Communication
28
Jan
2026

Digital Omnibus and GDPR: What Changes for Businesses and Citizens

Gonçalo Cerejeira Namora, Rafaela Pinheiro Fernandes

28
Jan
2026

On European Data Protection Day, the Privacy, Digital and Technology team explains the European Commission’s Digital Omnibus proposal and its direct impact on the GDPR.

? Download the article summary.

? Watch the full video.

GDPR and Digital Omnibus: What Changes in the New Cycle of European Digital Law

28 January marks European Data Protection Day, a date that invites reflection on the evolution of European Digital Law and recent developments signalling the start of a new regulatory cycle

Data Protection: From Fundamental Right to European Pillar

In Portugal, personal data protection has been enshrined since 1982 (Article 35 of the Constitution), while at the European level it has acquired fundamental right status (Article 8 of the Charter of Fundamental Rights of the EU). The GDPR, in force since 2016, strengthened rights, duties, and enforcement mechanisms, but technological advances and the data economy have highlighted the need for updates.

Digital Omnibus: A Structural Review

On 19 November 2025, the European Commission presented the Digital Omnibus package, proposing amendments to the GDPR, the ePrivacy Directive, the Data Act, NIS 2, and other frameworks.

Objective: To simplify, harmonise, and update the EU digital regulatory framework, paving the way for a more integrated approach between data protection, technological innovation, and the digital market.

Key Proposed Changes to the GDPR

  • Clarification of personal data: Redefining “identifiability” in line with the CJEU.

  • AI and sensitive data: Exceptions for training and validating AI systems.

  • Data reuse for research: Automatic compatibility for scientific and innovation purposes.

  • Right of access and information duties: Limits on abusive exercise and exemptions for already known information.

  • Automated decisions: “Necessity” requirements apply in all cases.

  • Breach notifications: Extended deadlines and a single European model.

  • Impact assessments (DPIA): Unified lists and harmonised methodology.

  • ePrivacy integration: Reducing consent fatigue, compliance costs, and legal uncertainty.

A New Cycle for European Digital Law

The Digital Omnibus is more than a technical update: it represents a structural shift in EU digital governance, allowing existing frameworks to be reconfigured and aligning data protection, technological innovation, and the internal market more effectively.

This new cycle presents an opportunity for businesses, professionals, and citizens to understand and adapt to a more integrated and dynamic European digital reality.

Download PDF
Let's talk
Content Search
4 Mar
2026
End of the Court of Auditors’ prior approval: simplification or risk to financial oversight?

News | Ricardo Maia Magalhães

26 Feb
2026
RMMG 2026: Regime excepcional de atualização de preços para contratos públicos de serviços

Legal Updates | Nuno Cerejeira Namora, Pedro Condês Tomaz, Maria Inês Correia

20 Feb
2026
Lei reforça confisco alargado de bens obtidos com a prática de crime

Legal Updates | Miguel Marques Oliveira, Flávia Silva Oliveira

18 Feb
2026
Amendments to the Flexible Working Regime: When Rights Collide in Employment Law

News | Nuno Cerejeira Namora

Please note, your browser is out of date.
 For a good browsing experience we recommend using the latest version of Chrome, Firefox, Safari, Opera or Internet Explorer.