JANE Co-signed a Joint Industry Statement on the EU Digital Omnibus Proposal

On May 26, 2026, the Japan Association of New Economy (JANE) co-signed a joint industry statement expressing concerns over the direction of negotiations within the Council of the European Union regarding the EU Digital Omnibus proposal.

【About the Joint Statement】

This joint statement was issued by 22 associations representing technology companies, digital infrastructure providers, medical technology companies, small and medium-sized enterprises, and businesses that utilize digital technologies.

It points out that the EU Digital Omnibus proposal presents an important opportunity to review and simplify overlapping, fragmented, and inconsistent regulations relating to data, e-Privacy, and cybersecurity, thereby reducing burdens on businesses, promoting innovation, and strengthening the EU’s competitiveness.

At the same time, it expresses concern that the negotiations currently underway in the Council of the European Union are moving away from the proposal’s original objective of simplification and calls on EU Member States to ensure the quality and effectiveness of the legislation.

【Summary of Views Expressed in the Joint Statement】

■ Maintaining the simplification of the GDPR

The joint statement calls on EU Member States to preserve the targeted amendments to the GDPR proposed by the European Commission. These include clarifying the definition of personal data, establishing more practical conditions for the use of personal data in AI, refining the definition of scientific research in a way that supports innovation, and streamlining the data breach notification regime. It argues that these are important adjustments to reduce legal uncertainty and fragmentation among Member States while maintaining a high level of protection.

■ Reform of Cookie regulations

The joint statement argues that the rules on cookies and similar technologies should be harmonized across the EU in a manner that reflects technological and market realities. In particular, it warns against introducing overly complex and difficult-to-implement mechanisms such as centralized consent management for cookies, as well as rigid regulatory approaches that rely solely on consent. It also calls for low-risk processing activities—such as security, fraud prevention, the provision of user-requested functionalities, and the management of advertising frequency—not to be subject to excessive consent requirements.

■ A Single-Entry Point for cyber incident reporting

The joint statement calls for the introduction of an EU-level Single-Entry Point for cyber incident reporting. For companies operating across borders, the existence of different reporting channels and obligations in each Member State does not lead to any meaningful reduction in compliance burdens. It therefore emphasizes the importance of simplifying and harmonizing reporting obligations, deadlines, templates, and definitions across the EU’s cybersecurity-related legal framework.

■ The EU Data Act and the protection of trade secrets

The joint statement calls for due consideration to be given to the complexity of the EU Data Act and for trade secrets to be properly protected. It also points out the need to appropriately address risks such as the unlawful use of data, the loss of proprietary know-how, and security-related concerns.

■ Sufficient negotiation time and dialogue with stakeholders

While supporting the timely adoption of the EU Digital Omnibus proposal, the joint statement emphasizes that the pace of negotiations should not come at the expense of the quality of the legislation or its original simplification objective. It therefore calls on EU Member States to ensure sufficient time for negotiations and to engage in adequate dialogue with affected stakeholders before moving forward with the adoption of a general approach.

※ For more information on the EU Digital Omnibus proposal, please see here

※ For the full text of the joint statement, please see here

Proposals/News

Admission Form