11 Jun 2026
Letters

Joint letter: Europe should not rush weak solutions and miss out on real simplification of the digital framework

Dear Member States representatives,

Europe is preparing to enhance and secure its technological sovereignty, and simplification has rightfully been identified as a key driver: Member States should not pass on pursuing a leaner data framework.

The Digital Omnibus is one of the most powerful tools the co-legislators have at their disposal to ensure a competitive regulatory and business environment. It is an opportunity to 1) boost data-driven innovations, 2) resolve any uncertainty on data protection, notably in AI training and development, as well as 3) harmonise cybersecurity reporting between CRA, NIS2, the GDPR, DORA and other laws.

First, the Data Act requires businesses to hand over proprietary and sensitive operational data to third parties, including to competitors in Europe and abroad. The Commission estimated €235 million/year in compliance costs, plus €410 million in one-off costs for manufacturers. Instead, we recommend that the omnibus supports voluntary data sharing frameworks, that protect data.

Second, on top of estimates of over €10 million GDPR compliance costs per large organisation in Europe, companies wanting to train, develop or apply AI to stay competitive face uncertainty as to the data they can use and how to protect it. Clarifying GDPR legal bases, scientific research data, and fraud prevention is essential to support companies that have been on the frontline of privacy compliance these past ten years.

Third, NIS2 and CRA combined are estimated to cost industry at least €60.2 billion, making this a heavy weight on European competitiveness. While common NIS2 reporting templates may alleviate some of the burden of overlapping incident reporting obligations, the Digital Omnibus fails to address the real pain points: harmonised timelines and threshold for incident reports, a genuinely single point of reporting, and a simplified Cyber Resilience Act.

The European Parliament has given itself until February 2027 to fully develop and adopt a position. We call on Council to conduct a thorough procedure as well, with sufficient time for reflection instead of rushing through half measures. This is the only way to ensure a real strengthening of Europe’s framework for data. The accelerated timeline from the Council Presidency does not add value as trilogues would in any event only be able to start once the European Parliament have finished their position.

Yours sincerely,

Explore the joint letter and our key asks
Download here the Joint letter
Back to news
08 Jun 2026 Position Paper
AI in healthcare policy paper
Read more
PDF
04 Jun 2026 resource
Advancing Europe’s grid performance: why Europe must digitalise its grids
Read more
PDF
27 May 2026 Position Paper
Delivering EU scale in connectivity: an assessment of the Digital Networks Act
Read more
PDF
Hit enter to search or ESC to close
This website uses cookies
We use cookies and similar techonologies to adjust your preferences, analyze traffic and measure the effectiveness of campaigns. You consent to the use of our cookies by continuing to browse this website.
Decline
Accept