Amber Sinha is a contributing editor at Tech Policy Press.

For nearly a decade, the European Union’s defining geopolitical identity was its regulatory moral authority. Through the General Data Protection Regulation (GDPR), the Digital Services Act (DSA), and the AI Act, Brussels pioneered what came to be known as the "Brussels Effect"— a working theory that market access could be leveraged to enforce democratic oversight, consumer privacy, and human rights over global technology platforms.

Yet, as we navigate 2026, that foundational confidence has evaporated. Faced with widening tensions with an opportunistic United States and an aggressive, mercantilist push for technological dominance from China, the EU has succumbed to a profound institutional panic. This anxiety has triggered a dangerous pivot. Driven by a deep crisis of faith in its own regulatory model, the European Commission is executing a sweeping digital deregulation agenda. To avoid public backlash, this rollback is rarely framed as a concession to corporate power. Instead, it arrives under the sanitized, technocratic banner of "simplification," "streamlining," and "reducing administrative burdens." Through instruments like the Digital Omnibus package, the EU is steadily dismantling the rights-centric framework it spent a decade constructing, mistaking a retreat from accountability for a leap toward innovation.

However, the proposed Digital Omnibus package cannot be understood in a vacuum. It is merely one front in a broader, coordinated attack on rights- and justice-based protections across the Eurozone. Under the guise of global competitiveness, European institutions are executing a wholesale backsliding of essential safeguards required for a democratic, privacy-respecting, and liveable future.

The spillover effect: Broader deregulation and digital harms

The current deregulatory drive is not limited to digital policy. It is a cross-cutting campaign. The Commission’s stated ambition to slash administrative costs by 25% for corporations has manifested in a series of sector-specific ‘Omnibus’ proposals covering defense, the environment, agriculture, and labor. However, treating these sectors as separate from the digital ecosystem is a dangerous analytical error. In an economy underpinned by data, deregulation in non-digital domains eviscerates digital rights and freedoms.

Consider the Defence Omnibus. In the rush to facilitate investment and fast-track the deployment of military and dual-use technologies, procurement rules and risk-management oversight are being radically streamlined. The consequence for digital rights is severe: it creates expansive, unchecked pathways for biometric surveillance, automated border control, and predictive policing systems to bypass standard democratic audits. By expanding exemptions for “national security” and “strategic industrial interest”, the EU is effectively carving out vast rights-free zones where the guardrails of the AI Act and the GDPR no longer apply.

Similarly, the Environmental Omnibus seeks to streamline environmental impact assessments to accelerate the construction of industrial infrastructure, including large-scale data centers. Here, the feedback loop between digital policy and material reality becomes impossible to ignore. Deregulating environmental oversight to satisfy industrial tech lobbies obscures the massive physical footprint of digital infrastructure—its insatiable demand for energy, groundwater, and rare earth minerals.

Digital deregulation, in turn, produces serious physical consequences beyond the technology sector itself. The recent highly contentious amendments to the AI Omnibus, which postpone core obligations for high-risk systems to late 2027 and exempt products already covered by sector-specific legislation (such as machinery, toys, and medical devices), create immediate vulnerabilities. When automated systems deployed in industrial workplaces, transport networks, or agricultural supply chains are shielded from rigorous upfront compliance, the result is an accumulation of unmitigated risk borne entirely by workers and local communities.

Blurring digital and material lines

This institutional retreat has fundamentally blurred the lines between digital and material harms. We see this acutely in the Commission’s recent push for a "28th regime"—the EU Inc. proposal. Designed to allow seamless, fully digital cross-border corporate registration within 48 hours, the initiative has drawn sharp criticism from labor advocates, who argue it creates legal loopholes that allow companies to circumvent national labor standards and collective bargaining protections.

Within that framework, digital issues increasingly emerge in spaces that are not explicitly digital. The modern workplace is now deeply data-driven, with algorithmic management, automated hiring, and continuous performance tracking becoming standard practice. The Digital Omnibus explicitly alters the GDPR's foundational mechanics by clarifying that information is not personal data if an entity lacks the immediate, "reasonable" means to identify the individual. This narrow redefinition hands employers a powerful tool to bypass transparency.

The change would allow corporations to invoke "legitimate interest" to process vast repositories of workplace log files, communication data, and performance metrics to train internal AI systems. When the EU weakens individual and collective access requests under Article 15 of the GDPR to pander to industrial lobbies, it directly strips gig workers, warehouse laborers, and corporate employees of the ability to contest automated firing, systemic wage theft, or discriminatory scheduling algorithms.

The European Union’s current regulatory retreat is born of a false dichotomy: the belief that it must choose between strong human rights protections and global economic competitiveness. By buying into the narrative that its rules are shackles rather than foundations, Brussels has compromised its most unique asset—regulatory trust.

Mimicking the permissive, market-first paradigms of Silicon Valley or Washington will not magically conjure a European technological hegemony. It will simply ensure that European citizens are exploited by foreign and domestic corporate monopolies with fewer legal avenues for resistance.

True innovation cannot thrive in an environment of systemic distrust, labor precarity, and institutional abdication. If Europe wishes to secure its digital autonomy, it must regain its confidence. It must recognize that a simplified society is not one where corporations are free from accountability, but one where citizens are free from structural exploitation.