Homo Digitalis publishes its Study on the proposed Digital Omnibus Regulations
On 19 November, the European Commission published two (2) proposed Digital Omnibus Regulations.
The first (Digital Omnibus Regulation Proposal) proposes significant amendments to provisions of well-known legislative instruments that are already in force, such as the General Data Protection Regulation (GDPR – Regulation 2016/679), the Data Protection Regulation for the EU institutions, bodies, offices and agencies (EUDPR – Regulation 2018/1725), the ePrivacy Directive (Directive 2002/58/EC), the Data Act (Regulation 2023/2854), the Single Digital Gateway Regulation (Regulation 2018/1724), the NIS2 Directive (Directive 2022/2555) and the Critical Entities Resilience Directive (Directive 2022/2557).
It also proposes the repeal of other legislative instruments that are currently in force, namely the Regulation on the free flow of non-personal data (Regulation 2018/1807), the Data Governance Act (Regulation 2022/868), the Regulation on platform-to-business relations (P2B – Regulation 2019/1150) and the Open Data Directive (Directive 2019/1024).
The second (Digital Omnibus on AI Regulation Proposal) proposes significant amendments to legislation that is currently partially in force, in particular the Artificial Intelligence Act (AI Act – Regulation 2024/1689), while also introducing additions to legislation that is fully in force, specifically the Regulation establishing common rules in the field of civil aviation (Regulation 2018/1139).
Homo Digitalis, together with the European network of which it is a member, European Digital Rights (EDRi), as well as other civil society organisations, academics and experts, sought throughout 2025 to maintain a substantive and well-documented presence in the relevant legislative preparatory process. In this context, we submitted a series of open letters to the competent bodies of the European Commission in May, September and November, while at the same time setting out our positions and arguments in detail through active participation in the public consultation process in October 2025.
We had already warned that the Digital Omnibus package forms part of a broader wave of deregulation that threatens to weaken critical European rules, portraying fundamental rights as an alleged obstacle to innovation and, in practice, serving the interests of large technology companies. From the outset, we had no confidence that the European Commission would be able to genuinely absorb and process our positions within the framework of the public consultation, because the consultation closed in mid-October and the publication of the final text with the proposed provisions was expected just one month later. It would have been essentially impossible to analyse and incorporate arguments and proposals into the text within such a short timeframe.
By November 2025, it had become clear that the European Commission was never interested in substantive dialogue and exchange of views regarding this legislative initiative. At that point, a leak of certain drafts of the proposed provisions revealed that the Commission had already shaped a draft regulation containing highly problematic provisions, representing the greatest rollback in the protection of human rights in the digital sphere. We then highlighted, through a joint press release, the significant challenges arising from the proposed changes to the GDPR and the ePrivacy Directive. A few days later, the official text was published, concealing new surprises and even greater challenges for our rights and freedoms in the digital environment.
Today, we publish our in-depth study on the package of proposed Digital Omnibus reforms, explaining the challenges that arise for our rights and freedoms.
The text of our study is available here (EL).
The Digital Omnibus reform package is not a technical exercise in codification, but a decisive shift of the European digital acquis towards a regime of reduced safeguards and diminished accountability. If adopted as is, the Union risks losing the strongest tool it possessed internationally: the example that technological progress can coexist with high standards of fundamental rights protection.
This weakening will not be felt through dramatic ruptures, but through a slow and persistent erosion, whereby rights we considered non-negotiable will be transformed into exceptions, and oversight will become a shadow of its former self. The choice facing EU legislators does not concern the “simplification” of legislation, but the very future of the European model of human protection: whether it will remain a pillar of the rule of law or allow itself to be replaced by a logic in which innovation is imposed without counterbalances and privacy becomes negotiable.
We submit an Open Letter to the Prime Minister, calling on the Hellenic Republic to reject the Danish Presidency’s text on the CSA.
Homo Digitalis today submitted an Open Letter to the Prime Minister of the Hellenic Republic, Kyriakos Mitsotakis, regarding the proposed Regulation on Child Sexual Abuse Material (CSA Regulation).
