BRUSSELS — The European Commission said it is “not empowered to take action” amid concerns about the appointment of a former tech lobbyist to Ireland’s privacy regulator. The Irish Council for Civil Liberties — a non-profit transparency campaign group — on Tuesday filed a complaint calling on the Commission to launch an inquiry into how Niamh Sweeney was appointed to co-lead the Irish Data Protection Commission. Citing reporting from POLITICO, the complaint alleges the appointment process “lacked procedural safeguards against conflicts of interest and political interference.” It’s the first formal challenge to the decision after Sweeney took up her role as one of three chief regulators at Ireland’s top data regulator this month. Her prior experience as a lobbyist for Facebook and WhatsApp reignited concerns that the regulator is too close to Big Tech. In response to the complaint, Commission spokesperson Guillaume Mercier said that “it is for the member states to appoint members to their respective data protection authorities.” The Commission “is not involved in this process and is not empowered to take action with respect to those appointments,” Mercier told a daily press briefing Tuesday. He emphasized that countries do need to respect requirements set out in EU law — that the appointment process must be “transparent,” and that those appointed should “have the qualifications, the experience, the skills, in particular in the protection of personal data, required to perform their duties and to exercise their powers.” The complaint asked the Commission to look into the appointment as part of its duties to oversee the application of EU law, claiming these responsibilities had not been met by Ireland. Sweeney was appointed by the Irish government on the advice of the Public Appointments Service, the authority that provides recruitment services for public jobs, which has previously expressed its full confidence in the process.

Political posturing over migration has delivered yet another blow to Europe’s beleaguered free-travel zone. Faced with right-wing demands at home to control the flow of people arriving from outside the EU’s borders, the leaders of Poland and Germany are seeking easy wins which might placate populists — but put the once-sacred Schengen area on life support. Warsaw’s patience with Germany sending migrants back to Poland “is becoming exhausted,” Polish Prime Minister Donald Tusk said, as he announced the imposition of checks on his country’s borders with Germany and Lithuania from July 7. Almost four decades after the introduction of the borderless travel area that encompasses 450 million people from 29 countries — four of which aren’t in the EU — supposedly temporary border controls in the name of exceptional security concerns are increasingly the norm, creating the impression Schengen exists more in name than in substance. But with the rise of far-right parties and several years of migration from Ukraine — and before that, the Middle East — carveouts to the border-free zone rules have become an easy solution for politicians looking to show they mean action. “We consider the introduction of controls necessary,” Tusk said, pointing the finger at Germany’s “unilateral” action. In May, the conservative-led government of Chancellor Friedrich Merz ramped up checks on Germany’s borders, including with Poland, following pressure from Berlin’s own opposition party, the far-right Alternative for Germany (AfD). Warsaw’s patience with Germany sending migrants back to Poland “is becoming exhausted,” Polish Prime Minister Donald Tusk said. | Rafal Guz/EPA German police will turn away more undocumented immigrants, including asylum seekers, Merz said. The move further bolstered border controls the previous government had already put in place October 2023. The crackdown riled Germany’s neighbors, including Poland, despite Merz’s promises to step up Berlin’s relationship with Warsaw — an alliance he considers key for driving a united European defense policy. While politicians have warned Germany’s controls could chip away at the free movement of people and goods within the Schengen area, critics have also called the border measures largely symbolic. Poland’s Fakt newspaper said that German authorities returned 1,087 people to Poland between May 1 and June 15 this year, pointing out that those numbers aren’t significantly different from last year’s. According to German police union figures, the new checks led to 160 asylum applicants being rejected in the first four weeks. It’s a small fraction of total refusals — on average, up to 1,300 people per week are rejected for lacking the necessary documentation. Germany’s move, however, has created a political problem for Tusk’s ruling centrist Civic Coalition. Having narrowly lost the presidential election to the populist Law and Justice (PiS) party, it’s feeling the hot breath of rightwing opposition parties that want a tougher stance on migration. Civic Coalition and PiS are currently neck-and-neck in POLITICO’s Poll of Polls and the hard-right Confederation has surged since the last general election in 2023. All 3 Years 2 Years 1 Year 6 Months Smooth Kalman Polish civilian vigilante groups tied to right-wing parties are staging patrols along the frontier with Germany. “Poland’s western border is ceasing to exist,” Mariusz Błaszczak, a senior PiS politician, warned last week. He blamed Tusk’s “servility toward Berlin.” Sławomir Mentzen, a Confederation leader, accused the Polish Border Guard of cooperating with Germany in accepting illegal migrants. The government has denounced those attacks. “Don’t play politics with Poland’s security. This is not the time or place for such actions,” Tomasz Siemoniak, Poland’s interior minister, said on X.  Poland’s retaliatory controls have also put Merz’s border policy in the firing line, with Germany’s left-wing opposition painting Warsaw’s decision as a clear setback. “This is a devastating signal for a German government and a ‘foreign chancellor’ Merz, who promised to regain trust in Europe,” Chantal Kopf, a lawmaker for the Greens, told POLITICO. Knut Abraham, a member of Merz’s conservatives and the government’s coordinator for the German-Polish relationship, in an interview with Welt also warned against lasting checks. While they are “necessary as a political signal that migration policy in Germany has changed … the solution cannot be to push migrants back and forth between Poland and Germany or to cement border controls on both sides,” he said. Merz on Tuesday defended Germany’s border checks. “We naturally want to preserve this Schengen area, but freedom of movement in the Schengen area will only work in the long term if it is not abused by those who promote irregular migration, in particular by smuggling migrants,” he said.

