“The European Parliament has just made history by passing the landmark vote on the Digital Services Act. This can set the global standard for regulating Big Tech and protecting people online,” tweeted online activist network, Avaaz.

Rein Them In

After months of deliberation, the European Members of Parliament (MEPs) voted overwhelmingly to give initial approval to the wide-ranging regulations listed in the DSA.

Both Facebook and Google have recently started to improve their advertising and privacy practices, but experts believe the European legislation, if and when enacted into law, would hold them even more accountable.

The DSA covers a broad spectrum of areas, including increasing requirements on certain online mediums it refers to as very large online platforms (VLOPs). Among other provisions, it will require the platforms to be more aggressive in policing content, and introduce new restrictions on advertising, clamping down on dark patterns, and more.

According to Avaaz, one of the major changes the DSA seeks to introduce is to hold the platforms responsible for the harm caused by the viral spread of disinformation. 

Dr. Mathias Vermeulen, the Public Policy Director at data rights agency AWO, pointed out in a podcast that one of the most essential elements of the DSA is the provision that will compel the companies to hand over platform data to external auditors and independent researchers.

“Online platforms have become increasingly important in our daily life, bringing new opportunities, but also new risks,” observed Danish politician and MEP, Christel Schaldemose, in the European Parliament’s press release. “It is our duty to make sure that what is illegal offline is illegal online. We need to ensure that we put in place digital rules to the benefit of consumers and citizens.”

One Giant Leap

As the DSA now heads to the EU Council, the EU’s main decision-making body, for further debate and discussion, experts hope it gets the support it needs to set a precedent for lawmakers in the US, much like the EU’s General Data Protection Regulation (GDPR).

GDPR, which took effect in 2018, is one of the world’s strongest privacy laws and has influenced tech companies’ data collection practices around the globe. 

Tim Helming, security evangelist with DomainTools, told Lifewire in an email interview that it’s challenging to forecast DSA’s significance for American web users at this stage. However, he added that if the GDPR is any guide, the regulations will most likely have a positive impact. 

“[DSA] will not explicitly limit the scope to information pertaining to EU citizens, but rather leave the language broad, as it is described in the EU’s press release,” Helming pointed out.

He added that as the required changes are “somewhat broad and deep in scope,” it’s likely that the online platforms, to comply, would not limit the scope of the changes to EU citizens. 

“If that becomes the case, then these laws could make a meaningful dent in several categories of harmful online content, including misinformation, content exploiting minors, and illegal content or services,” shared Helming. 

Not So Fast

Of course, the DSA isn’t a law yet, and being a realist, Helming said that it’s fair to assume that the proposals won’t be adopted without a fight, as the platforms “make immense profits from techniques honed over years.” 

He added that if the scope of protection is not explicitly limited to EU citizens, there will most likely be attempts to clarify that Americans and other global citizens don’t fall under the limits of DSA’s protections to avoid penalties for continuing business as usual outside the EU. 

“Which is to say, the GDPR precedent may or may not be applicable, and if it is not, then it may be that little will change for the average American, at least unless or until similar regulations are adopted here,” opined Helming.