European Commission's Evaluation of the Data Protection Regulation Proposal
The European Commission is proposing revisions to the Data Act and related data protection rules, with the goal of minimising negative impact on the European data economy while maintaining a high level of data protection.
These changes aim to streamline data regulations, reduce fragmentation, and support digital innovation and competitiveness in Europe without undermining privacy safeguards.
Key proposed changes include exempting companies from obtaining cookie consent for technical purposes and simple statistics, defining minimum thresholds for when data subject rights apply, removing the right to data portability, reducing the number of companies required to keep records of processing activities, and lifting parts of the open-ended obligation for SMEs to have GDPR compliance documentation in place.
These proposals seek to reduce compliance complexity and administrative burden, especially for small and medium-sized enterprises (SMEs). The Commission also aims to clarify rights and obligations to increase legal certainty, preserve strong data protection standards, enable innovation, competition, and economic growth in the EU data economy, and avoid excessive fragmentation.
The Danish government, during its EU Council Presidency, has led efforts towards these changes, reflecting a broader strategy to support digital innovation and competitiveness in Europe. The European Commission is also pursuing a careful evaluation of digital legislation to ensure consistency with fundamental rights, especially in relation to new regulations like the AI Act.
This reform direction contrasts with the UK's DUAA (Data Use and Access Act 2025), which seeks to balance privacy, innovation, and regulatory pragmatism while retaining core GDPR protections to maintain adequacy status with the EU. However, the EU's revisions focus on targeted simplification rather than regulatory dilution, emphasising smart exemptions and clearer rules.
The Data Act was adopted on February 23, 2022, following the Data Governance Act as part of the European Commission's European data strategy. The European data economy grew at a year-over-year rate and accounted for 3.6% of EU GDP in 2021, with a value of over €440 billion. By 2030, the EU data economy is expected to cross the €1 trillion threshold.
The proposed revisions to the Data Act and related GDPR provisions aim to strike a proper balance between competition, innovation, and privacy protections, benefiting European SMEs and consumers alike.
- The European Commission's proposed revisions to the Data Act and related data protection rules are aimed at minimizing negative impact on the European data economy while maintaining a high level of privacy protection.
- These changes seek to streamline data regulations, reduce fragmentation, and support digital innovation and competitiveness in Europe without undermining privacy safeguards.
- The Commission's proposals include exempting companies from obtaining cookie consent for technical purposes and simple statistics, among other adjustments.
- The aim is to reduce compliance complexity and administrative burden, particularly for small and medium-sized enterprises (SMEs), while clarifying rights and obligations to increase legal certainty.
- The Danish government, during its EU Council Presidency, led efforts towards these changes as part of a broader strategy to support digital innovation and competitiveness in Europe.
- The European Commission is also pursuing a careful evaluation of digital legislation to ensure consistency with fundamental rights, especially in relation to new regulations like the AI Act.
- The UK's DUAA (Data Use and Access Act 2025) seeks to balance privacy, innovation, and regulatory pragmatism while retaining core GDPR protections to maintain adequacy status with the EU, but the EU's revisions focus on targeted simplification rather than regulatory dilution.
- By 2030, the EU data economy is expected to cross the €1 trillion threshold, highlighting the importance of striking a balance between competition, innovation, and privacy protections for the benefit of European SMEs and consumers alike.
