The EU’s war on Big Tech just got a second front – MEXC Exchange

The EU’s Broadening Offensive: A New Era of Digital Regulation Against Big Tech

The European Union has long positioned itself as a global pioneer in digital regulation, a commitment that has intensified dramatically over recent years. What began as targeted antitrust inquiries and landmark data privacy legislation has now evolved into a comprehensive, multi-front campaign aimed at fundamentally reshaping the operational landscape for the world’s most powerful technology companies. The assertion that “the EU’s war on Big Tech just got a second front” signals not merely an incremental policy adjustment, but a significant escalation and diversification of regulatory ambition. This expansion moves beyond the crucial objective of fostering fair market competition — epitomized by the Digital Markets Act (DMA) — to embrace a broader spectrum of societal and economic concerns, most notably online safety, content moderation, and systemic risk mitigation, largely addressed by the Digital Services Act (DSA) and a renewed vigour in traditional antitrust enforcement.

This article delves into the intricate details of the EU’s evolving regulatory strategy, identifying the established “first front” and elucidating the nature and implications of this pivotal “second front.” We will explore the underlying motivations for these bold legislative interventions, analyze their profound impact on tech giants, consumers, and smaller businesses, and critically examine the challenges and potential global ramifications of the EU’s audacious quest to establish a more equitable and responsible digital ecosystem. The stakes are immense, promising to redefine how digital services are designed, delivered, and consumed worldwide.

Table of Contents

• The EU’s Broadening Offensive: A New Era of Digital Regulation Against Big Tech
• Table of Contents
• The First Front: The Digital Markets Act (DMA) and the Quest for Market Fairness
  • Unveiling the DMA: Purpose and Scope
  • Key Obligations for Gatekeepers: A Paradigm Shift
  • Initial Impact and Challenges of DMA Enforcement
  • The Rationale Behind the DMA: Leveling the Digital Playing Field
• The Emergence of the Second Front: Broadening the Regulatory Offensive
  • Identifying the “Second Front”: A Multi-pronged Approach
  • The Digital Services Act (DSA): A New Paradigm for Online Safety and Accountability
  • DSA Core Objectives and the Fight Against Online Harms
  • Scope and Obligations for VLOPs and VLOSEs
  • Distinction from DMA: A Complementary Framework
  • Early Enforcement and Impact of the DSA
• Beyond the DMA and DSA: Multifaceted Regulatory Pressures
  • Renewed Antitrust Scrutiny under Traditional Law
  • Data Protection (GDPR) Enforcement Intensification
  • Emerging Fronts: AI Regulation and Sector-Specific Rules
• The EU’s Regulatory Philosophy: A Model for the Digital Age?
  • A Values-Driven Approach: Prioritizing Rights and Fairness
  • The Global Ambition and the “Brussels Effect”
  • Contrasting Approaches: EU, US, and China
• Impact and Implications: A Multi-Stakeholder Analysis
  • For Big Tech Giants: Navigating a New Regulatory Maze
  • For Consumers: More Choice, Safety, and Privacy?
  • For Smaller Businesses and Startups: Leveling the Playing Field?
  • Geopolitical Ramifications and Tech Sovereignty
• Challenges and Criticisms of the EU’s Approach
  • Enforcement Power and Resources: A Gargantuan Task
  • Legal Battles and the Search for Loopholes
  • Balancing Innovation and Regulation: A Delicate Act
  • Unintended Consequences and Regulatory Overreach
  • Defining Harm: The Subjectivity Challenge
• The Road Ahead: What Comes Next in the EU’s Tech War?
• Conclusion: A Redefined Digital Future

The First Front: The Digital Markets Act (DMA) and the Quest for Market Fairness

Unveiling the DMA: Purpose and Scope

The Digital Markets Act (DMA), which began its enforcement phase for designated “gatekeepers” in March 2024, represents the EU’s initial and arguably most direct assault on the entrenched market power of Big Tech. Its primary objective is to ensure fair and contestable markets in the digital sector by preventing large online platforms from abusing their dominant positions. The DMA targets a select group of companies — currently Alphabet (Google), Amazon, Apple, ByteDance (TikTok), Meta, and Microsoft — that are designated as “gatekeepers.” This designation is based on a set of quantitative thresholds (e.g., market capitalization, number of users) and qualitative criteria that assess their significant impact on the internal market, their control over important cores platform services (CPS), and their entrenched and durable position.

