Independence as a Desideratum

A recent report claiming that EU tech regulation has entered the ongoing trade negotiations with the U.S. has sparked fears that enforcement of the Digital Services Act (DSA) might be halted altogether. Although the DSA only came into full effect in February 2024, the European Commission’s subsequent enforcement has already showcased conflicts regarding its role as an autonomous political and administrative enforcement body. Considering the potential impact of the DSA on online communication, the Commission’s current role in DSA enforcement raises serious concerns. This calls for a search for alternative models of DSA enforcement. Three options present themselves.

A discrepancy in the DSA enforcement system

Art. 1(1) DSA explicitly states that ensuring a “safe, predictable, and trustworthy online environment” requires the regulation of online platforms. This, in turn, demands proper law enforcement that is both effective and appropriate. Considering the potential impact of the DSA on online communication and the subsequent effects on fundamental rights, it is particularly important to shield all DSA enforcement processes from pressure from political or interest groups to ensure independent decision-making. Accordingly, Art. 50(2) DSA mandates the “complete independence” of the national authorities responsible for enforcing the DSA (Digital Services Coordinators).

The DSA, however, does not impose similar requirements on the European Commission, which is mainly responsible for overseeing very large online platforms (VLOPs) under Art. 56(2, 3) DSA. This distinction is notable, not only because direct enforcement of EU law by the Commission has generally been an exception, (see here, p. 404), or because the internally responsible Directorate-General for the DSA – DG Connect – lacked the necessary enforcement expertise at the time of the framework’s passing. What’s striking is that the Commission – despite being a politically embedded (Art. 17(7) TEU) and controlled (Art. 17(8) TEU, 234 TFEU) authority, and the Union’s agenda-setting “gatekeeper” by virtue of its initiative monopoly (Art. 17(2) TEU; see here, p. 227ff.) –, is responsible for enforcing the DSA. Though based on the internal market competence of Art. 114 TFEU, the DSA significantly touches upon the digital spaces where much of today’s online communication takes place (see here, p. 609f.).

As a political actor, the Commission is naturally judged by its political successes; but it also has to navigate competing policy objectives. Both dynamics are likely to have negative implications for DSA enforcement. Since the Commission operates based on the principle of collegiality, even administrative decisions made at the bureaucratic level must be presented to the College of Commissioners if they are of importance or political sensitivity – such as adopting non-compliance decisions pursuant to Art. 73 DSA regarding non-EU VLOPs. The early enforcement phase of the DSA by the Commission stresses these concerns, as signs of over- as well as under-regulation have already become evident. This is not least harmful to the legitimacy of the EU, which is based on the rule of law (Art. 2 TEU).

Reflecting on the Commission’s initial DSA enforcement

The initial phase of enforcement showed signs of over-regulation. This was best exemplified by Thierry Breton, the former Commissioner for Internal Market (2019-2024). He was responsible for overseeing the early enforcement of the DSA by the Commission. In this role, he gained particular attention through his open letters concerning online platforms such as X. The content of these letters often left unclear whether he was speaking as a politician or a regulator. Since an international online platform company like X typically provides a globally standardized single product that facilitates communication across continents and legal systems (see here, p. 607), the DSA could be used as an instrument to regulate processes on platforms that primarily or entirely concern non-EU countries. When an interview between Trump and Musk was announced as part of an U.S. election campaign, available worldwide through a livestream on  X, Breton attempted to intervene by posting a public letter addressed to Musk. Emphasising X’s legal obligations to comply with the DSA, he warned Musk about the consequences of disseminating “harmful content” with “potential spillovers in the EU”. This was met with criticism of “electoral interference”, and even prompted a response from multiple civil society organisations calling on Breton to “stop politicising the Digital Services Act”.

