Digital Jungle Best Tackled by Joint U.S.-EU Effort

Photo: Video conference of the members of the European Council during a speech by Charles Michel, President of the European Council, to President Joe Biden. Credit: European Council.
Photo: Video conference of the members of the European Council during a speech by Charles Michel, President of the European Council, to President Joe Biden. Credit: European Council.

Europe is forging ahead to regulate tech, the U.S. should pay close attention to the details.

This week, tech CEOs once again found themselves in the hot seat testifying to the U.S. Congress. In what has become a familiar pattern, Congressional members peppered Google, Twitter and Facebook heads with questions about content moderation, child safety, and digital disinformation.

Even as U.S. lawmakers contemplate their options, Europe is forging ahead to regulate tech at full speed. Last year, the European Union (EU) unveiled an ambitious effort to regulate tech companies, enshrined in two omnibus proposals — the Digital Services Act (DSA) and the Digital Markets Act (DMA) — which aim to make Europe fit for the digital age through expansive regulation of everything from online content to search engines and hotel booking sites. And the EU is keen to have the new U.S. Administration on board with its digital agenda. Speaking at the Munich Security Conference in February, Commission President Ursula von der Leyen urged the U.S. to join forces to “create a digital economy rulebook that is valid worldwide.”

No doubt, Europe and the United States must work together to ensure that the digital domain remains a democratic arena that prioritizes individual rights and the values of open societies. But, as it currently stands, the DSA and DMA may make it harder for the U.S. and Europe to work together to prioritize tech innovation while ensuring that individuals still have access to the services they are used to. Because everything that Europe does on tech policy has global consequences (see for example the GDPR), Brussels’ agenda, if enacted, will impact everyday experiences online for all users, including those in the U.S. The legalese can be overwhelming to sift through, which is likely why few in the U.S. have been paying attention to specifics. But U.S. policymakers and consumers had better start paying close attention or they may wake up in a digital world that looks very different from the one they are used to.

First, a primary goal of a U.S.-Europe “tech alliance” should be to ensure market conditions that encourage and facilitate innovation. In practice, this means a few things: removing barriers to entry for start-ups and small- and medium-sized enterprises (SMEs); incentivizing growth; and creating a level playing field — i.e., ensuring that new regulations do not distort the conditions of competition between U.S. and EU rivals.

A central provision of the DMA seeks to reduce the market influence of large companies defined as meeting “gatekeeper” qualifications, such as having 45 million monthly active users, meeting revenue thresholds, and operating certain digital services, among other conditions. Notably, these criteria capture only U.S. companies and no European ones. In other words, the EU’s approach, as it currently stands, is targeting U.S. companies and a specific sector, rather than updating regulation across the board (as we’ve seen with competition bills from U.S. Senator Amy Klobuchar and others).

Second, a transatlantic tech alliance should avoid imposing high costs on companies that operate in both the U.S. and Europe. As it stands now, once a company qualifies under the DMA, it faces a slew of legally complex and often conflicting compliance issues. For example, companies are obligated to share user data, algorithms, and core infrastructure directly with competitors, but are not given advice on how to do this without running afoul of GDPR or introducing new security vulnerabilities. These rules may also compel companies to disclose trade secrets to rivals, undermining a competitive market environment.

Third, legislators on both sides of the Atlantic should consider the impact of new policies on entrepreneurial start-ups. Ironically, a desire to reduce the influence of large firms risks disincentivizing small companies from getting into the market in the first place. That’s because many tech entrepreneurs start businesses with the aim of eventually integrating with larger rivals, in other words being bought out. But a recent report by an industry body representing small firms warned that “the DMA risks generating unintended consequences that could indirectly affect SMEs’ business models, growth ambitions, or exit strategies.” Simply imposing costs on larger companies does not level the playing field or encourage new start-ups to enter. In fact, it may do the opposite.

Fourth, policymakers in Europe and the U.S. should think through how policies will impact consumers. User privacy should be a priority, and the DSA and DMA both propose new measures to provide more information to individuals on what data companies are collecting and how such data are being used. Two specific DMA provisions, however, risk dramatically changing the user experience when it comes to basic online activities, such as searching for a restaurant, identifying its map location, and finding information enabling a reservation in a few quick clicks. This is because the Act would prevent companies with multiple products and services (such as Apple with its many app functions) from combining user data across its services, or from integrating different services. While this may sound like a reasonable idea in principle, in practice it could significantly alter the ease of use that many people expect from search engines, map apps, and location services, making everyday online activity cumbersome and those services less attractive.

In addition, new provisions around data use will likely produce a greater burden on individuals to make sense of data consents —  think of the cookies consent notifications implemented after the GDPR. Research has shown that those consent popups led to confusion or quick acceptances rather than providing useful information to users. That is because data collection and use is incredibly complex, and most casual users of the internet do not have the technical knowledge (nor should they be expected to) or the time to engage with data consent forms.

Finally, meaningful consultation and coordination between the EU and the Biden administration is urgently needed to avoid a go-at-it-alone approach on new regulations. This is particularly important in the digital space where firms operate across borders and are also competing with well-funded rivals from China.

The U.S.-EU Trade and Technology Council, as proposed by the EU, is an opportunity for the transatlantic community to build a common approach to regulations that reflect shared democratic values. To be effective, such a Council should include meaningful commitments to create a true level playing field, avoid unilateral regulation, and focus on specific proposals to stimulate transatlantic collaboration on innovation. Ultimately, the U.S. and EU have far more to gain by working together to invest in the technologies of the future than moving further apart.

March 26, 2021