Our mission to make business better is fueled by readers like you. To enjoy unlimited access to our journalism, subscribe today.
Big Tech’s lobbyists have their work cut out for them in Europe—and not just in the European Union.
On Tuesday, the European Commission proposed long-awaited legislation that could see tech giants such as Facebook and Amazon pay out billions of euros in fines if they don’t stop the spread of illegal content—such as hate speech and ads for counterfeit goods—on their platforms. This law will be called the Digital Services Act, or DSA.
The DSA will be accompanied by another proposal, the Digital Markets Act, which could heavily fine or even potentially break up the largest platform operators that don’t treat business users and consumers fairly. Crucially, the DMA would attempt to stop abuses before they occur, rather than just punishing the companies after the fact.
“Many online platforms have come to play a central role in the lives of our citizens and businesses, and even our society and democracy at large,” said Thierry Breton, the internal market commissioner, in a statement. “With today’s proposals, we are organizing our digital space for the next decades.”
Also on Tuesday, the British government—whose country is no longer an EU member—announced upcoming “online harms” rules that again threaten companies with billions of pounds in fines, if they don’t scrub their platforms of illegal content, such as child sexual abuse material and terrorist material. This would apply to everyone from social networks and search engines to consumer cloud storage sites, and even video games that allow online interaction.
“Today Britain is setting the global standard for safety online with the most comprehensive approach yet to online regulation,” said U.K. Culture Secretary Oliver Dowden in a statement. “We are entering a new age of accountability for tech to protect children and vulnerable users, to restore trust in this industry, and to enshrine in law safeguards for free speech.”
The U.K.’s new rules, which will be set out in an Online Safety Bill next year, would allow for fines of up to 10% of global annual revenues, plus the potential blockage of non-compliant services. The EU’s DSA would allow for fines of up to 6% of global annual revenues.
However, the EU’s DMA proposal would be harder-hitting.
The DMA, which would allow for fines of up to 10% of worldwide turnover, with scope for further fines, will apply only to the largest “gatekeepers” that provide a link between businesses and consumers—the aim is to protect both those groups from unfair terms.
These gatekeepers could be search engines, messaging services, social networking services and even the proprietors of operating systems.
In mid-morning trade in New York, shares in Amazon, Facebook and Alphabet’s Google were down, underperforming the Nasdaq.
The EU’s Digital Services Act could mark a distinctly new era in European tech regulation, as it would update liability protections that have been in place since 2000—a time when Google and Amazon were still extremely young and Facebook didn’t even exist.
Those protections, encapsulated in the e-Commerce Directive, say “intermediary service providers” aren’t liable for the illegal content their users post, as long as they swiftly remove it once someone flags up its illegal nature. The directive also says EU countries can’t force these intermediaries—these days known as platform operators—to proactively monitor everything that happens on their platforms.
As proposed by the Commission, the DSA would leave these protections intact, but it would give Big Tech firms more responsibilities: they would have to publish annual risk assessments regarding their fight against illegal content and the spread of disinformation, and they will be audited to make sure they’re telling the truth.
“We’re relieved to see that monitoring and censorship is still not a policy option,” said Christoph Schmon, international policy director for the Electronic Frontier Foundation, the world’s biggest digital rights organization.
The DSA proposal would effectively introduce an EU counterpart to the “Good Samaritan” protections that platform operators enjoy in the U.S. under Section 230 of the Communications Decency Act—this rule means platform operators can’t be punished for trying to keep their platforms clean.
Ironically, in the U.S. there is a push by conservative lawmakers to remove this rule because they feel right-wing views are being unfairly censored by the likes of Facebook and Twitter.
As for e-commerce platforms—here’s looking at you, Amazon—the companies will need to keep a closer eye on the traders using their platforms, to ensure customer safety.
If they break the rules, they could face fines of up to 6% of global annual revenues—a similar approach to the 4% maximum fines introduced under the General Data Protection Regulation, though potentially tougher. However, unlike the GDPR, this would not be a one-size-fits-all law; the heaviest obligations would only apply to platforms with over 45 million users in the EU. The same applies to the Digital Markets Act.
This is only the beginning of the road—Commission proposals need to be scrutinized and amended by the European Parliament and member states, meaning it will take years for these rules to finally appear—but the big question is one of enforcement.
The GDPR’s fines may be big in practice, but it’s up to national authorities to enforce the law. Most Big Tech firms’ European bases are in Ireland, and the Irish privacy regulator has been reticent to issue any major fines thus far.
Indeed, on Tuesday, two and a half years after the GDPR came into force, the Irish Data Protection Commission issued its first fine in a case where it coordinated with her other EU counterparts, as the GDPR envisions for Big Tech cases. The result? A mere €450,000 ($546,500) fine for Twitter, over a data breach.
“There’s going to be quite a lot of responsibility with national states, and the GDPR isn’t a great example in that respect,” said Aline Blankertz, a project director at the Stiftung Neue Verantwortung, a prominent German think tank.
The Digital Markets Act would stop “gatekeepers” such as from using their business users’ data to compete with them—something the European Commission has already charged Amazon with doing.
Gatekeepers will also “need to allow their business users to promote their offers and conclude contracts with their customers outside the gatekeeper’s platform,” the Commission said Tuesday, adding that those business users will also need to have access to their own data.
In some cases, the platform operators will need to allow third parties to interoperate with their services.
The 10%-of-revenues maximum fine for infringements will be accompanied by “periodic penalty payments” of 5% of global revenues, if companies continue misbehaving. And if that doesn’t stop them, the Commission would be able to force the breakup of the business.
This time, the Commission itself would enforce the law; it wouldn’t be left up to individual member states.
The Computer & Communications Industry Association (CCIA)—a major trade association that counts Facebook, Google and Amazon among its members—responded cautiously to the Commission’s proposals, saying it welcomed the objectives.
“We look forward to working with EU policy makers to help ensure that the proposals meet the stated goals so that Europeans continue to reap all the benefits of digital products and services,” said CCIA Europe chief Christian Borggreen in a statement.
Meanwhile, the European Consumer Organisation (BEUC) said the plans weren’t ambitious enough, and that the European Parliament and Council should toughen them up.
“Antitrust investigations have shown how gatekeeping practices by digital players harm competition and thus limit consumer choice,” said BEUC head Monique Goyens. “But competition investigations can be too slow to prevent irreparable harm on the market. It is the right move to prohibit some practices up front instead of picking up the pieces afterwards.”
More must-read tech coverage from Fortune:
- Commentary: The Facebook and Google antitrust suits are a warning shot for all corporate giants—not just Big Tech
- Why Intuit bought Credit Karma in one of the biggest fintech deals of 2020
- U.K. startup’s breakthrough could aid quantum computers in the hunt for exotic materials
- Tom Siebel, CEO of C3.ai, discusses failure and the future after his company’s soaring IPO
- Shopify is ready for the holiday season. Just don’t call it the “anti-Amazon”