The EU is entering the homestretch of negotiations on the Digital Services Act, which promises to change how big platforms work in order to better protect the rights of European citizens. But if certain proposals by the European Parliament are not included in the final text, the DSA could fail to achieve its most fundamental aim.
When the European Commission first proposed the Digital Services Act in December 2020, Executive Vice-President Margrethe Vestager promised that the new regulation would “put order into chaos” by reining in Big Tech’s power and setting new safeguards to protect the fundamental rights of European citizens.
More than a year later, we are about to see if the EU is as wise in deeds as it is in words. The three bodies involved in the EU legislative process — the Commission, the Council of the European Union and the European Parliament — are set to meet in trilogue sessions in the coming weeks to finalize the DSA. If certain proposals of the Parliament are not agreed by the parties, the fundamental rights of European citizens will not be adequately protected and chaos may continue to reign.
The first of these is Article 13a, which would prohibit the use of so-called dark patterns — techniques that attempt to trick users into doing things they wouldn’t otherwise do. They include everything from intentionally complex consent processes to “privacy zuckering” and are often used to trick users into unknowingly agreeing to let Big Tech take and use their sensitive personal information. Article 13a would end these dark patterns and allow people to make truly informed choices about how and with whom they wish to share their data.
Another critical proposal made by MEPs is to strengthen Article 24, which regulates targeted online advertising. The current online advertising industry is built around harvesting people’s personal data, like age, location, religion, political leanings, and even sexual orientation, in order to tailor advertisements to each user. Most often, people do not knowingly consent to this data harvesting, making it a clear violation of their privacy and the General Data Protection Regulation.
Although MEPs did not agree to ban all targeted advertising, they did agree on a proposal that would forbid the use of sensitive personal data, such as political and religious beliefs and sexual orientation. This would go a long way to protecting the privacy of all Europeans, and especially those who already face persecution and discrimination, like LGBTQI+ people.
It would also protect our democratic process. Harvested personal data is used to manipulate public debate, amplify harmful content and sow division in society. It is used to target people and usher them into echo chambers that perpetuate their existing biases and limit the rich and open public debate necessary for a strong and stable democracy.
And there’s another reason the EU should do away with targeted ads: most people don’t like them. A YouGov survey of 2,000 regular social media users in France and Germany found that 57% of them were against targeted ads of any kind, while another 26% said they were against targeted political ads. Owners of small and medium-sized businesses don’t want them either, with 69% saying they were uncomfortable with Big Tech’s practices but felt they had no choice but to advertise with them given their dominance over the industry.
MEPs added two more proposals, both to Article 7, that are essential to protecting internet users. One removes any obligation for “general and indiscriminate retention of personal data” and the other stipulates that there should be “no interference with providers’ offering of encrypted services.” These obligations significantly reduce the risk of data leaks, identity theft, online account break-ins, targeted surveillance and cyberattacks.
The DSA gives the EU the chance to fix this broken system. The mass data harvesting that sustains targeted advertising is a clear violation of people’s privacy, and it also creates an environment that keeps people in an information bubble, preventing them from making informed decisions, even hampering fair elections. Internet users don’t want to be targeted by these ads and SMEs — the lifeblood of Europe’s economy — don’t want to use them. What’s more, there are alternatives to targeted advertising, like contextual advertising, that can be equally profitable for advertisers.
This should be an easy choice for EU officials and Member States. After all, the primary purpose of the DSA is to check the power of Big Tech and make the internet a safer place for everyday users — to “put order into chaos.” Without adopting the proposals pushed for by the European Parliament, the DSA is at risk of being unable to achieve even its most fundamental aim. If that happens, it’s the fundamental rights of European citizens that will suffer the most.
Download the open letter from Liberties, EDRi and Amnesty International that was signed by 72 digital rights organisations and sent to national governments at EU Member States.
This op-ed was published on Euractiv.