Europe champions GDPR & ‘Data Protection by Design’ (DPbD) – vital for trust. We’re also racing for global leadership in data-hungry AI & Digital Health.

Recent developments bring this core tension into focus. With the European Commission planning GDPR ‘simplification’ proposals soon (reportedly by June) aimed at cutting red tape and boosting competitiveness, especially for SMEs, the debate intensifies.

Will targeted tweaks be enough to fuel innovation across the board? Or does the core paradox remain for complex, data-intensive R&D? Does strict DPbD, even if simplified for some, inevitably curb the speed needed to compete globally? 

What single step is most crucial to resolve this now?

• Targeted Simplification: Is the reported focus on SMEs & reporting rules the right priority? Will it genuinely help without weakening protection or opening loopholes? 
• Clearer R&D Guidance: Beyond simplification, do we urgently need better official guidance on applying DPbD flexibly during research phases? 
• Tech Solutions (PETs): Should the primary focus be aggressively scaling Privacy-Enhancing Technologies to enable safe and innovative data use? 
• Fundamental Debate: Is this simplification push the start of a needed, frank discussion about acceptable trade-offs for global competitiveness?

What’s your perspective as GDPR potentially evolves?

Will simplification solve the innovation friction, or is it just scratching the surface?

How do we best navigate this?