The year since the 2025 Computers, Privacy, and Data Protection has made Europe more distinct as an entity. Two years ago, we were being chastised for paying insufficient attention to structural corporate power. At this conference last year, we were warned about “simplification”, since published as the Digital Omnibus that threatens to undo some aspects of data protection and other privacy rights.
This year, we heard a lot about “European values”. Invoked as a metric: does “simplification” measure up or is it a sign of weakening? Invoked as a frame to guide developing the digital euro. Invoked as a reason why digital sovereignty is increasingly essential. In November 2025, 23 European countries signed a declaration embracing the latter as a policy.
And yet, although Plixavra Vogiatzoglou introduced a panel discussion by calling digital sovereignty “urgent because of Trump’s trade wars”, she then said it was unrealistic.
There’s a lot to like in the 2025 declaration, which lists as principles open source solutions, the principle of common assets, competitive markets, and democracy. The problem, as Vogiatzoglou said, is that Europe doesn’t make all the necessary components for building its own bottom-to-top stack. The investment required is likely to favor the wealthiest countries, deepening the imbalances that already favor US technology companies.
This is the “sovereignty paradox,” as Zuzanna Warso called it. Replicating the current infrastructure with little change other than a different owner isn’t the right goal – as someone said later, who wants a European Palantir? Warso favors redesigning the technical ecosystem to foster the “digital commons” – and being honest about the tradeoffs.
The same theme reappeared in a discussion of agentic assistants: they will ultimately sit on infrastructure belonging to the same few hyperscalers. Frederika Kaltheuner posited three scenarios: full vertical integration (like Google), integrated models and software (Anthropic and Claude Code), or open source and smaller models, which she thought was Europe’s only opportunity for sovereignty.
All of this seems set to get worse with agentic AI, which, Apple’s Gary Davis said, will allow agents onto all our devices capable of listening, observing, inferring, and acting across apps. What controls do we want? I personally want the control of barring this proposed technological future from my life, but how many of us will have that choice? Davis also noted the European Commission’s release, a few weeks ago, of proposals for requiring Google to allow competing AI services onto Android. If they follow through, he said, it will allow a large-scale privacy and security experiment on European users. While Davis’s employer has its own rasons for opposing this, he has a point. This is untried technology controlled by a handful of companies that could give them overwhelming power over individuals.
Among other new threats to privacy was eye tracking, a constant reality in games played with virtual reality headsets that could easily spread more widely via augmented reality smartglasses. The only way for Europe to counter this, Michael Raschke said, is to create large market-leading companies to act as gatekeepers to intermediate to meet European expectations of security and privacy.
A discussion of the digital euro had this same backdrop: part of the point is to reclaim some of the payments business from US giants Visa and Mastercard. Although, that’s over-simplified: the plans include offline and online versions of the digital euro which do different things. The offline version is meant as a digital reinterpretation of cash that allows anonymous person-to-person payments. The online version is…well, it’s hard to distinguish it from a bank transfer, except that “central bank digital currency” makes stuffy old banks sound kind of cool? Or it did when “crypto” was new and hot. The British equivalent, the digital pound, is in the design phase.
Those thoughts made Leon Schumacher‘s spirited intervention satisfying: where, he asked, was future-proofing against quantum computing, or accommodation for agentic AI, which is expected to underpin…well, no one knows quite how much in transactions, but they’re willing to guess. A trillion dollars, says McKinsey; up to $17.5 trillion, thinks Deloitte, $190 to $385 billion, per Morgan Stanley. Weirdly they all agree on *when*: by 2030. The digital euro is intended to arrive in 2029.
Meanwhile, there is simplification, which has few fans in the privacy world. As Orla Lynskey noted, simplification doesn’t *have* to mean deregulation – however, the European Commission’s proposals reduce rights, facilitate more data processing and *don’t* simplify. Plus, she added, changes of this magnitude require more time for thought and care.
Even business folk present, such as Spanish company founder Alicia Asín Pérez, thought deregulation was less important than many other constraints on business on her list. “My concern is, who area we deregulating for? What will be the consequences?” she said.
What most people favored instead is less fragmentation, and enforcement of the laws we have, a long-running theme at this event.
The former MEP Sophie in t’ Veld had a different take on European values. “We are obsessed with the US,” she said. “But it’s happening right here.” She called out government leaders for ignoring orders from the European Court of Justice, courts for rubber-stamping requests to target journalists with spyware, and called governments not using spyware complicit by their silence.
Illustrations: EU flag (via Wikimedia).
Wendy M. Grossman is an award-winning journalist. Her Web site has an extensive archive of her books, articles, and music, and an archive of earlier columns in this series. She is a contributing editor for the Plutopia News Network podcast. Follow on Mastodon or Bluesky.
Reader Paul Oldham points out that the data issues really only apply to the NHS in England, as health is one of the devolved areas in Scotland and Northern Ireland. Also, I gave Terence Eden’s last name incorrectly as “Meaden” (this has been fixed).
wg.