The EU’s Online Safety Moonshot Is Losing Altitude

Starting today, Tech Policy Press will publish a series of articles with the DSA Observatory, marking two years since the Digital Services Act came into full effect.

The European Union’s Digital Services Act is the marmite of digital policymaking: you either love it or you hate it.

For EU officials, the bloc’s online safety rules — whose most stringent oversight applies to social media giants like YouTube and e-commerce companies like AliExpress — are a much-needed constraint on what many believe is the digital Wild West.

Enforcement has included requirements that Elon Musk’s X be more transparent about how content is posted on his platform, to demands that Temu clamp down on illegal goods sold on the global online marketplace. Ongoing investigations similarly target some of the biggest tech companies in the world.

For US officials, however, the DSA is another attempt by Europe to hobble American firms in favor of less innovative EU rivals. Donald Trump’s administration and his allies in Congress have accused the bloc’s online safety rules of being an illegitimate attack on Americans’ free speech rights and of undermining European civilization.

The current White House administration has targeted an upcoming review of the DSA, expected in 2027, to work with potential allies in Europe to roll back what is arguably the Western world’s most comprehensive attempt at promoting online safety.

Yet what both the lovers and haters of the DSA misunderstand is — more than two years on since the rulebook became fully enforceable — how internal challenges within the 27 countries have led to a half-baked implementation of rules aimed at improving Europeans’ time on popular digital services from Facebook and TikTok to Amazon and Google.

A combination of sluggish regulatory implementation, particularly at the EU member country level, an increasing politicization of DSA priorities within the European Commission and a fundamental reshaping of how research is conducted in support of the bloc’s online safety goals — due to a pullback in public and private funding toward platform governance — have blunted the Continent’s online safety moonshot.

Despite millions of dollars invested in DSA enforcement, it’s hard to point to meaningful ways Europeans’ online experiences have improved since early 2024.

That democratic deficit — in which citizens see little, if any, benefit from online safety rules designed to empower their increasingly digital lives — is a brewing problem for the EU as a growing minority of voices across the bloc, mostly from far-right political parties, attempt to frame the DSA as an unlawful threat to individuals’ civil rights.

Such policymaking growing pains are inevitable.

Just as it took at least five years for the bloc’s privacy standards, known as the General Data Protection Regulation, to lead to public-facing changes in how Silicon Valley handled Europeans’ personal information, success under the DSA should similarly be judged in years, not months.

But as Washington continues to shout from the rafters about the alleged ills of the EU’s online safety rules, European policymakers must acknowledge that current birthing pains linked to these rules are borne from within the bloc — and not from those in the US eager to see Europe’s digital regulatory experiment fail.

Some of this blame must be laid at the EU member countries.

As part of DSA regulatory oversight, each state was supposed to nominate and empower a so-called Digital Services Coordinator, or local regulator, who could front the new rules within individual countries. Yet through a combination of policymaking inertia, political infighting and, in some cases, a lack of public funding, several countries like Poland, the Czech Republic and even France dragged their feet in passing national legislation to give these regulators the power to act.

Without domestic agencies responding to national concerns related to the DSA, citizens have been reliant on the European Commission — whose mandate includes direct oversight of the most popular digital services — to come to their aid. Other options, including DSA-mandate out-of-court settlement dispute bodies and citizens’ private enforcement efforts, have yet to have much impact.

That disconnect between citizens’ legitimate worries and the perception of Brussels not prioritizing national concerns has knocked the DSA’s credibility in parts of the 27-country bloc.

Within Brussels, the political winds have also shifted away from hard-nosed enforcement of the Continent’s digital rules toward promoting economic growth fueled by artificial intelligence. The name of the game is now economic competitiveness and deregulation — as outlined by a 2024 report from former Italian prime minister Mario Draghi.

The European Commission is still investigating potential DSA-related harms.

That includes probes started under former European Commissioner Thierry Breton, who used the rulebook to target high-profile platforms like X and TikTok. Subsequent investigations have focused on everything from the potential addictive design of social media giants to the inability of independent researchers to access company data in the name of transparency.

Yet as tensions have risen between Brussels and Washington, politicians have also waded into which DSA investigations should gain prominence. The European Commission denies it is holding back to appease the White House.

Under EU law, all enforcement actions are independent of political decisions. But under the regulatory quirks of the European Commission, the EU’s executive arm both writes and enforces bloc-spanning rules, giving senior politicians the ability to prioritize specific cases over others.

With Europe still reliant on the US for ongoing support to Ukraine in a four-year war with Russia, other policymaking priorities — including those related to digital — have taken a back seat. Brussels is also conscious of rhetoric from Washington about potential additional tariffs if the EU uses so-called non-tariff measures like regulatory enforcement under the DSA to target American tech giants.

So far, that threat has remained more bark than bite.

But, so far, the European Commission has publicly scolded more Chinese tech companies under the DSA than their larger US counterparts.

At some point, Brussels will have to choose either to pull the trigger on potential enforcement actions against some of Silicon Valley’s biggest names or admit that, for now, its digital rulebook must run secondary to the bloc’s wider reliance on the US.