The European Commission has given in to pressure from technology companies Americans (and also several Europeans) and the Trump Administration, as we pointed out a few days ago. After being an example for other countries in terms of data protection and curbing the claims of multinationals, pressure from the sector has made it prepare an omnibus package with different regulatory changeswhich includes the simplification of cookie permission popups, but also the delay in applying rules of the AI Lawo Significant changes to the GDPR.
The proposed changes, which must now be voted on by members of the European Parliament, among other things make it easier for companies to share sets of personal data, both anonymized and pseudonymised. Additionally, they would allow AI companies to legally use certain personal data to train AI models, as long as the training meets various requirements established in the GDPR.
The European Commission, whose members point out that they have taken these measures to facilitate economic growth and eliminate barriers and bureaucracy, will also extend the grace period for the application of the rules that govern AI systems considered high risk. They are, therefore, those that pose serious risks to health, safety and fundamental rights.
These standards will in principle come into force next summer, but if the omnibus package is approved, they will only apply some time after it is confirmed that the necessary standards and the appropriate supporting tools for this are available and within reach of AI companies. According to the proposal now presented by the European Commission, the maximum period for its application since then can reach up to 16 months.
Other changes in this law focus on the simplification of AI documentation requirements for smaller companies, a unified interface for companies to report cybersecurity incidents, and centralized oversight of AI at the EU AI Office. As for cookies, those considered high risk will not trigger the opening of a pop-up window about your consent, and users will be able to control others from a centralized system of browser controls, which will apply to websites in general.
The omnibus package also includes a proposal for the launch of a European digital wallet for companies, with which companies and public entities in the EU would have a unique digital tool to digitize operations and interactions that currently, in many cases, have to be done in person.
This wallet will allow companies to sign, officially date and seal documents digitally: create, store and exchange verified documents; and communicate securely with other companies or public administrations. Both in their countries of origin and with those of the other 26 member states.
The proposal is sent now, as we have mentioned, to the European Parliament and the 27 member states. For its approval, only the vote in favor of a qualified majority will be required.. The process will take several months, but if it goes ahead, the laws and regulations that regulate the privacy of European citizens’ data may undergo significant changes.
