission to change course to defend, not dismantle, the laws that protect us all.

See full list of signatories
Article 19 published this content on November 13, 2025, and is solely responsible for the information contained herein. Distributed via Public Technologies (PUBT), unedited and unaltered, on November 13, 2025 at 08:11 UTC. If you believe the information included in the content is inaccurate or outdated and requires editing or removal, please contact us at [email protected]