Conversely, ever since the beginning of Trump’s second presidency and the subsequent shift of the political landscape in the U.S. – where most VLOPs are based – there have been concerns over potential under-regulation regarding the DSA’s enforcement. The DSA had already became a political target during the U.S. election campaign, to such an extent that the future Vice-President of Trump suggested withdrawing U.S. NATO support over the regulation of X by the EU. Consequently, in the aftermath of the U.S. elections, members of the European Parliament expressed concern that the Commission “may back off from tough enforcement of rules that regulate social media […] for fear of retaliation” from Trump. Since its inauguration, the new U.S. administration has only escalated the political pressure exerted on the EU over the DSA: Denouncing the regulation as “censorship”, threatening to launch tariff attacks as the DSA “will face scrutiny from the Administration”, or even announcing the restriction of visas for foreign nationals “who censor Americans”. This very likely means EU officials enforcing the DSA.

The concerns expressed by members of the European parliament now seem to have materialized. The Commission’s ongoing investigation into Musk’s X, who played a significant role in the new U.S. administration, suggests that DSA enforcement has indeed been swayed by political pressure. The formal proceedings appear to be influenced by unrelated considerations. The Commission is reportedly contemplating “the risks of further antagonizing Mr. Trump amid wider trans-Atlantic disputes over trade, tariffs and the war in Ukraine” when determining the extent of fines imposed for DSA violations. Other parts of tech-regulation have also already seen signs of a “de-regulatory turn” by the European Commission, and so future scenarios in which the Commission might “sacrifice the Digital Services Act” for political expediency appear increasingly plausible. The Digital Markets Act (DMA), considered the “sister” of the DSA and solely enforced by the Commission, is reportedly already part of ongoing U.S.-EU trade negotiations. Although the Commission denies these claims, this development sparks concerns over the effectiveness of this regulation.

The changing role of the Commission

Given the discussions about both over- and under-regulation, it is important to note that even the Commission itself did not originally intend to assume the significant role of primarily regulating VLOPs, which it now fulfils under Art. 56(2,3) DSA. Instead, under Art. 40(1) of the initial proposal for the DSA by the Commission in 2020, it was the national Digital Services Coordinators that were, among other responsibilities, primarily in charge of supervising and enforcing the DSA obligations for VLOPs to manage systemic risks (Chapter III, Section 4). Subsequently, the Commission took on a backseat role pursuant to Art. 50 and 51 of the proposal, only potentially getting involved when a VLOP was suspected or found to have violated the aforementioned DSA regulations.

The current version of the DSA thus reflects amendments made later in the legislative process. Member states assigned the Commission to “have exclusive powers for the supervision and enforcement of the obligations applicable to [VLOPs]” in Art. 44a(1a) of the 2021 DSA proposal by the Council of the European Union. They were possibly motivated by efforts to ensure an adequate counterpart to the economic power VLOPs possess or to prevent a “regulatory capture” of national authorities as experienced in enforcement of the GDPR (see here, Art. 56, ref. 15). As noted, however, the tension between the political and regulatory objectives within the Commission causes a new kind of enforcement concern. In light of the DSA’s far-reaching implications for online communication, what is needed going forward is an enforcement body that is sufficiently independent from political pressure – accountable for its actions but not dependent on political successes. The protection of the relevant fundamental rights (e.g., Art. 11 CFR in relation to Art. 10 ECHR) that the DSA aims for pursuant to Art. 1(1) should not become subject to the whims of international politics as a result of biased enforcement.

Alternatives to guarantee independent DSA enforcement

Retaining the general enforcement structure of the DSA while assigning the role of the Commission to an enforcement body free from political pressure gives rise to three possible options: keeping the current DSA enforcement team within the Commission in charge while adding safeguards to ensure sufficient independence, establishing a new Regulatory European Agency, or creating a new independent body at the EU level.

