The European Commission’s push to simplify digital regulation is raising growing concerns from the perspective of workers’ rights. A recent report by the European Trade Union Institute (ETUI) shows that the so-called Digital Omnibus package could, in practice, weaken workers’ ability to exercise and enforce their rights—particularly in relation to artificial intelligence and data protection.

The Commission has presented the reforms to digital legislation* as a technical simplification aimed at reducing administrative burdens and facilitating business activity. However, according to ETUI senior researcher Aida Ponce del Castillo, the changes go much further.

“This is not just about simplifying rules, but about reshaping the conditions under which rights become visible, contestable and enforceable,” she notes.

According to ETUI, the simplification measures target the core of the EU’s digital regulatory framework, in particular the General Data Protection Regulation (GDPR) and the AI Act. While rights are not formally removed, their practical effectiveness could be significantly weakened.

Processing of sensitive personal data

A key issue in the proposed relaxation of GDPR rules concerns the redefinition of personal data. Under the reform, data would no longer be considered personal if a single actor cannot identify an individual—even if another actor within the same system could do so. In working life, where AI systems often involve multiple actors, this could lead to situations where workers’ rights vary depending on who processes the data.

“For workers, the consequences could be significant. Some of the proposed amendments may reduce access to information about how personal data are used and how data-driven decisions are reached, making it harder to scrutinize, contest or seek redress for decisions that affect employment conditions,” Ponce del Castillo warns.

At the same time, the proposed changes would expand the possibilities for processing sensitive personal data—such as health data or trade union membership—in the development and use of AI systems. Although safeguards are included, workers would no longer be able to rely on a general prohibition against such processing, thereby weakening their protection.

Restrictions on access to information also raise concerns. Under the reform, employers could more easily refuse to respond to data access requests or charge a fee if a request is deemed “excessive” or “unfounded.” This marks a significant shift in a context where workers often need repeated and detailed requests to understand how algorithmic systems operate.

“If access to information is restricted, the ability to challenge decisions is also reduced. This undermines the effective exercise of rights,” the ETUI report states.

Artificial intelligence systems

Regarding the AI Act, the omnibus changes aim to ease obligations for companies, for example by removing requirements for the registration of AI systems and by softening obligations to ensure workers’ AI literacy. According to ETUI, these changes reduce transparency and make oversight more difficult.

The removal of the registration requirement is seen as particularly problematic. Without registration, both authorities and workers will have fewer means to identify which systems are being used in workplaces and to intervene in cases of misuse.

“If systems remain invisible, oversight will easily fail. Enforcing rights requires knowing which systems are in use and who is responsible for them,” Ponce del Castillo emphasizes.

The ETUI report also highlights the impact on platform work. While the Platform Work Directive itself remains unchanged, its effectiveness depends largely on data protection and AI regulation. If the enforcement of these rules is weakened, platform workers’ rights may, in practice, remain unfulfilled.

More broadly, the report argues that the digital omnibus initiatives represent a new form of deregulation. Obligations are reduced for companies, while responsibility is shifted onto workers, who have fewer means to understand, monitor and challenge complex digital systems.

Far-reaching consequences

This development has also been criticized by civil society organisations such as European Digital Rights (EDRi), which argue that the EU is making a U-turn from its previously ambitious digital regulatory agenda. In the previous term, the Union built a comprehensive regulatory framework—the first of its kind globally—to protect citizens’ rights in the digital environment. The focus is now shifting towards deregulation.

Critics also point to the timing as problematic. Many key pieces of legislation, such as the AI Act, have not yet fully entered into force, and their impacts have not been properly assessed. Despite this, they are already being revised on a fast-track basis.

This is not just about isolated technical changes, but about a shift in the balance of the entire system. When the conditions for oversight and transparency are weakened, the responsibility for enforcing rights increasingly falls on individuals.

In a labour market where power relations are inherently asymmetrical, this development may have far-reaching consequences. As Aida Ponce del Castillo underlines in the ETUI report, rights do not exist only in legislation—they require functioning structures through which they can be exercised and enforced.

Concerns in Parliament over the lowering of regulatory standards

In the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE), intensive work has long been underway on the Commission’s digital omnibus initiatives. Matilda Sisättö, political adviser to the S&D Group working in the committee, describes the recent legislative work as challenging.