In our letter — which we have also shared with the Minister of Justice and the Minister for Citizen Protection — we call on the Hellenic Republic to reject the Danish Presidency’s text in the upcoming vote at the EU Justice and Home Affairs Council on October 14, 2025.
The objective of the Regulation — to curb the distribution of child sexual abuse material — is right and necessary. However, the text proposed by the Danish Presidency would achieve the opposite effect, undermining security and trust in the digital space.
Specifically, 787 leading experts in communication security and encryption — including professors from top academic institutions in Greece — have emphasized that:
The technology for detecting child sexual abuse material is inaccurate and ineffective.
Mandatory scanning undermines end-to-end encryption and opens the door to mass surveillance.
The proposed technical measures can be easily bypassed by malicious users and threaten anonymity and freedom of information.
Real child protection comes through education and support for victims, not through mass monitoring.
On October 14, Greece’s position must be guided by knowledge, technical expertise, and the fundamental principles and values upheld by the EU Charter of Fundamental Rights and the Constitution of Greece.
You can read the full text of our open letter here.
You can also read a related article recently published on our website by our member Stergios Konstantinou here.
Learn more about Homo Digitalis’s work on this issue, including past meetings between our members — Haris Kyritsis, Haris Daftsios, Niki Georgakopoulou, Giorgos Sarris, and Angelina Barla — and Greek Members of the European Parliament, in cooperation with European Digital Rights (EDRi), here.
We submitted our views to the European Commission’s public consultation on the assessment of the impact of the Digital Markets Act (DMA)
On September 23, Homo Digitalis submitted its views to the European Commission’s Public Consultation as part of the report it is preparing on the assessment of the impact of Regulation (EU) 2022/1925 on Digital Markets (Digital Markets Act – DMA).
The real impact of the DMA depends on the Commission’s determination to enforce it, honoring both the letter and the spirit of the regulation — namely, to create open and competitive digital markets, strengthen competition, and protect users’ rights.
You can read our full submission here.
For more information about the public consultation, click here.
Homo Digitalis is featured in Adessium's Annual Report for 2024
Adessium supports the European AI & Society Fund (EAISF), a pooled fund dedicated to achieving responsible AI policies and applications. The fund works on legislation for artificial intelligence, monitors its social impact and reports potential risks, such as unjust consequences for citizens and environmental damage due to technology.
In this context, Homo Digitalis alongside European Digital Rights were featured in the 2024 Annual Report, highlighting our key achievements and ongoing work made possible through the support of EAISF. The report includes quotes from Claire Fernandez and Eleftherios Chelioudakis.
We warmly thank EAISF and Adessium for the opportunity to showcase our impactful work in the field of border management and law enforcement, as well as for their continuous support in safeguarding human rights in the digital age!
Read their full annual report and the important work they support here.
The new annual report of EDRi is here, with important references to the work of Homo Digitalis
European Digital Rights (EDRi), our dynamic network working to defend and promote digital rights across Europe, has published its 2024 Annual Report!
Read more about the network’s major actions and achievements over the past year! Special references are, of course, made to the contribution of Homo Digitalis. From hosting the 2024 General Assembly in Heraklion, Crete, to raising awareness around the Predator spyware and related legislative reforms, to filing a legal challenge against the retention of electronic communications metadata in Greece, and to the imposition of significant fines regarding the KENTAVROS and YPERION systems in the closed facilities of the Ministry of Migration—2024 was a year full of progress and impact!
We submitted our views to the European Commission’s public consultation on Article 30(5) GDPR
Yesterday, Homo Digitalis submitted its views as part of the European Commission’s public consultation on Article 30(5) of the GDPR.
In our submission, we call on the Commission to withdraw the proposed amendment and stress the need to ensure that the GDPR is not reopened or modified through broader deregulatory initiatives. The priority must remain on the effective application and enforcement of the existing framework, rather than on reducing the safeguards that are essential for protecting fundamental rights in the digital age.
