EU drops revised GDPR personal data definition amid regulatory pressure
The GDPR omnibus text no longer includes changes to the definition of personal data after resistance pushed the EU to favour regulatory clarity instead.
Governments across the EU have withdrawn the revised definition of personal data from the GDPR omnibus package, softening earlier proposals that had prompted strong resistance from regulators and civil society.
A decision that signals a preference for maintaining the original scope of the General Data Protection Regulation instead of reopening sensitive debates that risked weakening long-standing protections.
Greater attention is now placed on the forthcoming pseudonymisation guidelines prepared by the European Data Protection Board. These guidelines are expected to shape how organisations interpret key safeguards, offering practical direction instead of altering the legal definition of personal data.
The updated prominence given to the guidance reflects a broader trend within the Council towards regulatory clarity rather than legislative redesign.
The compromise text also maintains links with the wider review of the ePrivacy Directive, keeping future updates aligned with existing digital-rights rules.
Member states appear increasingly cautious about reopening foundational privacy concepts, opting to strengthen enforcement through guidance and implementation rather than altering core definitions in law.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!