John Whelan: EU to simplify AI Act amid pressure from tech giants
Microsoft-owned LinkedIn has reason to hope for the easing of Europe’s AI Act, as it has faced financial sanctions in the past.
The European Commission is preparing to unveil amendments to the AI Act on November 19 in an attempt to simplify the EU's digital regulatory framework.Â
The move to revise the AI Act follows sustained lobbying from US tech giants and the EU tech sector. In October, the Computer and Communications Industry Association (CCIA), whose members include Apple, Meta, and Amazon, launched a campaign pushing for simplification of not only the AI Act but the EU’s entire digital rulebook.
Pressure is also building from within the European tech sector. In July 2025, 56 EU-based AI companies, including leaders in the field such as France's Mistral AI and Germany's Aleph Alpha, signed a public letter urging the Commission to pause and simplify parts of the AI Act.
The European companies warned that compliance costs could stifle innovation if left unaddressed. Denmark emphasised that SMEs and startups, in particular, face steep compliance hurdles without finalised guidance.
The Commission is expected to unveil amendments to the AI Act on November 19 as part of the Digital Omnibus, an extensive package intended to align and simplify the EU's digital regulatory framework.
European Commissioner for Tech, Henna Virkkunen speaking at the Web Summit in Lisbon last week, stated that the digital simplification package to be presented will likely ease the burden on AI companies. The AI Act, which regulates artificial intelligence tools based on the risks they pose to society, began applying gradually last year. However, the Act faced ongoing criticism by Big Tech companies, as well as the US administration led by Donald Trump, claiming that it stifle innovation.
Europe's own tech startups and companies in Germany, France, and the Netherlands are among the world's biggest investors in their AI sectors, and industry actors in these countries have been vocal advocates for simplification measures that would reduce compliance burdens.
Earlier this year, CEOs of more than 40 European companies, including ASML, Philips, Siemens, and Mistral AI, asked for a “two-year clock-stop” on the AI Act before key obligations enter into force.
The Commission is also considering delays to imposing fines for violations of its new AI transparency rules until August 2027 to “provide sufficient time for adaptation of providers and deployers of AI systems”.
Microsoft-owned LinkedIn has reason to hope for the easing of Europe’s AI Act, as it has faced financial sanctions in the past. Earlier this year, LinkedIn outlined plans to start using public posts and user profile data, including names, photos, roles and skills, for “generative AI improvement” from November 3. The social media company envisaged processing of user data dating back to 2003 and advised users who did not want their data to be processed would have to actively opt out to avoid this from happening.
Data protection authorities in a number of member states objected and requested the Irish Data Protection Commission (DPC) to investigate as LinkedIn has its European headquarters in Ireland. The DPC raised its own concerns with the company and made recommendations to address the potential negative impact of LinkedIn’s AI plans on the data protection rights of individuals.
Following the investigation, the DPC, issued a statement earlier this month that LinkedIn has now agreed to make changes to its plans. These include issuing “improved transparency notices” to enable users to better “understand the personal data LinkedIn will process to train its AI models and their ability to opt out” and reducing the type of personal data it will use for training its gen-AI models, “both in terms of the personal data to be used and the time period from which it proposed to draw the data”.
Further changes LinkedIn has agreed to apply include measures to prevent children’s data being used in the training and filters to stop other sensitive data from being collected. The company has also agreed to share “more detailed risk assessments and other required documentation under the GDPR”, according to the DPC, which added that the company will report back on how effective and appropriate “the measures and safeguards” are within five months.
LinkedIn was fined €310m by the DPC last year for breaching the GDPR when processing personal data of its registered users for marketing and analytic purposes.
The company also faces a US lawsuit filed in January by LinkedIn Premium users who accused the social media platform of sharing their private messages with other companies to train AI models.
