Europe's data economy is worth hundreds of billions of dollars, yet it remains trapped by conflicting regulations that favor large tech companies over European innovators. The European data market exceeded €115 billion in 2025 and is projected to reach €148 billion by 2030, according to a 2025 study commissioned by the European Commission . The broader data economy was already worth €325 billion in 2019 and was projected to reach €500 billion by 2025. Despite this enormous economic potential, fragmented enforcement of data protection rules continues to hold back European businesses from scaling and competing globally.

Why Is Europe's Data Economy Falling Behind?

The roadblocks facing European data-driven companies are remarkably consistent across industries. The primary culprits include the broad definition of personal data under the General Data Protection Regulation (GDPR), the lack of consistent interpretation across EU member states, and non-binding guidance from the European Data Protection Board (EDPB) that provides limited clarity . Large multinational corporations, particularly non-European tech giants, have the resources to navigate these fragmented rules and challenge regulatory decisions. Smaller European companies, however, lack the legal and financial capacity to manage compliance across different national interpretations of the same law.

This creates a paradox: Europe has one of the world's strongest data protection regimes, yet that very strength is becoming a competitive disadvantage. Companies cannot easily determine what constitutes personal data, when data is sufficiently anonymized to fall outside GDPR's strict rules, or how to balance innovation with privacy protection. The uncertainty discourages investment in data-driven technologies and pushes European talent and capital toward the United States and other regions with clearer regulatory frameworks.

What Happened to Europe's Data Reform Efforts?

The European Commission recognized these problems and proposed targeted reforms through the Digital Omnibus packages. The Commission's initial proposal for the data-focused Digital Omnibus included modest changes to the GDPR, introducing clearer criteria for when personal data is sufficiently pseudonymized, defining what constitutes personal data, and clarifying data subjects' rights . These were not radical overhauls; they were incremental adjustments designed to reduce compliance confusion without weakening privacy protections.

However, the EU Council reversed course. Instead of adopting the Commission's modest proposals, the Council reverted the text to relying on EDPB guidance and removed statements clarifying what does and does not constitute personal data . This decision essentially left European businesses back where they started, without the legal clarity they desperately need.

"The simplification agenda has nothing to do with US lobbying. It is very much a result of Letta and Draghi, and kind of the debate that was in the European Union, ahead of the last European Parliament election. It was a feeling, in particular about European businesses, that Europe was seen as too heavily regulating, and not listening to the concerns of the European businesses about their compliance costs," stated Renate Nikolay, Deputy Director of DG CONNECT.

Renate Nikolay, Deputy Director, DG CONNECT

The Commission's push for reform was driven by European companies themselves, not by US lobbying pressure as some critics claimed. European businesses have repeatedly raised concerns about compliance costs and the incoherent regulatory landscape that makes it difficult to operate across member states. Yet political sensitivities around data sovereignty and privacy protection have made even modest reforms controversial.

How Can Europe Balance Privacy and Innovation?

The core challenge is finding equilibrium between two legitimate goals: protecting citizens' privacy and enabling businesses to innovate and compete. Several practical steps could help achieve this balance:

• Binding GDPR Clarifications: Replace non-binding EDPB guidelines with binding regulatory clarifications on what constitutes personal data, when pseudonymization is sufficient, and how to balance privacy with other public interests like innovation and economic growth.
• Independent Review Mechanisms: Establish independent oversight of data protection enforcement to prevent overly restrictive interpretations that stifle legitimate business activities and ensure consistency across member states.
• Harmonized Enforcement Standards: Create harmonized enforcement standards across EU member states so companies face consistent requirements rather than navigating dozens of different national interpretations of the same law.

Polish technology lawyer Mikołaj Barczentewicz has argued that Europe should seriously reform GDPR enforcement by adding more independent review and better balancing of business, innovation, and other public interests alongside privacy . The EDPB's non-binding guidelines, while well-intentioned, take years to issue and do not protect companies from enforcement troubles later. A company might follow EDPB guidance only to face enforcement action from a national data protection authority with a different interpretation.

What's at Stake for Europe's Competitiveness?

The stakes extend beyond individual companies. Europe's ability to compete in the global AI and data economy depends on having a thriving ecosystem of data-driven businesses. When regulatory uncertainty discourages European startups and mid-sized companies from scaling, that talent and capital migrate elsewhere. The EU's competitiveness ambitions, combined with looming economic challenges, make this regulatory gridlock increasingly costly.

The question facing EU policymakers is whether Europe can maintain world-class privacy protections while also empowering European businesses to compete globally. The Council's reversal of the Commission's modest reforms suggests the answer may be no, at least not in the near term. Without clearer rules and more balanced enforcement, Europe's €500 billion data economy will continue to underperform its potential, and the gap between European and American tech companies will only widen .