EU Digital Services Package Poses Big Tech Risk; Weakened Ability to Leverage Data and Increased Transparency Likely

March 2, 2021 – Capstone believes the European Commission’s proposed overhaul of internet regulation under the Digital Services Act (DSA) and Digital Markets Act (DMA) will likely present long-term headwinds for Big Tech companies. Of the two proposals, we believe the DMA presents the highest risk, as it has sharper teeth and could meaningfully alter the business practices of “gatekeeper” platforms, including Facebook Inc. (FB), Alphabet Inc.’s Google (GOOG), Amazon Inc. (AMZN) and Apple Inc. (AAPL). The key provisions of the proposal are designed to undermine practices that have helped large tech firms maintain their competitive advantage, and would weaken their ability to leverage data. The fines for violating the proposed regulation are substantial, with a maximum fine of 10% global annual turnover, and repeat offenders face being broken-up.

Digital Markets Act to weaken Big Tech’s ability to leverage data
The use of proprietary marketplaces and platforms to compete in other services and products would no longer be possible, and the ability to leverage data across verticals would be weakened. The DMA rules would classify large tech firms—such as Facebook, Google, and Amazon—as ‘gatekeepers’ and could reshape how their platforms operate in the EU. Notably, gatekeepers would have to share (for free) data generated in their use of their platform, personal data sourced from core platform services could not be combined with personal data from other services, there would be independent verification of advertisements, and services offered by gatekeepers would have to be treated equally to those offered by third parties.

Digital Markets Act has the biggest teeth
The DMA is the more impactful of the two proposed acts. It also would impose significantly more severe fines for non-compliance than the existing data protection and privacy regulation, the General Data Protection Regulation (GDPR). Fines for non-compliance with the proposed regulations are high, up to 10% of global annual turnover. Sanctions may also include periodic penalty payments of up to 5% of average daily turnover. Most notably—in the case of repeat offenses, such as three fines within five years—the European Commission may impose structural measures, including breaking up the business, although this is still seen as a last resort measure. Fines for violating GDPR are 4% of global turnover or €20 million, whichever is higher. Antitrust breaches can already yield penalties of up to 10% of annual turnover, although investigations can take several years and large tech firms have not seen a maximum penalty to date.

Digital Services Act increases transparency and control for users
Under the DSA, platforms would be required to give users detail on the parameters used for online advertising, particularly when the platforms profile users for targeted ads. Furthermore, users would have the right to amend the parameters and potentially reject profiling altogether, which could significantly reduce platforms’ ability to leverage personal data for advertising purposes.

Digital Services Act brings a new liability regime
Likely new obligations would mandate enhanced due diligence and proactive measures from large platforms to assess risks and consumer harm. However, the new framework is likely to stop short of full liability and a general requirement to monitor content, goods, and services. This represents a relatively low risk for platforms regarding business model changes necessary to meet obligations. However, significant fines can still be levied. Fines for non-compliance could reach 6% of total annual turnover: $5.2 billion, $11 billion, $23 billion, and $16.5 billion for Facebook, Google, Amazon, and Apple, respectively, based on YE2020 results.

To learn more, contact us at sales@capstonedc.com.