A few years ago, digital services were mainly subject to horizontal rules (i.e., rules that apply to all sectors of the economy), such as competition rules, consumer protection regulation, and data protection regulation. Until recently, these rules were not well-equipped to address the challenges posed by digital technologies. As regards sector-specific instruments, digital services were subject to light-touch regulation. For example, under the E-Commerce Directive, information society (i.e., digital) service providers were required to comply with some transparency obligations and benefitted from a safe harbour (whereby digital service providers that fall in scope are not liable for the content disseminated through their service unless they become aware of such illegality and act expeditiously to remove the content concerned). This light-touch regime may be attributed to a policy choice made several years ago that aimed to protect the openness of the Internet.
Well, times are changing. Horizontal rules have been undergoing a process of reform so that they adapt to the specificities of digital technologies. And several sector-specific instruments have been adopted (e.g., the DMA, the DSA, the AI Act, the EMFA, the UK DMCC Act, the UK Online Safety Act) in order to address concerns specific to digital technologies.
Against this backdrop, lawmakers and regulators are expected to pursue their mission in an increasingly complex environment. I recently had the opportunity to set out some of the challenges facing regulators (and proposals on how to overcome them) at a timely event co-organised by the OECD and the International Network for Digital Regulation Cooperation (INDRC). This blog post builds on my presentation at this event.
Challenges for lawmakers: Resolving tensions between digital regulations (before tensions arise)
Every new legislative instrument that is adopted does not apply in a vacuum; it interacts with other rules that (a) cover the same services and (b) potentially govern the same practices. For example, online platforms that fall under the scope of the DSA are also subject to the obligations and prohibitions established in the Unfair Commercial Practices Directive (UCPD). The DSA prevents online platforms from designing their online interfaces in a way that deceives or manipulates consumers, or in a way that otherwise materially distorts or impairs their ability to make free and informed decisions (Article 25). Similarly, the UCPD prohibits manipulative practices that materially distort the economic behaviour of an average consumer (see UCPD Guidance, Section 4.2.7.).
A clause stating that a law will apply “without prejudice to” (i.e., without detriment to any existing right or claim enshrined in) other pieces of legislation is not sufficient to address any potential tensions that may arise between the former and the latter. Taking the example of the DMA, there are cases where it may qualify as lex specialis, thereby prevailing over other rules (consider, for instance, the data portability provisions of the DMA and the GDPR). In other cases, based on the principle of supremacy of EU law, the DMA may override national rules that pursue different objectives (consider, for instance, the DMA obligation to apply non-discriminatory conditions to ranking and national media rules that require discriminatory ranking so that general interest content is easy to find). Moreover, it cannot be excluded that the implementation of the DMA may trigger the ne bis in idem principle in subsequent proceedings launched under competition rules (to the effect that these proceedings are discontinued). In such cases, a “without prejudice” clause is not capable of resolving any tension that may arise between two (or more) sets of rules; the Court of Justice of the EU (CJEU) will be called upon to do so. Yet, resolving such tensions could slow down enforcement initiatives in digital markets, which move at a fast pace.
In order to minimize conflict between different digital regulations, lawmakers should consider how a legislative initiative fits into the existing legal framework. This would ensure that the emerging regime reaches its full potential. A good example of this exercise is the Guidance on the UCPD, which sets out how it interacts with and complements other EU rules and self-regulation (see sections 1.2. and 1.3.).
Challenges for regulators: Developing a practice that considers the broader (regulatory) picture and reinforces regulatory cooperation
Considering the broader (regulatory) picture
Regulators whose remit involves digital markets are facing a convoluted regulatory environment, which requires them to consider how different sets of rules may inform their decision-making. There are two useful precedents that could guide regulators in relevant cases.
First, in Meta Platforms, the CJEU ruled that, in the context of examining whether an undertaking has abused its dominant position, competition authorities may need to examine whether that undertaking’s conduct complies with rules other than those relating to competition law, “such as the rules on the protection of personal data laid down by the GDPR” (see paragraph 48). The wording of the ruling suggests that competition authorities may consider the breach of regulation other than data protection regulation in order to assess infringements of competition rules.
Second, in a sequel of initiatives against Google concerning abusive practices vis-à-vis publishers, the French Autorité de la Concurrence (AdlC) fined Google after finding that Bard (now Gemini) had used content from publishers without proposing a technical solution that would enable them to opt out of the use of their content by Bard in a manner that would not affect the display of content protected by copyright on other Google services. According to the AdlC, this practice, which obstructed the publishers’ ability to negotiate remuneration for their copyright-protected content (which the Digital Single Market Copyright Directive protects), qualified as an abuse of dominance.
