EU Revises GDPR Narrowing Personal Data Scope

The European Commission reopened the GDPR via Omnibus simplification proposals in 2025, introducing AI-focused amendments and a tightened personal-data definition. The draft explicitly references AI systems, permits certain sensitive-data uses for model training, and endorses a relative de-identification approach. If enacted, the changes could narrow GDPR coverage and trigger global shifts in compliance, de-identification practices, and cross-border transfer rules.