A forthcoming proposal from the European Commission could see significant changes to privacy regulations, including the General Data Protection Regulation (GDPR), in an effort to enhance artificial intelligence (AI) development across Europe. The anticipated proposal, set to be unveiled on November 19, 2025, aims to create a new “digital omnibus” package designed to simplify existing tech laws and stimulate innovation.
The adjustments being discussed may permit AI developers to utilize certain types of data, such as political opinions, religious beliefs, and health information, for training AI systems. Key documents reviewed by Politico indicate that pseudonymized data, which involves removing identifiable information, might no longer be safeguarded by stringent privacy laws like GDPR. This shift could enable broader use of such data in AI training processes.
Potential Impacts on User Privacy
In addition to the proposed changes regarding data protection, it is suggested that websites and applications may have greater legal grounds for tracking user behavior beyond the requirement of consent. While these changes could be targeted and technical, aimed at improving the efficiency of AI development, they raise significant concerns regarding the preservation of core GDPR principles.
The potential relaxation of GDPR has drawn criticism from various quarters. Jan Philipp Albrecht, a key architect of GDPR, cautioned that amending the regulation could “undermine European standards dramatically.” He expressed concerns about the implications for data protection and privacy rights as embedded in the EU treaty and the Charter of Fundamental Rights.
Several member states, including the Czech Republic, Estonia, France, Austria, and Slovenia, have voiced opposition to a rewrite of GDPR. Conversely, Germany appears supportive of the proposed changes, while Finland reportedly welcomes reforms that may bolster European AI competitiveness.
Balancing Innovation and Privacy
On a broader scale, critics argue that the stringent nature of current privacy regulations may be hindering Europe’s ability to compete with the rapid advancements in AI technology seen in the United States and China. The European Commission has previously delayed or blocked several AI projects from major companies, including Meta, Google, and OpenAI, citing compliance with existing privacy laws.
Although the European Commission has yet to make an official announcement regarding changes to GDPR or other privacy regulations, discussions surrounding the proposed adjustments have intensified in anticipation of the upcoming proposal. The balance between fostering innovation in AI and maintaining robust privacy protections continues to be a focal point of debate among policymakers and stakeholders alike.
