EU Council to propose targeted GDPR and ePrivacy reforms
11/07/2025 | Council of the European Union
Having begun its six-month rotating presidency of the Council of the European Union on 1 July 2025, Denmark has announced its intention to propose several targeted revisions to the EU General Data Protection Regulation (GDPR) and ePrivacy Directive. The move is designed to reduce compliance burdens on companies and enhance their competitiveness while maintaining high standards of data protection.
The Danish proposal includes a range of key changes:
- Exempting companies from cookie consent for technical and simple statistical data collection,
- Defining a minimum threshold for data subject rights,
- Removing the right to data portability,
- Reducing the number of companies required to keep records of processing activities.
- Lifting part of the open-ended documentation obligation for SMEs,
- Exempting certain uncomplicated data breach notifications,
- Clarifying Data Protection Impact Assessment (DPIA) requirements with potential SME exemptions,
- Making the data subject’s right to lodge a complaint conditional on prior engagement with the data controller, especially for SMEs.
What is this page?
You are reading a summary article on the Privacy Newsfeed, a free resource for DPOs and other professionals with privacy or data protection responsibilities helping them stay informed of industry news all in one place. The information here is a brief snippet relating to a single piece of original content or several articles about a common topic or thread. The main contributor is listed in the top left-hand corner, just beneath the article title.
The Privacy Newsfeed monitors over 300 global publications, of which more than 6,250 summary articles have been posted to the online archive dating back to the beginning of 2020. A weekly roundup is available by email every Friday.