Digital omnibus – diving into objectives
Europe’s digital rules have grown increasingly complex, creating burdens for businesses, regulators, and consumers. The European Commission’s Digital Omnibus, a welcomed initiative, seeks to ease these pressures by simplifying compliance, cutting unnecessary administrative hurdles, and creating a competitive playing field, and helping Europe’s digital market thrive for stakeholders.
from left to right: Florian Wimber (GDV), Diana Vlad-Câlcic (DG CONNECT, European Commission) and Karen Bartel (GDV)
In this context, we invited Diana Vlad-Câlcic, Team leader for regulatory simplification in the Directorate-General for Communications Networks, Content and Technology (CONNECT) of the European Commission and Karen Bartel, Head of Legal, Compliance and Consumer Protection of the German Insurance Association (GDV), to discuss how the new proposals can help streamline existing rules and how clearer legislation could better support the insurance sector in developing trustworthy and efficient services for consumers.
Towards a simpler and more coherent digital Framework
Participants agreed that Europe's digital rulebook has become dense over time, with multiple acts creating intersecting obligations for companies, public authorities, and citizens alike. Instead of assessing each act separately, the horizontal approach of the Omnibus reviewed the digital landscape to identify where provisions can be clarified, aligned, or made more effective. The aim is to reinforce Europe’s digital competitiveness by reducing unnecessary burden while preserving high standards, for privacy, security, and fundamental rights.
The package introduces several targeted adjustments to the Artificial Intelligence Act (AI) and the General Data Protection Regulation (GDPR). It clarifies their interaction and introduces consistent terminology for the use of pseudonymised data, and modernised cookie provisions to reduce unnecessary friction for users and organisations. These improvements will directly impact the insurance sector by offering legal clarity, responsible data use and AI development.
However, as highlighted during the discussion, simplification remains an ongoing effort. Some pieces of legislation with significant operational impact for insurers, such as the Digital Operational Resilience Act (DORA) and the Cyber Resilience Act (CRA), are not addressed in the current Omnibus, meaning that certain overlaps and administrative burdens will continue to affect insurance reporting activities.
Creating the right conditions for responsible AI and data use
A key part of the discussion focused on creating greater legal certainty for organisations developing and deploying AI. Following the Court of Justice ruling EDPS v SRB, earlier this year, the Digital Omnibus now aims to clarify under which conditions personal and pseudonymised data may be used for training and testing AI systems. This is an important step toward supporting innovation within a strong data-protection framework, an opinion which was shared by the different stakeholders in the event.
At the same time, concerns remain regarding the conditions for using sensitive data, including for identifying and correcting bias in AI models. Although the Commission stressed the importance of maintaining safeguards, participants noted that the proposed conditions may still be difficult to operationalise in practice and could benefit from refinement as negotiations progress. One recurring issue was the lack of clarity in the definition of an “AI system” in the AI Act, as the current wording makes it challenging for insurance companies, relying on traditional analytical or statistical methods, to determine whether their tools fall under the AI Act.
Adjustments to the AI Act timeline were in any case welcomed, to guarantee that obligations take effect only once the necessary standards and guidance are available. Whether the transitional periods will be sufficient in practice remains an open question for businesses facing highly technical implementation requirements.
Looking ahead
While the Digital Omnibus introduces valuable improvements; it is part of a wider effort to ensure Europe's digital framework remains coherent and innovation friendly. Alongside the proposal, the Commission presented initiatives such as the Data Union Strategy, and measures supporting safe access to synthetic data, which aim to strengthen Europe's broader digital ecosystem.
The Commission is also conducting a Digital Fitness Check, mentioned in the discussion, to assess the cumulative impact of EU digital legislation. This exercise will help to identify further simplification opportunities in the next EU mandate. For many businesses, however, the need for clearer and more coherent rules is immediate, making timely implementation of the Omnibus particularly important.
The proposal is now being examined by the European Parliament and the Council. It will be important that the main simplifications and clarifications are preserved throughout the legislative process, and that remaining open points, particularly around the AI definition, data use conditions, and interactions with sector specific legislation, are addressed with sufficient legal clarity ensure practical implementation.
The German Insurance Association thanks all participants for their valuable contributions to this timely discussion. The exchange highlighted both the opportunities offered by the Digital Omnibus and the need for continued dialogue on key open questions. Together, these efforts can help ensure that Europea’s digital policies support innovation, competitiveness, and trust in equal measure.