By Marcus Venn | Digital Rule Book | March 2026 TL;DR — Key Points The EU Digital Omnibus Package, proposed 19 November 2025, is the most significant change to EU digital regulation since the AI Act itself. It proposes to simplify GDPR, delay the AI Act's high-risk deadlines by up to 16 months, merge cybersecurity reporting into a single entry point, and modernise cookie rules. For most EU businesses, the Omnibus will reduce compliance burden — but it has not been passed into law yet, and current deadlines still apply. The Digital Omnibus is not a weakening of the AI Act. It is a restructuring of the rollout to align with the actual readiness of the compliance ecosystem. This article explains every major proposal in plain English, so you know what is changing, when, and what it means for your business. DISCLAIMER: This article is for informational purposes only. The Digital Omnibus Package is a legislative proposal subject to amendment and rejection. Information ...
About Digital Rule Book
Digital Rule Book is a weekly publication covering EU digital regulation and AI tools — written in plain English for independent business owners and everyday professionals.
The EU has produced some of the most significant digital legislation in history: the GDPR, the EU AI Act, the Digital Services Act, the NIS2 Directive, and the Cyber Resilience Act. These laws affect every business that operates online or sells to EU customers — regardless of where that business is based.
Most of the available coverage is written by lawyers for lawyers, or by institutions for institutions. Digital Rule Book exists to fill the gap: expert-level analysis, translated into language you can actually use.
About Marcus Venn
Marcus Venn is a writer and analyst based in the Netherlands. He covers EU digital regulation and AI tools for people who are not lawyers or tech specialists — but who need to understand both.
He reads the official EU texts, the Commission press releases, the enforcement decisions, and the cybersecurity threat reports — and then translates all of it into language a small business owner in Lyon, Warsaw, or Cairo can read on a Tuesday morning and immediately understand what they need to do.
Being based in the Netherlands gives him direct geographic proximity to EU regulation as it develops — not as an outside observer, but as someone operating inside the EU digital economy.
What Digital Rule Book Covers
Every article falls into one of four areas:
EU Digital Regulation — The laws that govern how businesses use data, deploy AI, provide digital services, and protect their networks. GDPR, the EU AI Act, the DSA, the NIS2 Directive, the DMA, and the Cyber Resilience Act. Not summaries — analysis of what these laws require in practice, and what happens when they are enforced.
AI Tools for Business — Practical guidance on using AI tools effectively as a non-technical professional. What works, what does not, and how to integrate AI into your work without a technical background.
Crisis and Geopolitics — When major events intersect with EU digital law, Digital Rule Book covers the connection: what a cyberattack means for NIS2 enforcement, what a geopolitical crisis means for GDPR data transfers, what regulatory acceleration looks like in practice.
EU Business and Compliance — The practical requirements of operating a digital business within or alongside the EU regulatory framework.
Who This Publication Is For
Digital Rule Book is written for people in their 30s to 50s who are running a business, working independently, or building digital income — and who need to understand EU regulation without a law degree or a legal department.
You do not need a technical background to read this publication. Every article explains technical and legal terms the first time they appear. The goal is always the same: by the end of the article, you know what the law requires, why it matters to you, and what you need to do about it.
Editorial Standards
Every article published on Digital Rule Book is based on primary sources: official EU texts, Commission guidance, enforcement decisions, and verified reporting. Where information is contested or uncertain, that is stated explicitly. Where analysis reflects interpretation rather than established fact, that is made clear.
Digital Rule Book occasionally recommends tools and services. Where a link may generate a commission, this is disclosed in the affiliate note at the end of the article. Recommendations are based on genuine assessment — not on commercial arrangements.
Nothing published here constitutes legal advice. For advice on your specific situation, consult a qualified legal professional.
Contact and Follow
Digital Rule Book publishes regularly. The best way to follow the publication is via the newsletter — new articles delivered directly to your inbox.
Subscribe via RSS: https://digitalrulebook.blogspot.com/feeds/posts/default?alt=rss
Marcus Venn is also active on LinkedIn and X / Twitter, where he posts analysis and commentary between articles.
For editorial enquiries, collaboration proposals, or corrections, use the contact page.