Digital Omnibus: A step forward, but Europe still needs its own tech stack
-
Today, the Commission unveiled its proposal for simplification of the digital rulebook —including delayed AI Act enforcement and streamlined reporting—but won’t reverse Europe’s 80% dependence on imported digital services without bold industrial policy to build European alternatives.
-
At the Franco-German Digital Sovereignty Summit, DIGITAL SME President Oliver Grün told policymakers that European innovative SMEs have the technology for digital independence but lack the regulatory framework to scale.
-
Digital sovereignty requires European preference in public procurement, industrial policy supporting industry collaboration, and Digital Public Infrastructures controlled by Europe. SMEs are ready—but need coordinated public support.
Following the Franco-German Summit on European Digital Sovereignty in Berlin, the European Commission published today its Digital Omnibus, aimed at simplifying EU tech legislation.
The European DIGITAL SME Alliance welcomes efforts to streamline key digital laws. But one point must be clear: simplification alone will not reduce Europe’s dependence on foreign technologies. Europe needs a shared public-private strategy to strengthen its own digital capabilities.
The Omnibus aims to reduce administrative burdens across data rules, cybersecurity reporting, ePrivacy, the Digital Identity framework and selected provisions of the AI Act, by making targeted amendments and removing overlaps between legislation. For European tech SMEs, the package represents a chance to ease compliance and reduce administrative complexity.
These priorities were central to discussions at the Franco-German Summit on Digital Sovereignty in Berlin, where DIGITAL SME President Dr. Oliver Grün spoke in the opening panel on the Digital Omnibus alongside Henna Virkkunen, Executive Vice-President for Tech Sovereignty, Security and Democracy; Karsten Wildberger, German Minister for Digital Transformation and Government Modernisation; and Anne Le Hénanff, French Minister Delegate for AI and Digital Affairs.
The Digital Omnibus brings concrete progress in several areas:
- Delayed enforcement of AI Act high-risk obligations, given the lack of standards and sandboxes.
- Under the Cyber Resilience Act, SMEs will benefit from simplified requirements and automatic compliance with AI Act cybersecurity provisions.
- A single ENISA entry point for reporting across NIS2, GDPR, DORA and eIDAS.
- An EU-level AI Act sandbox and a shift of AI-literacy obligations from companies to the Commission.
These are small but meaningful steps to ease compliance for companies innovating in Europe. President Grün stressed a dual reality: European innovative SMEs already possess the technologies to strengthen Europe’s digital independence, but they lack the regulatory framework that allows them to scale. He underlined how SMEs face overlapping regulations that are individually justified but cumulatively burdensome — and how the impact on smaller companies has often been overlooked.
As Europe cuts red tape, the Commission must avoid creating new advantages for foreign tech incumbents. Europe imports more than 80% of its digital services. Reducing compliance burdens helps — but it will not reverse this dependency without an equally ambitious industrial strategy. As President Grün noted at yesterday’s Summit: “Europe must not only regulate technology — it must build it.”
Achieving this objective requires a multi-faceted approach. Key areas of intervention include:
1. European preference in public procurement
The upcoming revision of EU procurement directives is a critical opportunity to establish preference criteria that create real demand for European solutions. Public procurement should become a strategic tool to support Europe’s digital ecosystem. The state must act as an “anchor customer” for the EU’s digital industry — providing orders, validating solutions, and helping establish credibility.
2. Industrial policy to overcome market fragmentation
European companies must be incentivised to cooperate on interoperability standards, integrate their products into bundles, establish revenue-sharing business models, and collaborate across borders. Europe has the technologies — they must be integrated to offer viable alternatives to non-European providers.
Creating a few “EU champions” can be useful, but mimicking Big Tech will not succeed. Europe cannot rely on US-style capital markets, and companies will struggle to reach the same scale, especially in platform markets dominated by foreign actors controlling key choke points. Competing is possible only if governments step in.
3. Digital Public Infrastructures
At the Summit, Minister Wildberger offered a concrete idea: the EU Digital Wallet, coupled with a payment system, could reach critical consumer mass and serve as a platform to bundle additional applications — such as messaging. Europe must therefore establish Digital Public Infrastructures that it can control as essential layers of the digital stack. Designating certain layers as Digital Public Infrastructure opens new collaboration models between the private and public sectors, where the former delivers and innovates, and the latter ensures that governance serves the public interest.
Given current market concentration and the growing recognition of technology as an instrument of geopolitical power, a public-private partnership is essential. SMEs stand ready to contribute their innovation capacity, but digital sovereignty cannot be achieved without coordinated public support.
Initiatives such as the European Sovereign Cloud Pledge and the Tech Sovereignty Catalogue show that European companies are prepared to collaborate on sovereignty goals. These initiatives now need the policy backing required to scale.
The European DIGITAL SME Alliance will continue these discussions at its annual summit on 4 December 2025 in Brussels, bringing together policymakers, industry leaders and innovators to advance Europe’s tech sovereignty and competitiveness agenda.
