Following the European Commission’s adoption of the fourth ‘omnibus’ simplification package – aimed at simplifying rules for small companies and mid-caps – the Computer and Communications Industry Association (CCIA Europe) issued the following statement on the proposed changes to the General Data Protection Regulation (GDPR).
The following can be attributed to CCIA Europe’s Privacy and Safety Lead, Claudia Canelles Quaroni:
“Easing GDPR requirements for small and mid-sized companies may offer limited relief, but this minor change falls far short of addressing the deeper structural issues that plague the EU’s data protection framework. Without further adjustments, enforcement and implementation will remain weak.”
“At best, today’s proposal will ease GDPR burdens for just 0.2% of EU companies. While well-intentioned, its limited scope means it won’t meaningfully strengthen Europe’s dwindling digital competitiveness. These are cosmetic fixes, not systemic solutions.”
“Businesses need consistent, harmonised implementation of the GDPR. Yet seven years after its entry into effect, this still seems like wishful thinking. To guarantee uniform data protection rules across the European Union, three improvements are essential: align GDPR implementation across all EU legislation for greater coherence, reinforce the one-stop-shop mechanism, and prevent fragmentation in Member-State implementation.”
“CCIA Europe hopes today’s package marks the beginning of a broader effort to improve the GDPR and related frameworks. Legislative simplification, further guidance from the Commission, and stronger cooperation among Member States and authorities are vital for a more uniform interpretation of the rules.”
Notes for editor
For further suggestions on how to improve the GDPR, CCIA Europe’s response to the European Commission’s call for evidence can be found here.
