On November 19, 2025 the European Commission published its proposal for a Digital Omnibus package aimed at strengthening EU competitiveness by reducing regulatory burden and the time businesses spend on administrative tasks and compliance. The Omnibus seeks to reduce administrative burdens at least 25% for all businesses, and at least 35% for small and medium enterprises (SMEs), by 2029. It is intended to take a holistic view across digital legislation at EU level, aligning definitions and resolving overlaps among the Artificial intelligence Act, Data Act, GDPR, ePrivacy Directive, and cybersecurity laws.
The proposal contains a number of targeted changes to the Artificial intelligence Act. Providers of systems exempted from high-risk classification under Art. 6(3) Artificial intelligence Act would no longer need to register those systems in the EU database but must document a self assessment before market placement. The obligation to ensure staff AI literacy is transformed into an obligation on the Commission and Member States to encourage training and good practice exchange. A new Art. 4a Artificial intelligence Act would allow providers and deployers of non-high-risk systems to use sensitive personal data to detect and correct bias, lowering the threshold from “strictly necessary” to “necessary,” and permits residual sensitive personal data use when removal is disproportionate. The Omnibus defers application of high-risk requirements from August 2, 2026 until harmonized standards, common specifications, and Commission guidelines are available, with the latest possible application dates set at December 2, 2027 (i.e., a postponement of 16 months maximum) and August 2, 2028 (i.e., a postponement of 24 months maximum). It also delays the transparency marking obligation in Art. 50(2) Artificial intelligence Act for systems placed on the market before August 2, 2026 for six months, until February 2, 2027.
The proposal also centralizes enforcement for systems based on GPArtificial intelligence models and certain large online platforms under the Artificial intelligence Office, permits pre-market conformity assessments organized by the Commission, and extends SME carve-outs and simplified quality management arrangements. However, the Omnibus leaves several industry concerns unresolved. It does not clarify key definitions such as “provider,” it retains fundamental rights impact assessments under Art. 27 Artificial intelligence Act, limits the research exemption, and fails to grant sandboxes the power to create a presumption of conformity. The draft will now go to the European Parliament and Council for ordinary legislative procedure and the Commission will run a Digital Fitness Check with stakeholder input open until March 11, 2026.