The core platform services covered by the DMA are extensive, ranging from online intermediation services (like app stores, marketplaces, and social media) and search engines to operating systems, web browsers, virtual assistants, and cloud computing services. By focusing on these fundamental services, the EU aims to address systemic issues that have historically stifled competition and innovation within the digital economy.

Key Obligations for Gatekeepers: A Paradigm Shift

The DMA imposes a series of strict, pre-defined obligations — often referred to as “dos and don’ts” — on designated gatekeepers, moving away from lengthy, case-by-case antitrust investigations. These obligations are designed to dismantle anti-competitive practices and foster a more open digital environment:

• Interoperability Requirements: Gatekeepers must allow third-party services to interoperate with their own, for instance, enabling messaging services to communicate across different platforms (e.g., WhatsApp with Telegram).
• Data Portability: Users must be able to easily switch between different platforms and port their data, including data generated through their activity, to alternative services.
• App Store Rules: Gatekeepers running app stores must allow alternative app stores and sideloading of applications, and permit developers to use third-party payment systems, circumventing the gatekeeper’s own potentially monopolistic payment processing fees.
• Prohibition on Self-Preferencing: Gatekeepers are forbidden from ranking their own products or services more favorably than those of competitors on their platforms.
• Anti-Steering Provisions: They cannot prevent businesses from offering products or services to end-users outside the gatekeeper’s platform at different prices or under different conditions.
• Fair Access for Business Users: Gatekeepers must provide business users with fair, non-discriminatory, and transparent access to their services, including data generated on the platform.

These obligations are not merely suggestions; non-compliance can result in substantial penalties, including fines of up to 10% of a company’s total worldwide annual turnover, increasing to 20% for repeat infringements, and even structural remedies in cases of systematic non-compliance.

Initial Impact and Challenges of DMA Enforcement

The enforcement phase of the DMA has already seen significant activity. Tech giants have had to announce substantial changes to their business models, particularly concerning app stores, messaging services, and advertising practices. Apple, for instance, has introduced a new framework for app distribution in the EU, allowing alternative app marketplaces and offering developers new business terms. Google has adjusted its search results, browser choice screens, and ad tech practices. Meta has started offering users in the EU the option to use its services without personalization based on combining data from different platforms, or to pay a subscription fee. These initial compliance efforts, however, have not been without controversy, with critics questioning whether the proposed changes go far enough to truly meet the DMA’s spirit, leading to the European Commission initiating investigations into several companies’ compliance proposals.

The challenges are manifold: interpreting complex legal text, adapting intricate technical systems, and navigating potential legal battles. Gatekeepers are well-resourced and are likely to push the boundaries of compliance, necessitating robust oversight and enforcement by the European Commission.

The Rationale Behind the DMA: Leveling the Digital Playing Field

The DMA’s existence stems from a recognition that traditional antitrust tools were often too slow and reactive to effectively address the fast-evolving digital economy. Years of protracted investigations against tech giants yielded limited results in terms of structural change. The EU concluded that ex-post enforcement was insufficient against companies whose market power, network effects, and data advantages allowed them to quickly entrench their positions, acquire nascent competitors, and erect insurmountable barriers to entry. The DMA’s ex-ante regulatory approach — setting clear rules proactively — aims to foster genuine competition, stimulate innovation by reducing the hurdles for smaller businesses and startups, and ultimately provide consumers with greater choice, better services, and fairer prices.

The Emergence of the Second Front: Broadening the Regulatory Offensive

Identifying the “Second Front”: A Multi-pronged Approach

While the DMA meticulously addresses issues of market dominance and fair competition, the “second front” in the EU’s campaign against Big Tech signifies a crucial expansion into other vital areas of online governance. This is not a single, isolated piece of legislation but rather a convergence of intensified efforts, primarily anchored by the **Digital Services Act (DSA)**, coupled with renewed vigor in traditional antitrust enforcement, bolstered data protection measures, and proactive steps towards regulating emerging technologies like AI. This multi-pronged approach demonstrates the EU’s holistic view of the systemic challenges posed by tech giants, extending beyond economic competition to encompass user safety, platform accountability, and the integrity of online information spaces.

