POSITION | DIGITAL POLICY | AI, DATA & CYBERSECURITY
Digital Fitness Check Strengthening Europe’s competitiveness through further targeted simplification of Europe’s digital acquis.
10 March 2026 Executive Summary It’s important that the EU places competitiveness at the centre of its political reform agenda. The proposals for the Data and AI Omnibuses, the Regulation to establish EU Business Wallets, the Cybersecurity Package and the Digital Networks Act underline that the European Commission recognises in principle the necessity to cut unnecessary complexity, simplify regulatory requirements, and enhance coherence across the EU’s digital rulebook to achieve this aim. With the above-mentioned legislative proposals, the European Commission has taken a first necessary step, however, this was not bold enough, since the EU Commission's proposal does not sufficiently address the regulatory burdens and risks that continue to undermine Europe’s ability to foster innovation and enhance global competitiveness. Even worse, certain regulatory provisions continue to fundamentally erode the principles of fair competition. German industry’s policy recommendations Therefore, as part of the Digital Fitness Check, the European Commission should continue its simplification agenda by proposing the following targeted amendments to the EU’s digital acquis: ▪
Artificial Intelligence: Since early implementation experience shows the limits of applying horizontal AI rules to established sectoral frameworks, particularly those under Annex I Section A, high-risk requirements related to Annex I A should be integrated into sectoral legislation. No harmonised standards will be available for the transparency obligations under Article 50 of the AI Act. Therefore, a grace period of 12 months for AI deployers that need to disclose AIgenerated content as such, should be introduced. Existing legislation – notably the AI Act, the General Data Protection Regulation and the Platform Work Directive – already provides comprehensive rules for the deployment and use of AI in the workplace, therefore, no additional AI-specific labour legislation should be introduced.
▪
Cybersecurity: We regret that the Digital Omnibus does not address the necessary reforms of the CRA. German industry urges the Commission to postpone the application of the CRA to allow industry to adapt, and ensure the availability of fit for purpose, consensus-based and cited harmonised standards. The implementation of the CRA is currently experiencing difficulties, including the development of a massive set of harmonised standards (+40) against unrealistic timelines, designation of notified bodies, and clarification of key questions around scope (e.g. placing software on the market, remote data processing solutions) and essential
Bundesverband der Deutschen Industrie e.V. / Federation of German Industries EU Transparency Register: 1771817758-48 | German Lobbyregister: R000534 Dr Michael Dose, Mariia Halada, Steven Heckler and Polina Khubbeeva | Innovation, Security and Technology | www.bdi.eu