The EU Aims to Reduce the Administrative Burdens of the GDPR

The European Commission is set to propose simplifications to the General Data Protection Regulation (GDPR), introduced in 2018, focusing primarily on reducing administrative burdens for small and medium-sized enterprises in the coming weeks. The planned amendments aim to enhance the competitiveness of European businesses while preserving the GDPR’s core data protection principles. The Commission initially scheduled the presentation of the simplification package for 16 April, but this has been postponed to 21 May, with the official proposal expected by June at the latest.

Since its introduction in 2018, the GDPR has faced significant criticism for its complexity, particularly from smaller businesses. Danish Digital Minister Caroline Stage Olsen stated that while the GDPR contains many positive aspects and data protection is essential, the regulation should not be overly rigid. Compliance must be made easier for businesses and companies. Justice Commissioner Michael McGrath, commenting on the GDPR review conducted in the summer of 2024, noted that small and medium-sized enterprises (SMEs) particularly need greater support in their compliance efforts. The simplification may address requirements for maintaining records of data processing activities and reforming data protection impact assessments, which are especially burdensome for smaller firms. Dr. Ilia Kolochenko, CEO of ImmuniWeb, argued that the GDPR, in its current form, causes more harm and obstacles than tangible benefits.

The GDPR review is expected to be accompanied by intense lobbying, as seen during its initial drafting when over 3,000 amendments were submitted in the European Parliament. Data protection activist Max Schrems emphasised that the GDPR’s core elements cannot be easily removed, as the European Court of Justice would invalidate a GDPR lacking these fundamental components. Negotiations on the amendments are likely to extend into 2025, when Denmark assumes the rotating presidency of the EU Council.

Sources:

1.

Europe’s GDPR privacy law is headed for red tape bonfire within ‘weeks’

Long seen as untouchable in Brussels, the GDPR is next on the list of the EU’s crusade against overregulation.

POLITICOEllen O’Regan

2.

Europe preparing to ‘ease the burden’ of landmark data privacy law

EU officials say it’s possible to make GDPR compliance easier for smaller organizations while ensuring that data privacy rules still work as intended.

The RecordSuzanne Smalley

3.

EU eases GDPR burdens on businesses - Identity Week

Story first reported by POLITICO The European Union is set to scale back its landmark data privacy law, the General Data Protection Regulation, as part of efforts to ease regulatory burdens on businesses. A proposal is expected within weeks, focusing on simplifying compliance, particularly for small and medium-sized enterprises. The move aligns with Commission President

Identity Week - Identity and Trust for Government, Enterprise, and PartnersEvie Kim Sing