European Union

AI Act Faces Major Revision: Commission Centralizes Oversight as Tech Giants Push for Looser Rules

Avatar, Avatar
© Philipp Katzenberger auf Unsplash
© Philipp Katzenberger auf Unsplash
Startup Interviewer: Gib uns dein erstes AI Interview Startup Interviewer: Gib uns dein erstes AI Interview

The EU Commission is preparing a comprehensive overhaul of European digital regulation with the so-called “Digital Omnibus.” The legislative package, expected on November 19, aims to simplify rules and reduce bureaucracy – but critics fear a “clear-cutting” of civil rights. Netzpolitik.org has already published the drafts in advance.

Four regulatory areas are in focus: data protection, data usage, cybersecurity incidents, and AI regulation. The Commission has divided its plans into two separate legislative proposals that could simultaneously scale back existing standards at the expense of consumer protection.

AI Act: Oversight becomes centralized, relief for AI systems

Regarding the AI regulation, the Commission justifies the planned changes by stating that there are still “implementation challenges” that “could jeopardize the effective entry into force of important provisions.” The solution: “targeted simplification measures that should ensure timely, smooth, and proportionate implementation.” Specifically, AI oversight would be partially consolidated at the AI Office, which is directly affiliated with the Commission. This would primarily affect Very Large Online Platforms (VLOPs) – according to the Digital Services Act, these are services that reach more than 45 million users monthly in the EU, including Facebook, Instagram, or Amazon.

Additionally, the Commission wants to make it “easier” for providers and operators of AI systems to comply with data protection laws when processing personal data. Small and medium-sized enterprises would be exempted from certain obligations through special rules, such as documentation and monitoring requirements. It remains unclear whether further implementation of the AI regulation will be partially postponed – a delay that would align with the German federal government’s position. German Digital Minister Karsten Wildberger (CDU) has been advocating for this for months, arguing that the technical standards are not yet available.

The AI Act faces criticism from companies in both the US and Europe. There are concerns that the EU could fall behind in AI development because rules for AI companies are less strict elsewhere. However, the reasons why certain AI applications from Apple, OpenAI, or Meta are delayed in entering the EU market are manifold and not necessarily related to the AI Act.

GDPR changes: From opt-in to opt-out for cookies

The planned changes to the General Data Protection Regulation go far beyond cosmetic corrections. Particularly explosive: Training AI systems with personal data should be possible in the future based on the “legitimate interest” of tech corporations – without explicit consent from those affected. For online tracking and cookies, the Commission is planning a massive weakening: Storing and reading non-essential cookies would no longer be permitted only after user consent, but based on the entire range of legal grounds in the GDPR – including the legitimate interest of website operators and tracking companies.

Users would then only have the option to opt out afterward. At the same time, the Commission wants to address the flood of cookie banners and “pave the way for automated and machine-readable indications of individual preferences as soon as corresponding standards are available.” Browsers or operating systems would send signals to websites.

The Commission is also planning a step backward for sensitive data: Article 9 of the GDPR, which protects special categories such as ethnic origin, political opinions, religious beliefs, health data, or sexual orientation, should be more narrowly defined. In the future, only data that explicitly reveals such information would be specially protected. If a data processor infers someone’s presumed sexual orientation based on supposed interests or characteristics, previous restrictions would disappear. While the Commission emphasizes that “the enhanced protection of genetic data and biometric data should remain unchanged due to their unique and specific characteristics” – the overall direction is clear: more data usage, less protection.

Criticism from data protection advocates

“In reality, Commission officials are now proposing changes to core elements such as the definition of personal data – and giving AI companies like Google and Open AI a blank check for training AI systems using people’s personal data,” according to the data protection organization noyb led by Max Schrems. “Furthermore, the protection of sensitive data under Article 9 GDPR would be significantly restricted, and other rights such as the right to information or the right to correction or deletion of data would become useless.”

Advertisement
Advertisement

Aus Datenschutz-Gründen ist dieser Inhalt ausgeblendet. Die Einbettung von externen Inhalten kann in den Datenschutz-Einstellungen aktiviert werden:

Specials from our Partners

Top Posts from our Network

Powered by This price ticker contains affiliate links to Bitpanda.

Deep Dives

© Wiener Börse

IPO Spotlight

powered by Wiener Börse

Europe's Top Unicorn Investments 2023

The full list of companies that reached a valuation of € 1B+ this year
© Behnam Norouzi on Unsplash

Crypto Investment Tracker 2022

The biggest deals in the industry, ranked by Trending Topics
ThisisEngineering RAEng on Unsplash

Technology explained

Powered by PwC
© addendum

Inside the Blockchain

Die revolutionäre Technologie von Experten erklärt

Trending Topics Tech Talk

Der Podcast mit smarten Köpfen für smarte Köpfe
© Shannon Rowies on Unsplash

We ❤️ Founders

Die spannendsten Persönlichkeiten der Startup-Szene
Tokio bei Nacht und Regen. © Unsplash

🤖Big in Japan🤖

Startups - Robots - Entrepreneurs - Tech - Trends

Continue Reading