The Baltic countries on Friday signed a deal pledging to jointly plan for mass evacuations as the specter of bellicose Russian President Vladimir Putin looms over the region. The interior ministers of Lithuania, Latvia and Estonia committed to develop joint mass evacuation plans, streamline information exchange and ensure vulnerable groups are not left behind during evacuations. Data will be shared on evacuation capacity, possible evacuation corridors and the status of key border crossings, as fears grow over the security situation in the Baltic region as Putin continues to wage war on Ukraine.   “Clear procedures are crucial, as is the rapid exchange of information,” said Lithuania’s Interior Minister Vladislav Kondratovič in a press release, adding that this would ensure a quick roll out of measures and ensure there is no panic before and during a crisis. “It is important for the Baltic countries to maintain a unified approach and coordinate actions when threats arise in order to ensure the safety of our people — especially in the event of large-scale evacuation,” he said.   The move comes ahead of Zapad 2025 — the joint military exercise between Moscow and Minsk — set to take place in Belarus this September. Allied officials are increasingly uneasy about the drills, which some see as a potential prelude to aggression. Belarusian opposition leader Sviatlana Tsikhanouskaya warned in a recent interview with Euronews that the exercises pose a real threat, noting that Zapad 2021 preceded Moscow’s full-scale invasion of Ukraine.  The Baltic agreement follows a joint declaration made in late May by the interior and civil protection ministers from eight EU countries — Belgium, Estonia, Latvia, Lithuania, Luxembourg, the Netherlands, Finland and Sweden — calling for urgent additional measures to strengthen civil protection, preparedness and resilience both nationally and at the EU level. The statement underscored that national security is not only about military readiness but also hinges on civil preparedness. The capacity to maintain internal stability and respond to a wide range of crises, from natural disasters to hybrid threats, is vital “to protect our citizens and to help them protect themselves, now and in the future,” the ministers wrote in the joint statement.

BRUSSELS — The European Union’s most iconic tech law was long thought to be untouchable. Those days are over. The EU executive on Wednesday will present its plan to amend the General Data Protection Regulation, GDPR for short, to ease reporting requirements for small and cash-strapped businesses. That same evening, EU officials are negotiating the final details of a separate law that’s meant to fix some of what’s seen as the GDPR’s original design flaws. It’s the latest law to fall victim to the European Commission’s drive to slash red tape and “simplify” EU legislation for the benefit of businesses and growth. The EU’s landmark economic report by former Italian Prime Minister Mario Draghi warned in September that Europe’s complex laws were preventing its economy from keeping up with the United States and China. Draghi singled out the GDPR in particular as hampering innovation. Digital rights groups and EU insiders often praise the GDPR for setting the global standard for the protection of privacy. For many businesses, though, it is seen as a symbol of costly, burdensome EU rules. But changing the GDPR threatens to topple a delicate balance between privacy activists and business lobbies in Brussels. Mario Draghi singled out the GDPR in particular as one of the laws hampering innovation. | Teresa Suarez/EFE via EPA Negotiations on the GDPR from 2012 to 2016 triggered one of the biggest lobbying efforts Brussels has ever seen. Since it took effect in 2018, the EU has steered clear of amending it, fearing it would reignite the vicious lobbying war. The Commission has preempted some of those worries, saying its simplification proposals will be limited to easing reporting requirements and won’t touch the underlying principles of the GDPR.   A review of the law last summer showed “the need for greater support [for] businesses, especially SMEs, in their compliance efforts,” Justice Commissioner Michael McGrath said.   Emails seen by POLITICO earlier this month showed the proposal is expected to extend reporting exemptions currently reserved for SMEs (with fewer than 250 employees) to mid-cap companies (with fewer than 500 employees). It would also create more exemptions for these smaller businesses, freeing them from keeping records or preparing privacy impact assessments. On Wednesday evening, negotiators will head into final crunch talks to agree on extra rules to speed up GDPR investigation procedures. The new rules aim to spur sluggish cross-border data protection probes, which can drag on for years and often involve Big Tech companies. The goal is to set clearer ground rules for how national data protection regulators work together, clarify the rights of complainants and those being investigated during the process, and, crucially, set concrete deadlines for investigations.  According to four people familiar with the negotiations, most of the text has already been agreed, and the main things left to be hammered out on Wednesday evening are the length of deadlines and judicial remedies.   The EU is unlikely to stop there in its efforts to trim its famed privacy law. When consulting companies and experts about Wednesday’s proposal, the Commission said there could be “possible future reflection on the application of the GDPR.” In a separate consultation about an upcoming Data Union Strategy, it also name-checked the GDPR as one law on the table for possible “consolidation.”  And countries have asked the EU executive to clarify how the new Artificial Intelligence Act interacts with the GDPR, according to a document obtained by POLITICO. Pieter Haeck contributed reporting.

