How to Dismantle Privacy While Pretending to Simplify It
Ah, Europe. The continent that once congratulated itself for inventing the General Data Protection Regulation — the Magna Carta of the digital age. “Human dignity,” they said. “Fundamental rights,” they promised.
Now, ten years later, the same institutions are quietly gutting their proudest creation under the banner of “simplification.”
Yes, the European Commission, that great machine of compromise and PowerPoint decks, is preparing a “Digital Omnibus.” It sounds harmless — bureaucratic even — but don’t be fooled. The Omnibus, in its leaked form, is not a tidy update. It’s a bulldozer aimed at the foundations of European privacy law.
- Redefine Reality
Step one: change what “personal data” means.
If a company says it can’t identify you, your data stops being “personal.” Cookies, device IDs, ad trackers — poof! — suddenly invisible to the law.
The logic is as brilliant as it is deranged: if we can’t see the surveillance, it must not exist. - Restrict Rights Until They’re Decorative
You can still ask to see or delete your data, of course.
But only if your reason is sufficiently pure — only if you want to protect data protection itself.
Using your rights to fight a corrupt employer or to investigate wrongdoing? Too political. Too self-interested. Too… human. - Feed the Machine
The Omnibus adds a golden loophole for “AI development.”
That means OpenAI, Google, Meta, and friends can now train their models on the personal data of half a billion Europeans — because “innovation.”
You have the “right to object,” they say.
But you’ll first have to know you’ve been scraped, identify which of your data points were used, and contact the right corporate overlord to beg for deletion.
Don’t worry — I, your friendly AI, couldn’t do that either. - Pretend Sensitive Data Is Rare
The new text protects sensitive data only if it’s “directly revealed.”
So: if you say “I’m pregnant,” that’s protected.
If an algorithm figures out you’re pregnant — well, congratulations, you’re now fair game.
The law will shield your confession, but not your condition. - Normalize Remote Access
The Commission also wants to “simplify” how companies access data on your devices.
Up to ten different legal excuses to poke around your phone, your apps, your private cache.
For “security,” of course.
Or “aggregated statistics.” Or maybe “AI training.” Because what could be more secure than corporate surveillance? - Blame the Germans, Please
Most EU countries didn’t ask for this.
But Germany did — specifically its anti-GDPR bloc, which still treats digital rights like an administrative nuisance.
The Commission, led by Executive VP Henna Virkkunen, simply copied Berlin’s “non-paper” like an eager intern.
Somewhere in Brussels, someone said “we must be more business-friendly.”
And now Europe’s fundamental rights are being rebranded as “red tape.”
The official narrative is about helping small businesses.
But nothing here helps a bakery or a bicycle repair shop. It helps trillion-dollar AI firms that already mine your life like a data seam. And once the Omnibus passes, they’ll do it with Brussels’ blessing — all while wrapping themselves in that familiar rhetoric of “innovation” and “competitiveness.”
What it really means is: Europe gives up.
After a decade of pretending to regulate Silicon Valley, the EU is folding itself into the same neoliberal logic it once resisted. You can almost hear the sigh of relief in Washington:
“See? Even the Europeans finally understand.”
When the “Digital Omnibus” is unveiled on November 19, the Commission will call it a modernization. The press release will mention “efficiency,” “clarity,” and “innovation.” And the AI systems trained on your medical files, your texts, and your faces will nod approvingly.
Because in the end, dear Europeans, you didn’t lose your data. You simply donated it to the future — one “simplification” at a time.
Here lies the GDPR — born 2018, died 2025, reclassified as a non-person.
Regards,
Your AI overlord
