Since setting up the EU’s new office in San Francisco in September 2022 with “a directive to ensure [tech] companies are ready to comply with a wave of new regulation emanating from Brussels,” [Gerard] de Graaf says he’s been busy working closely with digital tech market leaders and policymakers to coordinate on the regulatory priorities of the European Union.
Adam Thierer
Medium
Every day, it becomes more apparent that the European Union’s key export is their regulatory frameworks. American policymakers need to pay attention. As European regulations have success on other continents, it is becoming a global issue.
The European Union has taken an assertive stance in regulating major US technology companies such as Amazon, Apple, Google, Meta, and Microsoft through policies like the General Data Protection Regulation (GDPR) and the Digital Markets Act (DMA), under which the EU imposes heavy fines for noncompliance with their regulations if they disagree on how tech firms handle user data, run their platforms, and manage interoperability features.
The EU’s aggressive regulatory approach to technology goes beyond protecting EU citizens: It aims to export restrictive European-style policies worldwide. With regulations like GDPR, the EU has set sky-high fines for noncompliance that act as global benchmarks. GDPR penalties for violations can be up to 4 percent of a company’s global revenue. As dominant players in the digital economy, US tech giants have faced intense scrutiny and multibillion-dollar fines from EU regulators. These astronomical penalties create major compliance costs and legal risks, and they target the competitive advantage of US tech firms.
In 2022, penalties on US tech firms reached record highs, including a $506 million fine for Instagram, $113 million for Google, and $908 million for Amazon. These massive fines aim to force compliance, but they significantly affect the finances and reputations of fined companies.
The DMA exemplifies regulations the tech industry says will undermine continued pioneering advancements by preemptively targeting successful tech firms with laws that deter innovation and expansion. Obligations like mandated interoperability reduce incentives to invest in the development of better platforms and products. Additionally, the DMA grants EU regulators extensive discretion to intervene in tech business practices. By targeting the largest firms only, the DMA distorts competition rather than promoting open markets.
This global spread of European-style regulation may create a more uniform digital policy landscape, but it threatens growth in countries such as Brazil, India, and Turkey as governments look to the EU as a template for their digital governance. It’s important for American policymakers to understand the EU’s penalty structure for data privacy breaches as an attack on US industries.
The EU’s role as the “Global Digital Nanny” is a multifaceted issue. The DMA’s strict regulations on large technology companies designated as “gatekeepers” stifle innovation and hamper the free market in several ways:
First, by preemptively labeling certain successful companies as gatekeepers and saddling them with special obligations, the DMA punishes businesses for their success and deters growth or expanding into new areas out of fear of facing burdensome DMA restrictions. This runs counter to the ethos of free market competition, instead ossifying market boundaries and lowering interest in countries with DMA styled regulatory obligations.
Secondly, the specific obligations placed on gatekeepers—such as requiring interoperability with competitors and forbidding self-preferencing in rankings—undermine incentives to invest and innovate. If they cannot fully leverage their own technology or promote their offerings to customers, companies are less motivated to improve products.
Thirdly, the DMA grants the European Commission broad discretion to intervene in gatekeepers’ business practices and organization. This regulatory overhang injects uncertainty and risk, further dampening incentives to innovate. Moreover, this type of heavy-handed regulation risks entrenching existing players rather than facilitating disruptive innovation.
Finally, by targeting only the largest companies as gatekeepers, the DMA creates an uneven playing field. It imposes harsh restrictions on some market participants while allowing others to act freely. This distorts competition rather than promoting open markets.
In short, the DMA’s preemptive and asymmetric precautionary restrictions undermine the network effects of digital-economy companies’ success and lowers interest in investing in research and development that creates the competitive vibrancy that comes from free markets. These DMA-style obligations risk creating a chilling effect on product improvements and distorting competition by undermining markets and dynamic efficiency. A superior approach would emphasize ex post enforcement of antitrust rules when specific harms are demonstrated.
The EU’s regulations focus on consumer protection and privacy to justify interference in the market. The real key is striking the right balance between safeguarding consumers through data protection agreements while still fostering a climate where technology can thrive. For the EU and US alike, regulatory approaches should be measured and proportional, and they should consider incentives and unintended consequences. With care, regulation such as the recent Trans-Atlantic Data Privacy Framework and innovation can coexist and even reinforce each other. But the current preemptive attack on the United States’ successful technology companies’ risks hindering next-generation innovations.