European Parliament's conversations on how to approach a proposed simplification of EU digital and artificial intelligence rules are underway. Members of Parliament's Committee on Civil Liberties, Justice and Home Affairs were joined by the European Commission's top consumer and technology directorates for a 26 Jan. hearing on the proposed Digital Omnibus and Digital Omnibus for AI, with MEPs questioning goals for legal certainty and the potential influence of U.S. Big Tech lobbying.
The omnibus packages, introduced November 2025, were proposed to "get rid of regulatory clutter," according to European Commissioner for Tech Sovereignty, Security and Democracy Henna Virkkunen. The digital proposal includes updates to simplify aspects of the EU General Data Protection Regulation nearly a decade after its initial adoption. The AI omnibus seeks to clarify the AI Act on an expedited track as the full application of the law, with some exceptions for certain high-risk systems rules, is currently set for August.
While EU member states are looking to finalize positions on proposed AI Act amendments by April, MEPs see challenges. During the LIBE hearing, omnibus rapporteurs covered concerns about who the changes would benefit and whether they would keep people's data protection rights intact.
Irish MEP Michael McNamara, a leading rapporteur for the AI Act negotiations, said many of the changes in the regulation mirrored those requested by U.S.-based Big Tech companies. He questioned how those demands may have factored into some member states' pleas for a delay in AI Act implementation, rather than the practical challenges of finding sufficient resources to carry out enforcement often sited as why a delay is needed.
"I ask this question not just because of its impact on AI legislation in Europe at a time when I suppose the necessity for safeguards has never been clearer to the populations that we serve here in this Parliament, and indeed that the European Union serves more generally," McNamara said. "But to ask what precedent this sets for the European Union and for its ability to regulate."
"Is our regulation only now going to stand until such time as powerful lobby groups, or indeed powerful member states from outside of the European Union, question the benefit of that regulation to them, rather than to our citizens?" he continued.
European Commission Deputy Director-General for Communications Networks, Content and Technology Renate Nikolay said the changes came after months of consultation from stakeholders, but stressed it was European businesses' concerns they listened to. She also pointed to the impactful report from Mario Draghi on EU competitiveness as a driving force for the Commission to act.
"This is a much more proactive engagement with all the stakeholders to make sure that when the full application date comes, we are all ready to fully apply at all sites, national and European," she said.
Estonian MEP Marina Kaljurand, a rapporteur for the digital omnibus, questioned a change allowing AI systems to process sensitive data for bias detection and correction. She said such a change implies AI systems can process data more safely than regular processing actions and thus "requires less safeguards."
"In other words, we can say that neutrality, technological neutrality, of (the) GDPR will no longer exist," she said.
That portion of the omnibus is only meant to accommodate for the possibility of personal information being used to train an AI model, according to European Commission Director-General for Justice and Consumers Ana Gallego Torres. But those looking to do so still need to meet the requirements for legitimate interest as a legal basis for processing under Article 6 of the GDPR.
"It's just that it is not that operation and development of AI is in itself a legitimate interest," Torres said. "It is in the context of operation and development where you can justify a legitimate interest as well."
Meanwhile, Spanish MEP Juan Fernando López Aguilar, questioned the Commission's timing, noting the AI Act took years to negotiate and is not even fully enforced. He said the Commission needs to show communications to prove its reasoning came from within to deflect criticisms that it was bowing to external pressure.
"There has to be a record of which kind of thinking has brought you to the conclusion that you have to review pieces of legislation that have not actually entered into force," he said.
Nikolay, a veteran of the GDPR negotiations, said that regulation's track record shows the perils of having a fragmented approach and the need for legal certainty for businesses. While the AI Act may not be fully in place, the fact that standards to support companies in complying with the act show the regulation will face similar challenges down the road if not addressed now, she said.
"So we can be blind to that and simply run into this without legal certainty, or we can address it, and this is what we try to do with this omnibus," she said.
Caitlin Andrews is a staff writer for the IAPP.