The Digital Services Act (DSA): A New Paradigm for Online Safety and Accountability

If the DMA is about reining in market power, the DSA is about reining in power over information and public discourse. In force since August 2023 for Very Large Online Platforms (VLOPs) and Very Large Online Search Engines (VLOSEs), and fully applicable to all other online platforms since February 2024, the DSA fundamentally redefines the responsibilities of online intermediaries regarding illegal and harmful content, transparency, and user rights. It is a landmark piece of legislation designed to make the online world safer, more transparent, and more accountable.

DSA Core Objectives and the Fight Against Online Harms

The DSA’s overarching goal is to combat the spread of illegal content, disinformation, and hate speech while protecting users’ fundamental rights online. Its core objectives include:

• Combatting Illegal Content: Establishing clear “notice-and-action” mechanisms for users to flag illegal content, requiring platforms to act swiftly.
• Tackling Disinformation and Harmful Content: While not directly regulating legal but harmful content, the DSA imposes obligations on platforms to assess and mitigate systemic risks arising from the dissemination of such content, especially for VLOPs/VLOSEs.
• Enhancing Transparency: Requiring platforms to be transparent about their content moderation practices, algorithmic recommendation systems, and online advertising.
• Protecting Minors: Imposing specific obligations to protect children online, including a ban on targeted advertising based on profiling of minors.
• Empowering Users: Giving users more control over their online experience, including options to opt-out of personalized recommendations and access to effective redress mechanisms.

Scope and Obligations for VLOPs and VLOSEs

The DSA applies a tiered approach, with stricter obligations for larger platforms. VLOPs and VLOSEs — those with over 45 million monthly active users in the EU — face the most stringent requirements. These include:

• Systemic Risk Assessments: Regular assessment and mitigation of risks related to illegal content, disinformation, negative effects on fundamental rights, public health, and minors.
• Independent Audits: Mandatory external audits of their compliance with DSA obligations.
• Recommender System Transparency: Providing users with choices about how their content is recommended and explaining the main parameters used by their algorithms.
• Crisis Response Mechanisms: Establishing protocols to respond swiftly to crises that impact public safety or security.
• Data Access for Researchers: Granting vetted researchers access to public data to scrutinize platform behaviour and systemic risks.

Many of the companies designated as gatekeepers under the DMA — such as Meta (Facebook, Instagram), Alphabet (Google Search, YouTube), ByteDance (TikTok), and Microsoft (LinkedIn, Bing) — are also designated as VLOPs or VLOSEs under the DSA, meaning they face a dual layer of stringent regulation.

Distinction from DMA: A Complementary Framework

It is crucial to understand that the DSA and DMA, while both targeting Big Tech and part of the EU’s “digital rulebook,” address distinct facets of online governance. The DMA is about market fairness and preventing gatekeepers from leveraging their power to stifle competition. The DSA, on the other hand, is about content governance, platform accountability, and user safety, ensuring that what happens *on* the platforms adheres to EU values and laws, regardless of market dominance. Together, they form a comprehensive regulatory ecosystem designed to shape how digital services operate in the EU.

Early Enforcement and Impact of the DSA

Since its application, the DSA has already prompted significant changes and enforcement actions. The European Commission has initiated formal proceedings against several VLOPs, including X (formerly Twitter) and Meta, for suspected breaches of the DSA, particularly concerning illegal content moderation, disinformation, and transparency. These investigations underscore the Commission’s resolve to enforce the new rules robustly. Platforms have been forced to invest heavily in content moderation teams, technical tools, and compliance processes. The DSA marks a shift from platforms self-regulating to being held legally accountable for the systemic risks they pose, fundamentally altering their operational approach to online content.

