The Future Is Here
We may earn a commission from links on this page

European Union Passes Landmark Big Tech Regulations

The European Parliament approved both the Digital Services Act and the Digital Markets Act. If properly enforced, companies will have to make big changes.

We may earn a commission from links on this page.
Person wearing Mark Zuckerberg mask in front of EU flag
Papier-mâché Zuckerberg is going to get what he asked for.
Photo: KENZO TRIBOUILLARD / Contributor (Getty Images)

In a final vote, the European Parliament elected to adopt both the Digital Services Act (DSA) and Digital Markets Act (DMA) on Tuesday. The two related pieces of legislation aim to address some of the major emerging issues of internet and social media companies. The DSA is focused on boosting the efficacy and transparency of online content moderation, while the DMA centers on combatting anti-competitive company practices.

“For too long tech giants have benefited from an absence of rules. The digital world has developed into a Wild West, with the biggest and strongest setting the rules,” said Danish Parliament member, Christel Schaldemose, in a press statement. “But there is a new sheriff in town.” Both law packages passed with huge majorities: The vote count for the DMA was 588 for, 11 against, and 31 abstaining. The DSA count was 539 for, 54 against, and 30 abstaining.


Not all tech companies fall under the new legislation. The DMA will target companies valued at more than €75 billion (about $77 billion), or with annual gross revenue of more than €7.6 billion. To be considered a so-called “gatekeeper,” a company’s services will also have to have at least 45 million monthly users in the European Union and 10,000 annual business users. Companies that meet these requirements include Apple, Google, Meta, Amazon, and China-based mega-online-retailer Alibaba.

These corporations and others that are large enough to qualify as “gatekeepers,” will be prohibited from preferring or mandating their own services on their hardware (ex: Safari as the default browser on iPhones). All pre-installed software will need to be un-install-able. Things like messaging will have to have interoperate compatibility across different platforms (ex: no more iMessage exclusive features). Additionally, the DMA limits how far companies can track users for advertising purposes without explicit consent. The ultimate goal of these laws is to “ensure a fairer business environment and more services for consumers,” according to the Parliament press release.


The DSA is more broad and covers intermediary services like internet service providers, web hosting services, online platforms, and very large online platforms (that reach more than 10% of the EU population)— although different sets of regulations will apply to each category.

All categories of company, for instance, will have to meet new transparency and accountability reporting requirements. However, only very large online platforms will need to allow users to opt out of ad and content recommendation algorithms based on “profiling” that consider categories like race, political views, or religion. Together, the DSA package of laws is meant to counter illegal and misleading content posted online, increase effective moderation of that content, and make companies more accountable for the ways in which their platforms are used.

If they violate the DMA, companies will face fines of up to 10% of their annual gross revenue, or up to 6% for DSA violations.

The DMA will begin to go into effect in early 2023. And for the largest online platforms and search engines, so will the DSA. However, smaller companies will have slightly more time to comply with the Services Act. For them, the DSA will start up either 15 months from its entry into the EU Official Journal or on January 2024 (whichever is later). The legislation has been years in the making. The European Commission first proposed the DSA and DMA back in December 2020. And large tech companies have been on guard since then, releasing public statements denouncing aspects of the new laws.


Yet, enforcement potential of the two sweeping acts remains a key question mark. The EU has previously passed big tech legislation like 2018's General Data Protection Regulation, which ended up flopping in part because enforcement was disorganized and diffuse. In theory, with the DSA and DMA, enforcement is supposed to be more centralized— the European Commission itself will be in charge through task forces and committees. Though, some remain unconvinced that the Commission is setting aside enough resources.

“We raised the alarm last week with other civil society groups that if the Commission does not hire the experts it needs to monitor Big Tech’s practices in the market, the legislation could be hamstrung by ineffective enforcement,” the deputy director general of The European Consumer Organization, Ursula Pachl, told Reuters in a statement. Time will tell whether Europe’s new approach to big tech can actually bring on big changes.