The CERTAIN project participated in Data Week 2026, the spring gathering of the European data and AI research and innovation community, where participants share knowledge and results, build new collaborations, and connect ongoing research to European policies and market needs.
Data Week 2026, organised by the Big Data Value Association (BDVA) together with IFE, NTNU, SINTEF, Western Norway Research Institute and supported by the Research Council of Norway, took place on 5–6 May in Oslo. Under the theme “Data Fjords: Unlocking AI for Industry and Society,” the event brought together researchers, practitioners, and policymakers focused on the fundamental elements of data value creation, with artificial intelligence as the central thread.
On the 6th of May, CERTAIN joined a cross-project panel session titled “Bridging the Legal-Technical Gap: Practical Insights on the Digital Omnibus,” contributing alongside partners from the DICE Alliance (ACHILLES, DATAPACT), along with ART-AI and ASCII Lab projects. The session addressed one of the most pressing questions in the EU data ecosystem right now: as the Digital Omnibus proposal moves toward adoption, what does it actually mean in practice: for legal compliance, for technical design, and for the organisations building the tools and data spaces that will have to implement it?
A Cross-Disciplinary Conversation
The session was designed from the outset as a dialogue between legal and technical perspectives, and that framing shaped every contribution. The Digital Omnibus pursues burden reduction through legislative simplification, but as the session made clear, operationalising legal requirements in real compliance lifecycles raises a prior question: what does the technical toolbox need to look like, and how does the Omnibus support or complicate building it?
Topics explored across the panel included the revised regime for data intermediation services (now in the Digital Omnibus proposed as voluntary rather than compulsory) and what that shift means for providers deciding whether to seek the EU label; the new conditions under which residual processing of sensitive data in AI development would be permissible, and how privacy-by-design measures can be implemented technically to meet them; the evolving concept of “necessity” thresholds for sensitive data processing and automated decision-making; and the interaction between legal compliance requirements and practical tooling across domains including automated contracting in data spaces, digital product passports, and cybersecurity compliance.
CERTAIN’s Contribution
Olena Denysenko from the University of Tartu presented on behalf of CERTAIN, drawing directly on Work Package 3 and the D3.4 compliance guidelines, which are currently under development. At the heart of the presentation was a live demonstration of the Logical Decision Tree Model (LTM) – a prototype compliance tool that translates 198 extracted legal requirements from the Data Act, the Data Governance Act, the GDPR, and the AI Act into a structured, tailored guidance output for data holders and data space operators.
Rather than presenting the Digital Omnibus as an abstract policy development, the demonstration showed its impact concretely: two actors grounded in CERTAIN’s own pilots were walked through the LTM under current law and then again under the proposed Omnibus framework. The side-by-side comparison made visible what is rarely shown so directly: that the Digital Omnibus does not affect all actors equally, and that understanding its practical impact requires looking at specific actor profiles, specific data types, and specific compliance paths – exactly the kind of granular analysis that CERTAIN’s compliance tool is built to support.
Reception and Looking Ahead
The session generated strong cross-disciplinary engagement, with the Q&A surfacing the kind of legal-technical tensions the panel was designed to explore. The presentation produced three concrete follow-up contacts from external stakeholders who expressed interest in the CERTAIN project and its guidelines work.
CERTAIN’s compliance guidelines work continues, with D3.4 on track for submission in June 2026 and the full interactive compliance tool to be finalised in D3.5. If you are a data holder, data space operator, or AI developer navigating the EU data regulatory landscape and want to explore what compliance-by-design could look like for your organisation, we would love to hear from you.
Session speakers:
- Julie Mannekens (Centre for IT & IP Law – CiTiP, KU Leuven)
- Vladimir Apraxine A. (Centre for IT & IP Law – CiTiP, KU Leuven)
- Tervel Bobev (Centre for IT & IP Law – CiTiP, KU Leuven)
- Sharon Xuereb (Camilleri Preziosi Advocates)
- Olena Denysenko (University of Tartu)
- Kartik Chawla, PhD (TNO)
Slides: Bridging the legal-technical gap: practical insights on the Digital Omnibus