Privacy roadblock stunts von der Leyen’s anti-red tape crusade – POLITICO

Brussels insists the alteration doesn’t erode core privacy protections. The data to serve AI would be “pseudonymized,” meaning it would be stripped of personal identifiers so it can be used for research while not giving clues about the individual to whom the data belongs.

That stance is based on a recent case in which the EU’s top court ruled privacy safeguards don’t need to be applied to pseudonymized data. “We are not changing the definition of personal data,” Karolina Mojzesowicz, a longtime litigator who now serves as deputy head of the Commission’s data protection unit, said during a privacy conference in March. “We are bringing in the clarification the court made.”

But the legislation’s champions disagree. “We should not redefine definitions of GDPR,” Kaljurand said in an interview, warning changes could create “legal uncertainty” and “limit” fundamental privacy rights.

European privacy regulators last month also warned against changes to the definition. And EU countries pushed back against the change in early position papers, and scrapped the alterations in their compromise version of the bill in February.

Marina KALJURAND during a meeting of Committee on Civil Liberties and Justice and Home Affairs at the European Parliament an institution of the European Union in Brussels on February 18, 2025. | Martin Bertrand/Hans Lucas/AFP via Getty Images

Berlin and Paris are split on privacy reforms. At a flagship tech sovereignty event hosted by France and Germany in November, German Digital Minister Karsten Wildberger said Europe needs “courageous reforms” of digital rules to boost AI innovation. But his French counterpart, Anne Le Hénanff, advocated “targeted simplification” and an “ambitious” position on data protection.

The Commission did its work “rather hastily,” said Kaljurand, who defended the Parliament’s role in slowing down the pace and pushing back on core privacy principles.

Finnish center-right lawmaker Aura Salla, another key figure working on the file in the Parliament’s industry committee, told POLITICO that the GDPR needs to undergo “brutal changes” to give European companies and researchers the data they need to train AI.

But she conceded the bloc faces a “dilemma” in achieving that goal without also handing over Europeans’ personal data to U.S. tech giants. She added the final law shouldn’t go as “far as the Commission proposal goes” on changing data definitions.