The Commission’s mantra of “simplification” is not seen within the S&D Group as a neutral technical reform, but rather as a clearly political project.

“In almost none of the omnibus initiatives proposed by the Commission has this been about simplification, but rather about ideological deregulation or dismantling of rules,” she states.

According to Sisättö, the Commission has itself referred to changing political majorities as a justification for lowering the level of regulation. This is particularly evident in the handling of the AI Act. The centre-left in Parliament strongly opposed postponing the application of obligations for high-risk AI systems.

“In particular, delaying the deadlines for high-risk AI systems was a very dangerous move, but Parliament did manage to shorten the delays originally proposed by the Commission,” she notes.

Concerns are also significant when it comes to data protection. According to Sisättö, the Commission’s proposal to change the definition of “personal data” is exceptionally problematic. The same definition has remained largely unchanged since 1995.

“The change to the definition has been heavily lobbied for by major tech companies and online advertisers. Such a change would be truly catastrophic for citizens and the protection of their personal data. While the proposal is facing opposition both from civil society and within the Council, Germany still seems to be pushing it very strongly,” she comments.

Challenges in the legislative process

Sisättö also highlights broader challenges in the legislative process. The omnibus initiatives have been pushed forward at exceptional speed and with insufficient preparation.

“The omnibus initiatives have been rushed through. There are factual errors on the Commission side, as well as many technical mistakes. This has been done with broad strokes, without anyone having the time to properly examine the end result.”

The proposals have been made without proper assessments, which undermines both the quality and legitimacy of the legislation.

Sisättö also points out that the parliamentary process itself has suffered from structural issues. Several committees have had to deal with files that do not fully fall within their areas of competence, increasing confusion and weakening the depth of expertise. At the same time, political pressure on rapid decision-making has made thorough preparation more difficult.

More broadly, Sisättö sees digital deregulation as posing a serious risk to fundamental rights, especially in a global context where large tech companies outside the EU do not hesitate to use their financial power and influence to push their own political agendas against the EU.

“Strong protection of fundamental rights, such as data protection and privacy, in AI markets should instead be seen as a major competitive advantage—especially at a time when the United States and China are competing in undermining the rights of their own citizens.”

According to Sisättö, the EU should instead strengthen its high standards. Data protection and privacy should be seen as an asset, not an obstacle.

Where do things stand now?

Negotiations on the EU’s digital omnibus package have progressed rapidly. On 7 May 2026, negotiators from the Council and the European Parliament reached a provisional agreement aimed at simplifying AI regulations. At the same time, the entry into force of obligations related to high-risk AI systems is postponed by more than a year—from the original date of 2 August 2026 to December 2027.

This change particularly affects AI applications used in the workplace, such as recruitment and how work is organised, where obligations imposed on employers—such as transparency, human oversight and training—will be delayed. The introduction of so-called “regulatory sandboxes” (controlled environments for testing innovative AI systems) is also postponed until 2027.

In the European Parliament, the file has been led by the Committee on Civil Liberties, Justice and Home Affairs (LIBE) and rapporteur Michael McNamara (Renew, Ireland). The plenary voted on the agreement on 16 June 2026 (423 votes in favor, 57 against and 174 empty votes).

The broader Digital Omnibus Regulation, which also covers the GDPR, is progressing in parallel with the Parliament’s Industry (ITRE) and Civil Liberties (LIBE) committees. The rapporteurs are Marina Kaljurand (S&D) in LIBE and Aura Salla (EPP, Finland) in ITRE. The final parliamentary vote is expected in October 2026.

Overall, these developments reflect a concerning shift at EU level towards regulatory relaxation, where obligations are postponed or made more flexible. At the same time, key safeguards for the effective protection of workers’ rights are being delayed or weakened in practice.

*For clarification, this article focuses on the digital omnibus package in relation to the AI Act, as well as the broader Digital Omnibus Regulation, which consists of several legal instruments, including the EU’s General Data Protection Regulation (GDPR), the ePrivacy Directive and the Data Governance Act, and also addresses issues related to the use of data for AI.