Critics of the approach adopted by the German competition authority (which triggered the Meta Platforms judgment) and the AdlC have argued that such administrative practice should be avoided to ensure that a competition authority does not encroach on the remit of other regulators. This argument misses the mark, for the cases under consideration are not about an agency interfering with the remit entrusted to others. These cases exemplify why enforcement initiatives (and the decisions resulting therefrom) should take account of the ever-evolving conditions of the markets (and matters) under scrutiny. The CJEU supports the approach whereby (competition) law enforcement is informed by market developments and the regulatory rules that govern such developments: “access to personal data and the fact that it is possible to process such data have become a significant parameter of competition between undertakings in the digital economy. Therefore, excluding the rules on the protection of personal data from [competition assessments] would disregard the reality of this economic development and would be liable to undermine the effectiveness of competition law within the European Union”. This should be a general principle guiding regulators (and not just competition authorities).
Reinforcing digital regulation cooperation within the same jurisdiction
To be able to consider the broader (regulatory) context in which they are expected to pursue their mission, regulators should cooperate in a systematic manner. Such cooperation would arguably achieve a two-fold objective: (a) through technical expert dialogues, joint training of technical staff, and sharing of best practices, cooperation would enable regulators to deepen their expertise and deliver informed decisions, and (b) it would facilitate task allocation and prevent conflicting outcomes.
As regards (a), several jurisdictions have recently undertaken initiatives to reinforce cooperation between regulators whose remit involves digital services. For example, in the UK, the Digital Regulation Cooperation Forum (DRCF) was established to ensure “coherent, informed and responsive regulation of the UK digital economy”. The DRCF comprises the Competition and Markets Authority (CMA), the Financial Conduct Authority (FCA), the Information Commissioner’s Office (ICO) and Ofcom. Similar initiatives have recently emerged in other jurisdictions, including Australia, the Netherlands, and Ireland.
As regards (b), the Meta Platforms judgment provides useful guidance on how to respect each regulator’s remit and on how to prevent conflicting decisions. Concretely, the CJEU (see paragraphs 54 and following) distinguishes between three different scenarios:
- If a decision has been adopted by the regulator, the competition authority cannot depart from it;
- Where there is no decision, the competition authority must reach out to the regulator. If the regulator has an ongoing case, the competition authority must at least get its input, and may even determine to stay proceedings until the regulator adopts its decision;
- In the absence of any objection on the regulator’s part or of any reply within a reasonable time, the competition authority may continue its own investigation.
The first two scenarios concern the duty of sincere cooperation and the need for ensuring the consistent interpretation of EU law. The third scenario, which is a manifestation of the principle of good administration, may have significant implications for future cases: the CJEU clearly opens the door to agencies addressing regulatory law infringements (within their own remit) where regulators may not have the resources, or the willingness to pursue a case.
In Meta Platforms, the CJEU ruled on the relationship between competition law and data protection regulation because this was the subject-matter of the proceedings. However, the principles set by the judgment are sensible enough to serve as a blueprint for digital regulation cooperation within any given jurisdiction (in the EU and beyond).
Reinforcing digital regulation cooperation between different jurisdictions
Digital regulation regimes are still emerging and the rules that will be adopted in the coming years are likely to vary from jurisdiction to jurisdiction, reflecting different legal traditions and policy choices. Moreover, even though the EU is currently leading on matters of digital regulation, it is too soon to tell whether the EU digital acquis will produce a “Brussels effect”.
However, broadly speaking, the problems that digital regulation attempts to solve are not specific to a given jurisdiction. Challenges such as the spread of misinformation, unfair B2C or B2B practices, and lack of transparency that skews consumption/voting/business decisions are global. Most of the companies that pose these challenges also have a global footprint.
International digital regulatory cooperation is key to addressing cross-border challenges such as those discussed above. Initiatives that should inspire more coordination efforts in this area include the International Network for Digital Regulation Cooperation (INDRC), which fosters discussion between regulators on matters of coherence across digital regimes, and gather insights into how different jurisdictions are approaching domestic regulatory coherence. The INDRC works closely with the OECD (see e.g., here) for the purposes of knowledge sharing, and practical cooperation on emerging areas of regulatory concern.
Another initiative that is worth referring to is the administrative agreement between the European Commission and Ofcom which was signed in May 2024, and which seeks to support the Commission’s and Ofcom’s supervisory work on online platforms, the DSA and the Online Safety Act respectively. The cooperation will be carried out through e.g., technical expert dialogues, sharing of best practices, joint studies and coordinated research projects.
In sum, despite the fact that the emerging digital regulation regime adds to the complexity of the issues facing regulators (e.g., data protection authorities, telecoms and media regulators, financial services regulators, competition authorities), recent case law and cooperation initiatives pave the way for a more coherent (global) framework and more informed decisions. Companies active in these fields need to plan their regulatory engagement strategies carefully.