After years of staring down the world’s biggest tech companies and setting the bar for tough regulation worldwide, Europe has blinked. Under intense pressure from industry and the US government, Brussels is stripping protections from its flagship General Data Protection Regulation (GDPR) — including simplifying its infamous cookie permission pop-ups — and relaxing or delaying landmark AI rules in an effort to cut red tape and revive sluggish economic growth.
The proposal waters down a key part of Europe’s sweeping artificial intelligence rules, the AI Act, which came into force in 2024 but had many elements that would only come into effect later. The change extends the grace period for rules governing high-risk AI systems that pose “serious risks” to health, safety, or fundamental rights, which were due to come into effect next summer. The rules will now only apply once it’s confirmed that “the needed standards and support tools are available” to AI companies.
The proposed overhaul won’t land quietly in Brussels, and if the development of the GDPR and AI Act are anything to go by, a political and lobbying firestorm is on its way. The GDPR is a cornerstone of Europe’s tech strategy and as close to sacred as a policy can be. Leaked drafts have already provoked outrage among civil rights groups and politicians, who have accused the Commission of weakening fundamental safeguards and bowing to pressure from Big Tech.
The decision follows months of intense pressure from Big Tech and Donald Trump — as well as high-profile internal figures like ex-Italian prime minister and former head of the European Central Bank Mario Draghi — urging the bloc to weaken burdensome tech regulation. With very few exceptions, Europe doesn’t have any credible competitors in the global AI race, which is dominated by US and Chinese companies like DeepSeek, Google, and OpenAI.
This article is developing…