You can read our full position here.
We filed a complaint against Alphabet before the European Commission under the provisions of the DMA, together with five organizations.
European Digital Rights, ARTICLE 19, Free Software Foundation Europe (FSFE), Gesellschaft für Freiheitsrechte e.V., Vrijschrift.org, and Homo Digitalis filed a formal complaint against Alphabet Inc. under the Digital Markets Act (DMA) before the European Commission.
Despite the DMA’s clear gatekeeper rules:
On Android, users still cannot truly uninstall Google’s pre-installed apps; they can only disable them, which leaves them on the device. Yet Alphabet misleads users by claiming this is the same as removing an app. It is not.
The disable option is buried deep in the settings and, when users do find it, Android displays vague and intimidating warnings that discourage them from switching to alternative apps, making it harder to move away from Google’s ecosystem.
We are facing a textbook case of deceptive design, which restricts user choice and reinforces Alphabet’s gatekeeper position.
With our complaint, we call on the European Commission to investigate Alphabet’s practices and order the company to fully respect end-user rights under the DMA.
You can read our complaint on EDRi’s website here.
Homo Digitalis contributes to two EU consultations on the Data Strategy and high-risk AI systems
Last Friday, July 18th, Homo Digitalis submitted detailed input to two public consultations launched by the European Commission.
The first consultation focused on collecting targeted input from stakeholders regarding the implementation of the AI Act (2024/1689) rules for high-risk AI systems. According to Article 6(5) of the AI Act, the Commission must publish guidelines on the practical implementation of the high-risk classification rules by February 2, 2026, accompanied by a list of practical examples of both high-risk and non-high-risk AI systems. Additionally, Article 96(1)(a) requires the Commission to provide guidelines on the application of obligations and responsibilities for high-risk AI systems, including those across the AI value chain, as defined in Article 25. In its submission, Homo Digitalis provided practical examples of AI systems from Greece and other countries, and highlighted key issues that should be clarified in both the classification and compliance guidelines.
The second consultation addressed the EU Data Strategy. Its three goals are to: 1) boost investment in data technologies and promote data sharing through voluntary or funded initiatives; 2) streamline existing rules and develop data tools to reduce administrative burdens; and 3) shape an international data strategy that ensures safeguards for data transfers outside the EU and encourages data inflows into the EU.
In its response, Homo Digitalis raised strong concerns about potential undermining of personal data protection under the pretext of simplification, flexibility, and competitiveness. The organisation reaffirmed its position that fundamental rights must be strengthened through the use of new technologies and rejected the framing of existing legal frameworks as a barrier to innovation. According to Homo Digitalis, the challenges lie primarily in the lack of enforcement and resources, not the laws themselves.
You can read our full submission for the first consultation here.
We thank the drafting team, Stavrina Chousou, Niki Georgakopoulou, Sofia Antonopoulou, and Eleftherios Chelioudakis, for their valuable contributions.
You can read our full submission for the second consultation here, edited by our Executive Director, Eleftherios Chelioudakis.
We sent an open letter to the EU calling for a reassessment of Israel’s adequacy decision under the GDPR
Together with European Digital Rights, Access Now, and 16 other civil society organizations, we submitted a second open letter to the European Commission, urging it to urgently reassess Israel’s adequacy status under the GDPR.
Since the Commission reconfirmed Israel’s status in January 2024, the situation has only deteriorated:
Escalating human rights violations in Gaza and the West Bank
Expansion of surveillance systems and biometric repression
Legal reforms undermining oversight of personal data processing
Ongoing data flows to Israeli companies with ties to security services
Use of AI-driven targeting systems in a context where the International Court of Justice has found plausible genocide
Application of Israeli law to occupied territories, in breach of the EU’s own policy
This is not just about technical compliance. It is about whether the EU’s data protection framework can credibly uphold fundamental rights, and whether data originating in the EU is being used to facilitate unlawful practices.
Read the letter here.