[Opinionated piece by Antonio Aloisi, Associate Professor of European and comparative Labour Law, IE University, Madrid, Spain.]
"Simplify”, “Streamline”, “Scale back”. While EU communiqués often find creative ways to avoid uttering the word “deregulation”, this new European Commission is all about boosting the bloc’s competitiveness by “cutting red tape”. The intention to stimulate the continent’s economy might be laudable, but there is a real risk of throwing the baby out with the bathwater.
The Draghi Report, presented in September 2024, laid the foundation for a shake-up of one of the EU’s crown jewels in digital regulation – the General Data Protection Regulation (GDPR). According to the report, certain regulations present “overlaps and inconsistencies”, leading to fragmentation.
Draghi pinpointed GDPR as a particular source of headaches, thanks largely to its complexity, burdensome national implementation, inconsistent local enforcement, and disproportionately high compliance costs for small and medium enterprises compared to larger corporations. Now the whispers are over: GDPR seems headed for the chop, much like sustainability reporting rules before it.
Yet the world has changed dramatically in recent months, meaning many of Draghi’s proposals are tailor-made for a context that no longer exists. Additionally, the US’ disastrous DOGE experiment offers a stark cautionary tale of deregulation leading to chaos rather than efficiency. Legal institutions, after all, are complex systems designed for the critical purpose of protecting people’s rights.
…
Put the chainsaw away
Blaming the GDPR for Europe’s growth woes makes for great clickbait, LinkedIn memes and after-dinner quips, but it ignores the real issues. Looser privacy rules will not fix our problems. On the contrary, a smarter framework for workers’ digital rights could serve as a robust counterbalance, ensuring that AM operates as a tool for efficiency rather than unchecked command-and-control.
By all means, critique the GDPR, but aim at the right target. Its abstract, transactional, individualistic DNA is ill-suited to the collective, lopsided reality of modern workplaces where employees’ data is fed into black-box AI systems.
In those environments the answer is not to prune protections, but to reinforce them by clarifying legal bases, establishing red lines, hard-wiring collective rights, and closing enforcement loopholes. Reform, yes. Regression, no.
When I worked at a big company they interpreted the law that all options must be equally easy so we implemented that, not because they are nice but because they’re afraid of monster fines.