This is a win indeed, but what people don’t see is that most times “exaggerated and abrasive” regulation like that is only proposed to hide up other clauses and proposals that are equally bad or even worse - get the public distracted and thinking they made a difference and that the EU listens to them.
At the end of the day they’re still pushing for installing mandatory SSL root certificates in browsers (allowing for traffic interception) as part of the eIDAS upcoming regulation.
Another thing that people miss, and that most Americans folks would lose their minds about while reading this, is the fact that eIDAS also brings an unique electronic identification for each European citizen company, “a digital solution for proof of identity of citizens or organizations” backed by asymmetric cryptography with the end game of replacing paper documents.
To be fair this isn’t a new thing, most countries in Europe already provide standardized smartcards as citizen identity cards that use asymmetric cryptography so you can electronically sign documents and login to gov services with them. Said signatures have legal value and in some cases - such as lawyers and doctors - you’re required to sign documents and prescriptions with the card. eIDAS just pushed it even further.
Just imagine the potential for a govt/EU to revoke your oficial / legal identity at any time :)