In the last few weeks, the EC has published its 2025 Work Programme, an EU competitiveness Compass and a Communication on safe and sustainable e-commerce. We look at some of the highlights with a focus on technlogy and consumer protection.

EU Competitiveness Compass

The EC published a Communication on an EU Competitiveness Compass with a fact sheet on 29 January 2025. Drawing on the Draghi report, the Compass is composed of three pillars: closing the innovation gap, decarbonisation, and reducing dependencies while enhancing security. The EC also points to five horizonal enablers to underpin competitiveness: simplification, single market, financing, skills and jobs, and coordination. There are a number of legislative priorities of interest in both tech and ESG/circular economy. These include:

• Various simplification omnibus packages to cover elements including on sustainability reporting and a digital package which will cover data protection, cyber security and digital IDs (Q4 2025)

• A Circular Economy Act to encourage investment in recycling and other waste management proposals (Q4 26) 

• A range of actions on the environment and internal security and resilience 

• A 28th legal regime – to enable companies to benefit from harmonised EU laws rather than laws of 27 Member States. This will cover a wide range of areas including corporate law, insolvency, employment and tax (Q4 25-Q1 26). 

• European Innovation Act (Q4 25-Q1 26) 

• Digital Networks Act which will regulate digital networks and net neutrality (Q4 25) 

• European Research Area Act (2026) 

• AI Factories Initiative (Q1 25) 

• EU cloud and AI Development Act (Q4 25-Q1 26) 

• EU quantum strategy and a Quantum Act (Q4 25) 

• Various life sciences initiatives 

• A revised single market strategy and various initiatives around skills and jobs. 

This sets out a lot of the Commission's legislative agenda for the next few years.

EC Communication on safe and sustainable e-commerce

The EC published a Communication on a comprehensive EU toolbox for safe and sustainable e-commerce on 5 February 2025. This sets out the Commission's approach to addressing challenges posed by e-commerce imports across their lifecycle. The Communication looks at issues around product safety, customs, environmental and consumer protection in the context of the existing legal framework including the DSA and product safety rules, and at what may need to be done going forward. This includes making customs and market surveillance authorities more resilient and effective, and potentially introducing a handling fee on EU deliveries for goods coming from outside the EU. The Commission will assess and report on the highlighted areas and consider whether to propose new measures within one year.

The Commission is particularly concerned with safety standards of non-EU goods and Chinese platforms Shein and Temu are among those under the scrutiny of European Consumer Group BEUC which is asking the Commission to take action. Temu is also under investigation under the DSA.

European Commission Work Programme 2025

On 11 February 2025, the European Commission published its 2025 Work Programme. Many of the highlighted proposals were also mentioned in the EU Competitiveness Compass. Some notable additions include:

• The next Consumer Agenda 2025-2030, which will include a new action plan on consumers in the single market. As part of this, public consultations on the European Commission's planned Digital Fairness Act are expected to take place in the next few months. The consultations will look at fairness by design and existing regulatory gaps. A legislative proposal is not expected until early 2026. 

• A new action plan to implement the European Pillar of Social Rights (Q4 25) and a European Democracy Shield (Q3 25) – both of which are non-legislative.

Many existing legislative proposals are retained, including the Financial Data Access Regulation, various payment initiatives, initiatives on waste, on electrical vehicles and on toy safety. To little surprise, the European Commission has confirmed the withdrawal of the ePrivacy Regulation after years of deadlock. The Commission is expected to replace it with separate legislative proposals on data retention, cookies and digital advertising. The AI Liability Directive was another casualty although the European Parliament is hoping to cover similar ground in a software liability law. The Digital services Tax Directive and the Regulation on Information Security in EU Institutions have also been withdrawn.

Communication on a simpler and faster Europe

On 11 February 2025, the EC published a Communication on a simpler and faster Europe, which sets out a five year plan for simplifying the way the EU works and reducing red tape and bureaucracy. The Omnibus packages announced in the Work Programme will be a key deliverable. These are intended to streamline regulatory compliance, including in the area of data breach and other required cyber notifications. The Digital package will entail a review of the Cybersecurity Act and simplification of cyber security legislation. This will form part of a broader review of the digital acquis and whether that accurately reflects the needs and constraints of businesses including SMEs. "Among other things a European Data Union Strategy will address existing data rules to ensure a simplified, clear and coherent legal framework for businesses and administrations to share data seamlessly and at scale, while respecting high privacy and security standards". There will also be a gradual stress-testing of the stock of EU legislation (fitness checks).

What does this mean for you?

In short, there is a lot more legislation to come from the EU. The demise of the ePrivacy Regulation, while long expected, leaves a gap in the data/cyber security regime and we will have to wait to see exactly what is proposed to fill it. The overall focus on growth, technology and sustainability as well as defence and critical resilience, is one with which the UK will be familiar and we can expect to see parallel regimes emerging in a number of areas.