The first option of additional safeguards has the benefit of building on the experience already gained from enforcing the DSA and may not require any changes to the text of the DSA itself. However, it raises the question of how to ensure sufficient independence of an enforcement team within the Commission. Potential sources of inspiration could be drawn from Eurostat, the statistical office of the EU, or OLAF, the European Anti-Fraud Office, as both entities are established within the Commission yet considered independent in certain respects. In order to ensure the professional independence of Eurostat, for example, correspondent safeguards are implemented with Art. 2(1)(a), 6(2) of Regulation (EC) No. 223/2009 and the first core principle of the European Statistics Code of Practice. Furthermore, Art. 6a(3) of Regulation (EC) No. 223/2009 also protects the Eurostat Director-General, although they are selected and appointed by the Commission, from seeking or taking instructions from other institutions or bodies when performing certain statistical tasks. At the same time, Eurostat remains accountable through mechanisms such as parliamentary oversight pursuant to Art. 6a(4) of Regulation (EC) No. 223/2009, which contributes to the legitimacy of the Commission; it is part of the broader European statistical framework System, which also encompasses peer reviews of Eurostat, and judicial review through the European Court of Justice. As long as DSA enforcement remains within the Commission itself, however, there remains a risk that political pressure could be exerted through other internal means (e.g., hiring or firing personnel, budget decisions). While Eurostat and OLAF may serve as possible blueprints for implementation, their unique positions within the Commission are strengthened by their respective connections to EU primary law (Art. 338(2), 325 TFEU) – a legal anchor that a DSA enforcement body would lack.

A second option would be establishing a new Regulatory European Agency through EU secondary law, responsible for enforcing the DSA instead of the Commission. This option, which the European Parliament also considered (e.g. during a 2020 resolution), relies on a type of decentralized EU body that has been increasingly used over the past decades and incorporates varying levels of formal independence. The establishment of a Regulatory European Agency has also been recommended regarding the Commission’s problematic role in independent DMA enforcement, given its benefits like increased flexibility, more options for participation by Member States, and greater spatial autonomy (see here, p. 433, 309ff.). Moving DSA enforcement out of the Commission may likely result in an increase of systemic independence but it might impact ongoing procedures during the transitional period, with previously accrued expertise potentially to be lost as well. But establishing a European Regulatory Agency could prove to be extremely efficient in the long-run: in its objectives, structure, and staffing, it is wholly designed for the purpose of DSA enforcement. Nonetheless, the accountability and legitimacy of European Regulatory Agencies remain subjects of ongoing academic debate. Delegating this task also raises significant legal challenges. As the DSA grants the Commission a range of powers – from adopting non-compliance decisions to issuing certain implementing or delegated acts – the principles of the ECJs (modified) “Meroni doctrine” must be considered in particular, which serves as a limit for the permissible delegation of decision-making powers.

Finally, an entirely new independent body could be established on the EU level to enforce the DSA in the Commission’s stead, drawing inspirations from institutions such as the European Central Bank. Notably, the European Parliament also considered this option during a legislative initiative process on the DSA, with one committee draft report supporting “the creation of an independent EU body to exercise effective oversight of compliance with the applicable rules”. Compared to the previous options, establishing an entirely new independent body on the EU level notably offers most freedom of design in ensuring independence. This freedom comes at the price of a comparatively higher legislative effort, however. Also, the wide range of possible design choices offers no guarantee of increased independence. Rather, the option functions as an institutional “wildcard” – one that opens the door to many potential approaches to legitimacy, accountability and dimensions of independence that may or may not be in favour of the intended change in DSA enforcement. But because of its range of possibilities, it also should not be dismissed too early. Considering the ever-increasing role of communication on VLOPs, the unusual decision to enforce the regulation at the EU level may likewise call for an equally unorthodox choice of enforcement authority.

While the need for independent DSA enforcement calls for changes in the current role of the Commission, alternative options preserving the broader enforcement framework of the DSA do exist. Although immediate changes are not feasible, considering the previously outlined discussions toward over- and under-regulation, this contribution may serve as an initial step toward a necessary debate on independent DSA enforcement at the EU level.

The authors are researching the topic of this blog post as part of the DSA Research Network, which is funded by Stiftung Mercator.