Beyond the DMA and DSA: Multifaceted Regulatory Pressures

The "second front" is not solely defined by the DSA. It encompasses a broader intensification of regulatory scrutiny across multiple existing and emerging domains, demonstrating the EU’s comprehensive strategy to assert its digital sovereignty.

Renewed Antitrust Scrutiny under Traditional Law

Even with the DMA in place, the EU has not abandoned its traditional antitrust tools. The European Commission continues to investigate specific alleged anti-competitive practices by tech giants under Article 102 TFEU (abuse of dominant position) and Article 101 TFEU (cartels). Examples include ongoing probes into Google’s ad tech business, Apple’s App Store rules (beyond the DMA’s specific obligations), and Meta’s acquisition strategies. These cases often complement or run parallel to the DMA, addressing specific instances of alleged harm that might not be fully covered by the DMA’s ex-ante rules or serving as a fallback should DMA enforcement face legal challenges. This dual approach ensures comprehensive coverage against anti-competitive behaviour.

Data Protection (GDPR) Enforcement Intensification

The General Data Protection Regulation (GDPR), implemented in 2018, was arguably the “first wave” of significant EU digital regulation. Its enforcement has continued unabated, with data protection authorities across the EU levying substantial fines against tech companies for various privacy violations. The interplay between GDPR, DMA, and DSA is also becoming increasingly relevant, as data processing and privacy considerations underpin many of the new obligations. For instance, the DSA’s transparency requirements concerning algorithmic systems necessarily intersect with GDPR principles of data minimization and purpose limitation. Recent large fines against Meta and others for cross-border data transfer issues and behavioural advertising practices highlight the continued potency of GDPR enforcement.

Emerging Fronts: AI Regulation and Sector-Specific Rules

Looking ahead, the EU is already charting new regulatory territory. The proposed Artificial Intelligence Act (AI Act), currently nearing final adoption, aims to be the world’s first comprehensive legal framework for AI, classifying AI systems by risk level and imposing stringent requirements on high-risk applications. This demonstrates the EU’s proactive stance on regulating emerging technologies before they become entrenched. Furthermore, sector-specific regulations, such as the Markets in Crypto-Assets (MiCA) regulation, also signify the EU’s intent to apply its regulatory philosophy to novel digital industries, ensuring consumer protection and financial stability in rapidly evolving markets.

The EU’s Regulatory Philosophy: A Model for the Digital Age?

A Values-Driven Approach: Prioritizing Rights and Fairness

At the heart of the EU’s aggressive regulatory stance is a distinct philosophy that prioritizes fundamental rights, consumer protection, and fair competition above a singular focus on unbridled economic growth or technological innovation at any cost. This approach is deeply rooted in European values, emphasizing democracy, privacy, and individual autonomy. Unlike other jurisdictions that might view regulation as an impediment to innovation, the EU frames its digital rulebook as a necessary foundation for a trustworthy, safe, and truly innovative digital single market. It aims to create an environment where technology serves society, rather than the other way around.

The Global Ambition and the “Brussels Effect”

The EU’s regulatory efforts are not confined to its borders. Its large internal market — a single market of 450 million consumers — grants its regulations an outsized global influence, often referred to as the “Brussels Effect.” For global companies, it is often more practical and cost-effective to adopt the EU’s stringent standards worldwide rather than develop separate product versions or compliance regimes for different jurisdictions. The GDPR has already demonstrated this, inspiring similar privacy laws in numerous countries globally. The DMA and DSA are poised to exert a similar gravitational pull, potentially setting de facto global standards for market contestability, content moderation, and platform accountability, impacting how tech companies operate far beyond Europe.

Contrasting Approaches: EU, US, and China

The EU’s approach stands in stark contrast to that of other major global players:

• United States: Traditionally characterized by a lighter regulatory touch, prioritizing innovation and free market principles. While there’s growing bipartisan consensus on the need to address Big Tech’s power, legislative progress has been slow and fragmented. US efforts often focus on antitrust litigation rather than proactive, sector-specific regulation.
• China: Employs a state-centric model, where regulations are primarily driven by government control, censorship, national security, and industrial policy goals. While China has also enacted significant tech regulations (e.g., data security, anti-monopoly), their underlying philosophy and enforcement mechanisms are fundamentally different from the EU’s rights-based approach.

