Since its adoption in 2016, the General Data Protection Regulation (GDPR) has served as the cornerstone of EU data protection law, designed to safeguard individuals’ fundamental rights while facilitating the free flow of personal data within the Union. However, some criticisms have emerged over the past few years, as stakeholders have highlighted legal uncertainty surrounding key concepts, such as personal data and pseudonymization, as well as inconsistent interpretation and enforcement across EU Member States. In addition, SMEs have reported high administrative burdens, such as repetitive privacy notices, low-risk breach notifications, and handling abusive access requests.

The Digital Omnibus proposal, published by the European Commission in mid-November 2025, introduces targeted amendments to the GDPR to clarify key concepts, harmonise interpretation across the Union, and reduce unnecessary administrative burdens while maintaining a high level of data protection. In particular, it refines the definition of personal data and provides a mechanism for greater legal certainty on anonymisation and pseudonymization techniques. It simplifies obligations by easing information requirements for low-risk data processing. In this regard, users’ consent will no longer be required for certain low-risk data processing purposes, such as audience measurement by media providers, creating website usage statistics, or maintaining service security. This change aims to reduce the frequency of intrusive cookie banners on websites on the Internet.

Through an informed discussion among academics, representatives of regulatory authorities, firms, and civil society, the webinar aims to unpack the impact of the Digital Omnibus proposal on the future of GDPR enforcement.

Key questions discussed throughout the webinar:

-       Are the modifications introduced by the Digital Omnibus package only ‘technical’, as argued by the European Commission, or do they introduce substantial modifications to the GDPR?

-       Does the legislative package effectively simplify the GDPR compliance requirements, thus improving legal certainty and reducing compliance costs for public authorities and private firms?

-       Will the Digital Omnibus effectively support innovation in the digital sector in Europe, as argued by the Draghi Report?

-       What is the impact of the Digital Omnibus on data subjects’ rights in the digital sphere?

The Digital Omnibus Talks are organised by the EUI Centre for a Digital Society and the Centre for Media Pluralism and Freedom in cooperation with the Department of Legal Studies of the University of Florence. The initiative takes place in the context of the Florence Forum on Digital Regulation (FLODIR).