This month, the European Commission (EC) took yet another step in shaping Europe’s digital future. It has announced plans to upgrade the rules governing digital services with two legislative initiatives: the Digital Services Act (DSA) and the Digital Markets Act (DMA). This detailed regulation will serve as a kind of “traffic light” system for the digital sector – rules that “put order in the chaos” created by the increase in online traffic. But while these traffic lights can be seen as a positive step, work is needed on the soft infrastructure too.
All online data exchange in Europe is currently governed by the directive on e-commerce, which dates from 2000. The DSA and DMA are aimed at bringing this legislation up to date. They encompass a single set of new rules applicable across the whole of the EU to create a safer and more open digital space based on European values.
As the European Commission points out, the two proposals serve one purpose: to make sure that we – as users, as customers, as businesses – have access to a wide choice of safe products and services online, just as we do in the physical world, and that all businesses operating in Europe can freely and fairly compete online, just as they do offline.
The proposed legislative initiatives are also being seen as an important move to restrict the freedom of the Big Tech platforms. While the Digital Service Act will apply to all internet companies, the Digital Market Act is predominantly targeted at the ‘gatekeepers’: tech giants such as Google, Facebook and Amazon who, because of their size, dominate access to the internet. The Digital Market Act is aimed at ensuring that such companies shoulder their equally sizeable responsibilities, e.g. they do not abuse their dominant position to prioritise the promotion of their own products on their platforms, and that they report acquisitions properly. Penalties for breaking the law can be as high as 6% of global revenue in the case of the Digital Services Act and 10% of global revenue under the Digital Market Act. The legislation will also give the EC the right to break up any tech companies that are fined three times within the space of five years and continue to act illegally.
As a member of the Data Sovereignty Now (DSN) movement, we applaud this proposed legislation as a step in the right direction towards realising a human-centric data economy that holds true to European values. This move shows that the European Commission is prepared to take bold and pragmatic steps to reach its goals. Despite this, however, it is DSN’s view that the legislation fails to go far enough to solve the underlying problem; the new laws will only tackle the symptoms rather than the cause.
The real issue in today’s digital economy is that people and organisations do not have control over their data; there is a lack of ‘data sovereignty’ and these proposed legislative measures will not change that. DSN believes that the only way to truly address the issues that are currently at hand is by making data sovereignty the guiding principle of all data initiatives in Europe. The first concrete step in this process would be to create a soft infrastructure for data based on a uniform set of agreements.
Commissioner Vestager used the “traffic light” as metaphor for introducing the DSA. She stated that traffic lights were invented in response to a major technological disruption – the invention of cars – and that the DSA should be viewed in a similar light: “We have such an increase in the online traffic that we need to make rules that put order in the chaos, rules that make the online world safe, reliable and secure for all users of the digital roads”.
The members of DSN would like to extend that metaphor to the broader infrastructure, which is currently dominated by the Big Tech firms. DSN believes that, in order to fundamentally pave the way for data sovereignty, it is essential to create soft infrastructure for data sharing that enables people and organisations to control data about them.
Such a soft infrastructure means creating agreements on the way people can identify themselves and give authorisations online, and creating agreements about data portability and interoperability. Ursula von der Leyen’s proposed ‘secure digital identity’ would be a cornerstone of such a soft infrastructure. This soft infrastructure, which goes beyond regulation and governance alone, would furthermore underly and boost the envisioned European data spaces.