In November 2025, Reuters reported on European Commission proposals described as a “Digital Omnibus” package, aimed at streamlining EU digital rules. The reporting highlighted proposed delays to certain “high-risk” AI requirements, changes to cookie consent prompts, and broader simplification measures.
According to Reuters’ description, one proposed change would delay application timelines for stricter rules affecting high-risk AI systems, extending compliance deadlines beyond the original schedule. Reuters also noted proposals intended to reduce repeated cookie consent prompts, including the idea of storing preferences for longer periods or handling some settings at browser level.
The proposals drew criticism as well as support. The Guardian reported that digital rights advocates framed the initiative as a potential rollback of protections, warning of weaker privacy safeguards and broader latitude for large platforms. Meanwhile, the Commission’s framing (as reflected in mainstream reporting) emphasised reducing regulatory burden and improving competitiveness, particularly for smaller organisations.
For businesses, the key point is uncertainty: until the legislative process concludes, organisations should not assume that existing obligations disappear. If anything, the debate signals that regulators and lawmakers are attempting to reconcile two goals: strong fundamental rights protection and a workable compliance environment.
Acompli perspective: The “Omnibus” discussion is particularly relevant to consent and cookie tooling. If consent mechanisms become more preference-driven (with longer-lived settings), organisations will still need evidence that choices were respected, implemented consistently, and not overridden by dark patterns. Compliance becomes less about the pop-up and more about the underlying preference governance — exactly the kind of structured control problem that benefits from automation.