The European Commission is preparing to revise the General Data Protection Regulation (GDPR) to facilitate the operations of companies developing artificial intelligence. According to Politico, these proposals will be included in the "Digital Omnibus" package set to be presented on November 19.
Despite official statements about "technical corrections," documents obtained by the publication indicate significant changes, including allowing AI companies to process sensitive data such as political opinions, religious beliefs, or health status. The definitions of personal and "special" categories of data are also expected to change, and cookie banner regulations will be made more flexible, allowing websites to track users without separate consent.
Experts warn that this could represent the most significant revision of GDPR since its adoption in 2016. The regulation's author, Jan Philipp Albrecht, described the initiative as a "blow to European data protection standards." Noyb founder Max Schrems stated that the Commission is "secretly circumventing the legislative process" and warned of negative implications for civil rights.
The proposal has already divided EU member states. Estonia, France, Austria, and Slovenia oppose the changes, while Germany supports easing the rules to promote innovation. Heated debates are also expected in the European Parliament between AI advocates and privacy defenders.