Acting Digitally: The EU Rewrites Its Internet Rules

Peter S. Rashish

Vice President; Director, Geoeconomics Program

Peter S. Rashish, who counts over 30 years of experience counseling corporations, think tanks, foundations, and international organizations on transatlantic trade and economic strategy, is Vice President and Director of the Geoeconomics Program at AICGS. He also writes The Wider Atlantic blog.

Mr. Rashish has served as Vice President for Europe and Eurasia at the U.S. Chamber of Commerce, where he spearheaded the Chamber’s advocacy ahead of the launch of the Transatlantic Trade and Investment Partnership. Previously, Mr. Rashish was a Senior Advisor for Europe at McLarty Associates, Executive Vice President of the European Institute, and a staff member and consultant at the International Energy Agency, the World Bank, UNCTAD, the Atlantic Council, the Bertelsmann Foundation, and the German Marshall Fund.

Mr. Rashish has testified before the House Financial Services Subcommittee on International Monetary Policy and Trade and the House Foreign Affairs Subcommittee on Europe and Eurasia and has advised three U.S. presidential campaigns. He has been a featured speaker at the Munich Security Conference, the Aspen Ideas Festival, and the Salzburg Global Seminar and is a member of the Board of Directors of the Jean Monnet Institute in Paris and a Senior Advisor to the European Policy Centre in Brussels. His commentaries have been published in The New York Times, the Financial Times, The Wall Street Journal, Foreign Policy, and The National Interest, and he has appeared on PBS, CNBC, CNN, and NPR.

He earned a BA from Harvard College and an MPhil in international relations from Oxford University. He speaks French, German, Italian, and Spanish.

Last week the European Commission put forward two sweeping proposals to overhaul the European Union’s rules governing the behavior of large Internet companies: the Digital Services Act (DSA) and the Digital Markets Act (DMA). The current EU approach, the E-Commerce Directive agreed in 2000, pre-dates the rise of powerful U.S. platforms like Google, Amazon, and Facebook. So there are understandable reasons for an update.

From the perspective of transatlantic relations, this latest example of regulatory activism in the tech domain raises one central question: has the EU gone too far, or is it pointing the way?

From the perspective of transatlantic relations, this latest example of regulatory activism in the tech domain raises one central question: has the EU gone too far, or is it pointing the way?

It would be easy for Americans to believe that the EU is targeting U.S. firms in this twin push for a new framework for digital commerce within its single market. That’s because penalties for violating the DSA and DMA would kick in at thresholds that with few exceptions (SAP, Spotify) would only apply to the big U.S. Internet firms.

For example, companies would have to meet obligations in the DSA to take down illegal content or to provide greater transparency about how algorithms are used if they have at least 45 million users. The DMA creates a new “gatekeeper” function—something akin to the financial markets concept of a “globally systemically important bank”— for firms that reach both the 45 million user mark and have at least €65 billion in market capitalization.

On the other hand, there is growing concern in the United States as well about the commercial dominance of big Silicon Valley firms. In the last couple of months the U.S. Department of Justice has filed a suit against Google and the Federal Trade Commission has taken aim at Facebook over their anti-competitive practices. In an October 2020 report, House Democrats called for stronger anti-trust laws that if passed could lead to the restructuring of U.S. tech companies. And tech company CEOs were grilled by both Democrats and Republicans about their content moderation policies at hearings on Capitol Hill this fall.

There is a key difference, however, in the ways the United States and the EU are giving expression to their ambitions to rein in big tech. While Washington is stepping up its enforcement using the existing rulebook—and considering ways to beef it up— Brussels has decided it needs new tools. In the future, it wants to rely less on the ex-post use of anti-trust law investigations to right past wrongs and more on ex-ante regulations that aim to prevent anti-competitive behavior in the first place. It is not clear that the EU has fully weighed the costs and benefits of this more draconian approach.

In the short term, the United States and the EU already face two major tests of whether they can align their approaches to the digital economy. As a result of a European Court of Justice decision earlier this year, the Privacy Shield governing commercial data transfers across the Atlantic has been invalidated. And barring a negotiated solution in the OECD, a number of EU countries plan to introduce Digital Services Taxes next year that would hit the revenues of the large U.S. Internet firms.

But the DSA and the DSM do not have to become another source of transatlantic economic friction. Overall, they are perhaps best looked at as following in the footsteps of the 2018 General Data Protection Regulation (GDPR), which governs data privacy in the EU: an early indicator of the general direction the U.S. may ultimately choose to travel—and where California has already arrived.

The views expressed are those of the author(s) alone. They do not necessarily reflect the views of the American-German Institute.