EU Parliament, Brussels, November 17, 2025, P-004565/2025 Commission.
Written Question.
The Commission has signaled that the forthcoming Digital Omnibus may introduce changes to concepts of the General Data Protection Regulation (GDPR) such as compatible use, purpose limitation and secondary processing. Since the GDPR forms the legal foundation for the European digital identity wallet, digital travel credentials (DTCs) and other identity and biometric systems, any modification of these concepts could materially affect the guarantees on which these systems were legislated.
1. Will the Commission explicitly confirm that any expansion of ‘compatible use’ under the omnibus will not enable personal, identity-linked or biometric data collected under the revised Electronic Identification and Trust Services Regulation (eIDAS 2.0) or for DTCs to be repurposed for analytics, AI training, or security or intelligence objectives?
2. How will the Commission ensure that identity or travel-related data cannot be further processed beyond the purposes that were originally authorised by sectoral legislation, even if the horizontal GDPR framework becomes more permissive?
3. Does the Commission commit to
maintaining strict purpose limitation for all identity and authentication
systems irrespective of any omnibus-related GDPR adjustments?
