There is no denying the European Union’s (EU) groundbreaking work in regulating tech. The 27-member Union has been elbow-deep in building policy around technology since 2016. In that year, it published the General Data Protection Regulation (GDPR), a defining data privacy and security law put into effect in 2018. It covers data protection, security, accountability, consent, and privacy rights. Thus, it attempts to give people more control over the processing of their personal data.

Subsequently, the EU introduced the Digital Services Act (DSA) and the Digital Market Act (DMA), a single package of rules. The former aims to systematise rules for regulating digital services, focusing on the role of intermediaries and online platforms. It also addresses online concerns like transparency, online advertising, and illegal content or hate speech. The latter seeks to foster competition and innovation in digital markets, defining criteria for large platforms (often called “gatekeeper” platforms). These platforms dominate the digital market and leverage their market share to inhibit smaller players from having an even playing field.

Recently, the Union has developed and adopted the world’s first comprehensive regulation on artificial intelligence (AI) — the EU AI Act. This act provides categories for different risk levels of AI applications, ranging from unacceptable to minimal risk. It also seeks to prohibit certain AI tools that threaten the privacy and freedom of citizens. Here, examples include:

• Untargeted scraping of facial images from the internet/CCTV footage to create facial recognition databases; or
• Tools engaging in social scoring or emotional recognition at diverse places.

While much has been discussed about the intricacies, value, and shortcomings of these regulations, the reason why the EU manages to pioneer in tech regulation remains a lesser-discussed topic. Below, I articulate possible reasons why the EU has managed to do so.

An Interested Citizenry

A 2019 survey demonstrates Europeans’ backing for regulating big tech. 74% of the respondents were interested in knowing how their data was used when they logged into other websites using their social media accounts. The role of this citizenry becomes even more relevant when we consider the EU’s massive technology consumers—over 450 million people in the Union are digitally engaged and thus can push for more proactive regulation in the domain. 

Another survey sheds more light on people’s perceptions of AI. In 2023, a striking 68% of Europeans want the government to regulate AI to protect jobs. Given the sudden proliferation of generative AI platforms in the last year, this number is a jump from 58% in 2022. In fact, 44% of Europeans put their trust in the EU to better regulate AI compared to their own countries.

Norm Setting in Regulation

An intriguing trend in the EU is the lack of European tech giants ruling the global tech market. While platforms like Spotify and Skype exist, they cannot be placed in the same league as Microsoft, Google, or Apple. Jeremy Ghez, an associate professor of economics at H.E.C. Paris, tells CNBC, “This is an expression of Europe’s geopolitical power in a world it wants to maintain some influence.”  

While the Union cannot yet be a global leader in tech innovation, it can build progressive regulation and set norms that hold international value. This has been a successful exercise, given that several countries look up to the GDPR for formulating their data protection laws, and the AI Act is a one-of-its-kind AI regulation.

Anti-Trust Enforcement

The lack of European tech giants in the global tech market leads to another inference. If the EU cannot build tech giants, it can hold sway over pre-existing ones through regulation. Through anti-trust laws, the EU seeks to minimise monopolistic practices and maximise fair competition within the tech landscape. Subsequently, regulations like the DSA and DMA construct the EU’s digital single market strategy.

The DMA, now entirely in force, necessitates 6 big-tech companies to transform their services in the Union. Very interestingly, 5 of these companies are American! Part of the American Congress deemed the law a “de facto discrimination against US firms and workers,” words that evidently explain that the EU is exerting influence over the tech industry and its giants through proactive regulation.

Moreover, Apple was recently fined €1.8 billion by the EU under provisions of the Treaty on the Functioning of the European Union (TFEU) and Article 54 of the European Economic Area Agreement. The fine was for unjustifiably preferring Apple Music over other music streaming apps like Spotify and inhibiting the latter from informing consumers about cheaper music subscriptions outside of the App Store. This is relevant because Apple charges a 30% commission when purchases are made through its App Store. Not only this, Apple has recently announced alterations to iOS, Safari, and the App Store to comply with the EU’s DMA. This is just one example of a tech giant being made to operate under the EU’s rules and regulations.

Conclusion

We often have elaborate discourses on what laws and regulations a government adopts. However, extending our notice to why they do so is equally crucial. Think of it this way: if a government adopted draconian and repressive tech laws, our first instinct would be to question why. So, when proactive regulation is made to protect citizens’ rights and freedoms, the question should not be ignored entirely. Tech is booming now more than ever. Generative AI, blockchain, quantum computing, metaverse, and whatnot. These technologies may look and sound complex today but can end up becoming ubiquitous in the near future. If such progress persists, the most educated guess on who will be the first to regulate them is…?