This divergence highlights the EU’s unique position as a democratic bloc striving to balance technological advancement with fundamental societal values, potentially offering a third way in global digital governance.

Impact and Implications: A Multi-Stakeholder Analysis

The EU’s expanding regulatory offensive carries profound implications across the digital ecosystem, affecting tech giants, consumers, smaller businesses, and the broader geopolitical landscape.

For Big Tech Giants: Navigating a New Regulatory Maze

For the likes of Google, Apple, Meta, Amazon, and Microsoft, the DMA and DSA represent a monumental challenge to their established business models. Their previous strategies, often reliant on leveraging data advantages, creating walled gardens, and exercising control over distribution channels, are now under direct assault.

• Business Model Transformation: Companies must re-evaluate revenue streams from app stores, advertising, and data monetization. For example, Apple’s adjustments to its App Store policies in the EU will impact its lucrative service fees.
• Compliance Burden: Significant investments in legal, technical, and human resources are required to ensure compliance. This involves restructuring operations, developing new APIs for interoperability, revamping content moderation systems, and hiring compliance officers.
• Innovation vs. Regulation: While some argue regulation stifles innovation, others contend it levels the playing field, forcing gatekeepers to innovate rather than relying on their dominant position. However, adapting to complex, prescriptive rules can divert resources from new product development.
• Potential for Strategic Adjustments: Companies might choose to exit certain markets or modify product offerings rather than comply with specific regulations, although their dependence on the large EU market makes this a rare option. Legal battles challenging the EU’s interpretation and enforcement are highly likely.

For Consumers: More Choice, Safety, and Privacy?

The stated aim of the EU’s regulations is to benefit the end-user. If successfully implemented, consumers could experience:

• Increased Choice and Fairness: Greater options for apps, services, and payment methods; potentially lower prices due to reduced gatekeeper control; and fairer terms and conditions.
• Enhanced Safety and Privacy: Better protection against illegal and harmful content, reduced exposure to disinformation, more control over personal data, and greater transparency regarding algorithmic recommendations.
• Information Overload/Curation Challenges: A potential downside could be less personalized or curated online experiences, leading to an initial period of adjustment or perception of information overload if algorithms are less predictive due to new transparency rules. Users might also bear more responsibility for content discernment.

For Smaller Businesses and Startups: Leveling the Playing Field?

One of the key beneficiaries intended by the EU are smaller companies and startups, who have historically struggled to compete against the network effects and deep pockets of tech giants.

• Reduced Barriers to Entry: Interoperability, data portability, and anti-self-preferencing rules could lower barriers, making it easier for new entrants to gain traction and compete on merit.
• Opportunities for Innovation: New services built on open APIs and access to data could emerge, fostering a more vibrant ecosystem. Developers might find it easier to reach users without being beholden to gatekeeper app stores.
• Still a Challenge: While the playing field is more level, smaller businesses still face the immense resources and brand recognition of incumbents. Navigating the complex regulatory landscape itself can also be a burden for less resourced entities.

Geopolitical Ramifications and Tech Sovereignty

The EU’s actions have broader geopolitical significance:

• Influence on Global Digital Policy: The “Brussels Effect” means these regulations could inspire similar frameworks worldwide, creating a global shift towards greater tech accountability.
• Tech Sovereignty: By regulating global tech companies, the EU aims to regain a degree of control over its digital future, reducing dependence on non-EU tech giants and fostering its own digital champions. This is a strategic move to safeguard European values and economic interests in the digital age.
• Potential for Trade Disputes: The stringent nature of these regulations, particularly those impacting US tech giants, could lead to trade tensions with the United States, as seen with previous data privacy disputes.

Challenges and Criticisms of the EU’s Approach

While ambitious, the EU’s regulatory offensive faces significant hurdles and has drawn criticism from various quarters.

