New theme: AI literacy
Explore here
In addition to legislation specifically addressing digital matters, the Omnibus II proposal also proposes changes to "regular" product safety legislation by providing common specifications instead of standards as an option for demonstrating compliance. In this article, we explain the impact this has on the EU's technology policy, including the Digital Omnibus and the Digital Omnibus on AI.
What: Omnibus II proposal
Impact score: 2
For whom: manufacturing companies, market surveillance authorities
URL: https://commission.europa.eu/document/download/58f5e2e3-e2c9-4149-9fd6-648490c9e7fe_en?filename=COM_2025_84_EN.pdf
Aside from the AI Act and digital-specific legislation, the EU Commission’s Omnibus Proposals tackle multiple regulations that cover the design of hardware and software products under the New Legislative Framework.
While they do not cover AI systems directly – it is for this purpose that the AI Act’s high-risk AI system requirements have been drafted and adopted – their requirements may apply to the AI models embedded in such products. For example, the Machinery Regulation requires that machines obey only the instructions by a human operator, which also requires prevention of external attackers or AI-based feedback loops.
The New Legislative Framework is based on three components:
However, harmonized standards are currently more difficult to come by. Traditionally, harmonized standards are derived from international standards drawn up by international standard organizations such as the International Standards Organization, the Institute for Electrotechnical Engineers and the International Telecommunications Union. These private documents are protected by copyright and are thus usually only available after buying them for a fee.
In C-588/21 Public.Rights.Org, however, the Court of Justice of the European Union ruled that access to harmonized standards can be requested from EU institutions free of charge. The CJEU argued that, as harmonized standards provide the technical specifications of EU law, they are EU law, and therefore there is a public interest in their disclosure that permits them to be obtained free of charge upon request. On the eNorm platform, such options have been provided. However, a decision by the Commission to also grant access to a standard that was not (yet) a harmonized standard has resulted in ISO and IEC not only blocking access to standards, but also to sue the European Commission over this disclosure.
To ensure that the functioning of the New Legislative Framework is not impeded, the Commission therefore decided to adopt an Omnibus II Proposal that, in all New Legislative Framework Instruments that do not provide common specifications, introduces the mechanism of common specifications. Known to the e.g. the AI Act, the mechanism of common specifications permits the Commission to, if there is no coverage by harmonized standards, draft its own ad interim technical specifications that can be used for the purposes of conformity assessment and trigger the presumption of conformity until a harmonized standard is adopted. Once a harmonized standard adopts them, such specification immediately is removed.
It remains to be seen if this will provide additional certainty. It is telling that the Digital Omnibus on AI Proposal delays high-risk requirements in spite of the AI Act using common specifications. This also makes sense: standards are drawn up by standardization organizations because they centralize technical expertise the Commission does not have.
Koen Vranckaert