The highly politicized tussle over Italy’s financial system took another twist on Monday as Milan-based Mediobanca struck back against a government-backed bid from Monte dei Paschi di Siena. The investment bank, which has played kingmaker and all-round power broker in countless Italian corporate battles, said on Monday it wants to acquire the banking arm of insurer Assicurazioni Generali to create an “Italian champion” in wealth management, using its current 13.1 percent stake in Generali to finance the acquisition. The proposal values Banca Generali at €6.3 billion, some 6 percent more than its closing price on Friday in Milan. In a nod to Rome, where the government has expressed concern about increasing foreign influence in the financial sector, Mediobanca said it would create an “Italian champion” in wealth management. Mediobanca is itself currently the subject of a hostile bid from Monte dei Paschi di Siena that enjoys the support of influential figures in the right-wing government in Rome. The government has indicated it wants to build MPS, which is still partly state-owned, into a force capable of competing with the country‘s two biggest banking groups, Intesa Sanpaolo and UniCredit. Mediobanca CEO Alberto Nagel told reporters in a press conference on Monday he views its alternative vision as “much more valid” from a strategic perspective than MPS’s bid. Mediobanca’s move will need approval from the Italian government under its “golden power” rules, (which are typically used to screen foreign investment), Nagel told reporters. However, he argued that there should be no problems on this score, as it would create “a national leader in asset management,” which is “exactly” what Prime Minister Giorgia Meloni has been advocating for. Mediobanca said it expects the deal to close as soon as October. The developments come barely a week after Rome used its ‘golden power’ to obstruct UniCredit’s planned takeover of Milan-based Banco BPM, which some in government would reportedly prefer to see merged with MPS. UniCredit said last week that the conditions imposed by the government made it impossible to proceed with its bid at present. The procedure has caught the eye of the European Commission, which has asked Rome for clarifications on how it used the tool. The deal would also give Assicurazioni Generali control over a large block of its own stock, making it more difficult for minority shareholders to dislodge its current management. Generali’s CEO Philippe Donnet defeated a motion to depose him at the company’s shareholder meeting last week, brought by the holding companies of two of Italy’s richest families. Donnet, a Frenchman, is currently forcing through a merger with the asset management arm of French group Natixis, a move that Rome fears will dilute its informal influence over one of the biggest holders of Italian government debt. Governments everywhere are anxious to keep as much control over the markets in which they borrow, conscious that decades of deficits have raised doubts over their ability to ever pay back their debts.

Ireland’s privacy regulator launched an investigation on Friday into how social media platform X has used Europeans’ personal data to train its artificial intelligence model Grok. The move to target the platform owned by Elon Musk, tech billionaire and right-hand man to United States President Donald Trump, is likely to stoke further tensions between the EU and U.S. over Europe’s tech rules and regulations. The probe by Ireland’s Data Protection Commission (DPC) looks into how personal data “in publicly-accessible posts” on X were processed to train Grok, the regulator said in a statement on Friday. Musk’s AI startup xAI has been developing a group of AI models under the name Grok, which are used to power things like the AI chatbot available on the X platform. Grok’s gobbling of EU data was already the subject of scrutiny from the Irish regulator last year, when X — after a battle in the Irish courts — agreed to suspend the use of EU citizens’ data to train its AI models. The Irish regulator said on Friday that its new investigation will examine whether X has been complying with the EU’s General Data Protection Regulation (GDPR), including whether data was processed lawfully and according to transparency rules. X did not immediately respond to a request for comment.