Enforcement Power and Resources: A Gargantuan Task

Enforcing complex, technical regulations against some of the world’s wealthiest and most legally sophisticated companies is an immense undertaking. The European Commission, despite its legal prowess, has limited resources compared to the tech giants. Ensuring timely and effective compliance, especially across multiple complex obligations simultaneously, will test the limits of the EU’s administrative capacity. The sheer volume of digital services and the rapid pace of technological change also pose a challenge to sustained enforcement.

Legal Battles and the Search for Loopholes

Tech companies are known for their aggressive legal strategies. They are likely to challenge specific provisions, interpretations, and enforcement decisions in court, creating lengthy legal battles that could delay the intended impact of the regulations. Furthermore, companies may seek to identify and exploit technical or legal loopholes, implementing “bare minimum” compliance strategies rather than fully embracing the spirit of the laws. This puts the onus on regulators to remain vigilant and adapt.

Balancing Innovation and Regulation: A Delicate Act

A persistent criticism is that stringent regulation, particularly the prescriptive nature of the DMA, could stifle innovation, especially for European startups who might find the compliance burden too heavy. Critics argue that over-regulation could disincentivize companies from investing in new technologies or entering the EU market. While the EU maintains that fair competition fosters innovation, the exact balance between regulation and dynamism remains a subject of intense debate.

Unintended Consequences and Regulatory Overreach

Complex regulations can have unforeseen ripple effects. For example, some worry that stringent content moderation requirements under the DSA could lead to over-censorship or impact freedom of expression, especially for smaller platforms without the resources for sophisticated moderation systems. Others argue that the DMA’s interoperability requirements could inadvertently create new security vulnerabilities or compromise user experience. There are also concerns about regulatory overreach, particularly from non-EU governments who view the EU as imposing its standards extraterritorially.

Defining Harm: The Subjectivity Challenge

Under the DSA, defining and mitigating “harmful content” (that which is legal but potentially damaging) or “systemic risks” related to democratic processes can be inherently subjective and politically charged. The risk of different interpretations across member states, or political interference in moderation decisions, poses a significant challenge to consistent and fair enforcement. Ensuring that platforms uphold fundamental rights while combating harm requires careful calibration.

The Road Ahead: What Comes Next in the EU’s Tech War?

The “second front” is not the end of the EU’s regulatory ambitions; it is a profound intensification and broadening of its commitment. The road ahead will likely be characterized by several key developments:

• Intensified Enforcement: Expect a surge in investigations, compliance orders, and potentially hefty fines under both the DMA and DSA. The Commission is signaling its intent to be a robust enforcer.
• Adaptation and Evolution: The digital landscape is constantly shifting. The EU’s digital rulebook will likely need periodic updates and adaptations to address new technologies (e.g., the metaverse, advanced AI applications) and unforeseen challenges.
• Global Ripple Effects: As the EU solidifies its regulatory frameworks, other countries will continue to watch closely, and many will likely draw inspiration from or adopt similar legislative approaches, furthering the “Brussels Effect.”
• Long-Term Vision: The EU’s ultimate goal is to establish a digital economy that aligns with its core values of human rights, democracy, and fair competition. This long-term vision aims to reshape not just how tech companies operate, but also the very fabric of digital society.

Conclusion: A Redefined Digital Future

The EU’s declaration of a “second front” in its regulatory battle against Big Tech is more than a mere legislative update; it represents a fundamental recalibration of power in the digital realm. Building upon the foundational market-shaping objectives of the Digital Markets Act, this new phase — spearheaded by the Digital Services Act and bolstered by intensified antitrust, data privacy, and emerging AI regulations — addresses the multifaceted challenges posed by dominant tech platforms. It is a comprehensive effort to extend accountability from economic influence to societal impact, demanding greater responsibility for content, user safety, and algorithmic transparency.

This ambitious strategy underscores the EU’s unwavering commitment to its values-driven approach, aiming to foster a digital ecosystem that is not only competitive and innovative but also safe, fair, and respectful of fundamental rights. While significant challenges remain in enforcement, legal battles, and balancing innovation, the profound implications of these regulations will undoubtedly reshape the global tech landscape. The EU is not merely regulating an industry; it is actively attempting to define the parameters of a democratic and humane digital future, setting a precedent that the rest of the world will inevitably grapple with and potentially follow.