Enforcing the European Union’s new digital platform laws: How it is going so far
It’s already September and the European Parliament’s summer break is officially over. While the legislature was sleeping, the European Union’s (EU) tech enforcers and their counterparts—Big Tech lobbyists—have been busy plotting their next moves. If you have been away over the summer, here is what you might have missed and what that means for the state of digital rights in the EU
Google: Historic ruling without immediate consequence
Google is a monopolist in the search engine market and it abuses its dominant position. This long-known fact is now formally confirmed by a federal judge in the US. In August, the court ruled in particular that Google’s billion-dollar contracts with other tech companies like Apple and Mozilla, who make Google the default search engine almost everywhere, violate US antitrust law: “These are Fortune 500 companies, and they have nowhere else to turn other than Google.”
While the ruling has been called historic, its effects on people are far from clear. Google has announced they will appeal the decision, which could take years. But if higher courts confirm the verdict, a possible remedy might be to prohibit Google’s default search deals. That might not be a problem for Apple but small browser maker Mozilla could lose over 80 percent of its revenue.
Google has problems in Europe, too. According to the Financial Times, the monopolist had made a secret deal with its rival Meta for a tracking ads campaign targeting minors that promoted the use of Instagram. Yes, the Instagram that is suspected of being particularly harmful to minors. And yes, you are right to raise your eyebrows: such ad targeting is exactly the kind of manipulation of minors that is prohibited by the Digital Services Act (DSA).
So far the European Commission is not known to have opened any investigation into Google’s potentially illegal deal with Meta, possibly because the deal might have been limited to non-EU users. Regardless, this situation certainly does not make those companies look good.
Meta wants your money—and your kids
While Meta is busy trying to push children into using Instagram, the European Commission has found the company’s so-called “pay or consent” model to be in breach of the Digital Markets Act (DMA). In July, the Commission’s preliminary findings confirmed a previous ruling by the European Data Protection Board (EDPB) which already stated the obvious: giving users the choice between being permanently spied on for tracking ads or else paying a monthly fee for Facebook and Instagram does not constitute freely given consent at all.
To drive this point home, consumer protection organisations across the EU have doubled down on the DMA decision and sued Meta for the “pay or consent” debacle in several member states, attacking the company’s “misleading or aggressive practices” to put users under “undue pressure […] fearing that they would instantly lose access to their accounts and their network of contacts.”
Meta reacted by doing their corporate thing: instead of complying with the law, it decided to sue the EDPB in court—not only to annul the public authority’s decision, but also for damages Meta allegedly suffered. The costs of these damages would have to be borne by us, the public.
Independently, Meta also got into trouble for shutting down CrowdTangle, the one tool that gave researchers and journalists somewhat of an insight into how coordinated disinformation campaigns spread on Facebook and Instagram. In mid-August, the European Commission sent Meta a Request for Information, the first step before opening a formal investigation under the DSA. Depending on Meta’s response, the Commission could open an investigation and impose remedies and fines.
The one thing Meta might be getting right is to comply with its obligation under the DMA to make WhatsApp interoperable for one-to-one messaging with other chat apps. We know that the rival open-source chat ecosystem Matrix has been working closely with Meta to enable interoperability between the two. However, other providers could follow Matrix’s example and enable their users to connect with their friends, family and colleagues on WhatsApp, should they opt into the new feature.
X the deceiver
These days, no list of corporate tech lawbreaking would be complete without X, formerly Twitter. After a months-long investigation, the European Commission concluded in July that X is in breach of various DSA provisions: Musk’s pet website deceives users with its “Blue checkmark”, it stacks its ad repository with “design features and access barriers” that make it “unfit to provide the required transparency”, and fails to provide access to its public data to researchers.
X now has time to launch a defence but if the Commission confirms its findings, the decision could entail fines of up to 6 percent of X’s total worldwide annual turnover (even if those fines might turn out to be on the low end given the company’s revenue is in free fall since Musk took over). In reaction to national regulation Musk has already closed its office in Brazil; will ex-Twitter leave Europe now, too?
You never really own your iPhone
Meanwhile, the most valuable corporation in history continues to try to cheat its way out of the DMA. After months of back and forth with the Commission, Apple has revised yet again its DMA compliance plan. As a reminder: under the DMA, Apple is required to allow people to install apps on their own devices from whatever source they want. The company can no longer dictate that people use its monopoly App Store—which serves as a major cash cow that milks app developers via various fees while keeping them 100 percent dependent on Apple.
But instead of embracing competition and proving they’ve got the best product, Apple decided to replace the old App Store fee with a new so-called “Core Technology Fee” with which it wants to charge every app developer every time any of us installs an app—regardless of whether that app comes through Apple’s Store. It seems like they just can’t let go of the total control they’ve had over people’s devices for so long—and of the $64 billion in revenue with App Store profit margins approaching a “ludicrous 78 percent.”
On top of that, in order to shift the DMA discussion in its favour and pressure regulators, Apple started to engage in textbook-style victim blaming by announcing it will strategically withhold a couple of new iPhone features from European users and blame the EU for it—because of legal “uncertainties”.
TikTok addiction goodbye?
Strangely, the only tech behemoth that seems to know an infringement when they see one is TikTok. The provider of endless short video snippets has agreed to permanently withdraw an addictive design feature from the EU market to comply with the DSA. The so-called “TikTok Lite Rewards” programme was designed to pay users for watching more videos (and ads).
The European Commission started investigating TikTok Lite in February because the company had not done the mandatory DSA risk assessment before launch, “particularly in relation to the addictive effect of the Rewards programme, and without taking effective risk mitigating measures.” If TikTok would rather drop an entire product from the EU market than simply assess and mitigate its risks as required by the DSA, one wonders what that tells us about the product.
Telegram in real trouble
Finally, France ended the summer break with a real bang: The Paris prosecutor simply ignored the EU’s platform laws and arrested Telegram’s CEO Pavel Durov under criminal charges. According to a press release, Durov is being accused—among other things—of complicity in running an online platform in view of allowing illegal transactions and organised crime, as well as failure to register his company’s “encrypted” service as required under French law (of course, Telegram isn’t really an encrypted messaging app for most use cases).
There is a lot to unpack in this Telegram case, for instance how the use of criminal law can be used to circumvent the DSA’s conditional liability regime for online platforms, but this is material for its own blog post.
Sign up to our newsletter EDRi-gram to get the analysis of where all this is going straight into your inbox.
Jan Penfrat
Senior Policy Advisor
Mastodon: @