Data Protection, Democracy and the Digital Omnibus - Where do we go from here?

Please join us -– the Democratic Tech Alliance and FES Future of Work - at the EU Parliament on the 24^th September 2025, for a panel debate and discussion on data protection, democracy, and the digital omnibus package the European Commission is expected to present later this year. Speakers include, among others, Johnny Ryan, Director of the ICCL Enforce; Members of European Parliament Birgit Sippel and Sergey Lagodinsky; as well as Robin Berjon of Supramundane Agency.

The EU has been talking a big game about data protection – but the reality is different. EU citizens and workers continue to be subject to massive surveillance. This does not only undermine their right to privacy, but also threatens European democracy and security, exactly at a time of escalating geopolitical tensions. Moreover, it sets back European SMEs that respect the law, when many big firms simply do not.

Data-driven algorithms determine what people see and share online, how people work, and the content children are exposed to, including self-harm and suicide. This replaces institutions like quality media, collective bargaining, and the family, institutions that buttress representative democracy, solidarity, and community. 

Much of this could have been prevented if crucial authorities had enforced the GDPR. But they didn´t. Instead, the EU created many new laws (DGA, DA, AIA, DMA, DSA), which authorities (will) also struggle to enforce. And now people are tired of hearing about data protection and digital laws more generally. Justified or not, they feel these laws mainly produce bureaucracy and compliance theater, without fundamentally altering the practices of crucial firms.

As a result, the GDPR has lost its untouchable status. The European Commission has suggested simplifying data protection obligations for SMEs, and a fundamental overhaul of the EU´s digital acquis may follow by year´s end. Lobbyists will try – and may succeed, in significantly watering down many legal obligations.

In that political context of simplification and deregulation, how can we ensure data protection not only survives, but is actually respected in Europe? What concrete solutions can we think of?

Download programme

Contact

Justin Nogarede