EU Privacy Overhaul Sparks Outrage: Big Tech Wins, Your Data Loses (2025 Update)
Privacy advocates sound alarms as proposed EU regulations threaten to become a goldmine for tech giants.
The fine print you didn't read—how Meta, Google, and friends could turn 'data protection' into a profit engine.
Meanwhile, Brussels bureaucrats collect another paycheck—your digital rights just got downgraded to 'cost of doing business.'
Big techs have accused the EU laws of being anti-innovation
Under the proposals, major platforms could be allowed to take personal information and feed it into artificial intelligence training on the basis of “legitimate interest.”
If this stands, it would be a major change from today’s reading of the law, which demands explicit consent for many categories of sensitive information. Groups that have fought Brussels battles for years are now sounding the loudest alarm. The Austrian organisation NOYB said this bundle of revisions amounts to death by a thousand cuts.
Max Schrems, the campaigner whose legal challenges helped build GDPR into a global symbol, called it a “massive downgrading of Europeans’ privacy”.
A second set of amendments concerns the cookie regime, the same rules that turned the internet into a forest of pop-up choices. Under the draft, the whole piece of legislation could be absorbed into GDPR, and access to phones, laptops, or connected devices could be based on loose permissions, such as a company’s need to detect fraud or measure audiences.
Itxaso Dominguez de Olazabal, from the European Digital Rights network, said this would change how Europe protects the private spaces inside personal devices.
This is not happening in a vacuum; the US government has been accusing EU law of being anti-innovation, with several firms like Meta found on the wrong side of the law. Big tech companies have been lobbying across the continent to soften the Artificial Intelligence Act, arguing that fast-moving tools cannot survive inside a slow bureaucratic cage.
The Commission insists it is not surrendering principles, only removing unnecessary paperwork. There will be a presentation on 19 November, though the document could still shift before then. One clear sign of the new direction is the suggestion that companies using artificial intelligence only for internal, narrow tasks would not have to register systems in an EU database for high-risk AI.
Another is a one-year grace period on fines, on deepfakes and synthetic media, providers would have extra time before they must permanently tag their output as machine-generated.
The EU wants to appear flexible
The Commission has done something similar recently in environmental law, climate requirements that only months ago were described as essential have now been loosened, and businesses have welcomed the retreat. Critics say industry intimidation is working.
Europe’s political class is nervous about investment drying up, and it is hunting for ways to appear flexible. Supporters of the AI law admit privately that they worry more about falling behind the United States and China than they did when they first drafted the text. Those forces haunt every regulatory argument today.
The question now is whether member states and the Parliament will accept this turn, as many in Brussels know the symbolism is dangerous. If Europe weakens the privacy flag it has flown for a decade, the story of the GDPR may not end as the continent imagined, a beacon of values, copied by others.
It may instead become another example of grand talk that could not survive the heat of commercial power.
Sign up to Bybit and start trading with $30,050 in welcome gifts
