This article is part of Social Media Futures, a series inviting policy practitioners and internet analysts to share their own perspectives and provocations on the futures of social media, including trends in regulation, innovation, safety and harm. If you have an idea for a piece, get in touch!
Here, Konstantinos Komaitis explores Europe’s role as a global internet regulator.
EU ministers recently agreed their position on the Digital Services Act (DSA) – a new regulatory initiative aiming to improve online safety – in record time.
While there are issues to address, the DSA has the potential to further cement the EU's position as the de facto global regulator for the internet.
The long-term test will be whether Europe can reconcile its pursuit of “digital sovereignty” with its promotion of internet openness and security – particularly where these objectives may be in conflict.
On November 25, as the US was waking up to Thanksgiving family gatherings, Brussels was celebrating something of its own. After less than a year of negotiations, European ministers had given the go-ahead to the new versions of Europe’s ambitious Digital Services Act (DSA) package. This was record speed for Brussels law-making and, though the DSA is not over yet, all signs point to success. Europe is now on the brink of producing the most comprehensive content moderation and competition legal framework, becoming the first major bloc in the world to do so.
The future of the DSA has been promising since the beginning. The text was far from perfect, but the Commission had hit the big issues, fully conscious of the need for the DSA to be consistent with two realities: the reality of holding companies accountable through transparency mechanisms, and the reality of how actors must be allowed to interact within the internet ecosystem. However, by the time it reached the European Parliament, politics had replaced practicality. Initial fights between the EU Parliament’s committees over competence signified the political interest in the DSA, with some MEPs threatening to derail the process.
Unsurprisingly, the final text is an obvious political compromise. In time, Europe will need to address some significant issues with the DSA, such as the freedom of speech concerns, how to ensure protections for sites like Wikipedia and some general issues around implementation and enforcement. Indeed, if there is one thing Europe must learn from its General Data Protection Regulation (GDPR) experience, it is that internet regulation, no matter how necessary, also has the tendency to create a series of unintended consequences. The DSA will be no exception, so Europe must prepare.
However, as part of a broader strategy to consolidate Europe’s global standing in internet regulation, the DSA has achieved its objectives. While the US continues to debate whether regulation in the internet is even necessary (look no further than its failure to pass a federal privacy law), European regulators appear determined to move forward – and do so fast. France, which will hold the Council presidency next year, has already indicated that it will make implementing the DSA a priority. It is also a personal priority for President Macron, who is facing re-election in the spring of 2022.
With the successful passage of the DSA, Europe will further cement its position as the de facto global regulator for the internet. Four years ago, it was the GDPR that changed the way we talk about privacy and the way business models operate. Because of the GDPR, more than 120 countries around the world have “already engaged in some form of international privacy laws for data protection”.
This level of influence should be unsurprising. The European Union is the largest trading bloc in the world and the second biggest economy after the US. With roughly 95% of its population having internet access, Europe is a key player in the Internet. Like GDPR, the DSA and its twin, the Digital Markets Act (DMA), are likely to have a significant extraterritorial effect, setting global regulatory standards on both content moderation and competition. This secures Europe’s position as the most influential state actor in the regulation of the internet today.
The global, open, interoperable model of the internet is on the brink. Do these regulatory steps make Europe a beacon of hope for rescuing it? For sure, Europe is a preferable choice to China or Russia for setting global regulatory standards. At the same time, however, Europe does not have a perfect track record with internet regulation. Its online terrorism regulation poses significant infrastructure and free speech concerns and has provoked the strong reaction of 61 human rights organizations. Its impending Child Sexual Abuse Material (CSAM) framework is expected to enable a broad range of surveillance capabilities for law enforcement, potentially undermining encryption in the name of safety. The proposed Network Information Security (NIS II) directive risks fragmenting the global domain name system.
These examples illustrate how Brussels can, sometimes, fail to grasp the underlying complexities, trade-offs and consequences of its actions. There is no question as to whether Europe should experiment with regulation, but this experimentation must consider the fundamental interdependencies which underpin global networks. Acting in one area, while undermining another, will benefit no one.
Over the long-term, the test will be whether Europe can reconcile its pursuit of “digital sovereignty” with its promotion of internet openness and security – particularly where these objectives, both protective and offensive, may be in conflict. Europe wants “to act independently in the digital world”, often using legislation as its main tool to advance this agenda. If not careful, however, regulation can become the end instead of the means. The more Europe continues to regulate the internet under claims of sovereignty, the more difficult it will become to ask other countries to trust its vision. To avoid this, Europe must realise that it cannot act alone.
Next year will be a busy year for the internet. Crucial discussions on cybercrime and technical standards, both under the auspices of the United Nations, will put the internet at the very heart of multilateralism. In many ways, this is a blow to years of multistakeholder-led internet governance. But that does not mean open internet values must get lost along the way. Europe must move quick to address the human rights, security and internet issues with its own regulatory agenda, as well as advocating for these values in multilateral forums.
For now, Europe can celebrate its DSA milestone. For better or worse, Europe now sits at the forefront of internet regulation. But the fight for internet regulation – and the global, open internet – is not over.