European Society in the Digital Sphere
Are Red Lines Enough?
The judgment in Commission v Hungary facilitates European society in a negative, boundary-setting sense: it identifies what cannot be accommodated within the European framework of shared values. EU digital regulation, by contrast, facilitates European society in a positive, practice-structuring sense: it translates its values into everyday regulatory duties, procedures, and institutional practices, across new levels and with the participation of a broader range of actors. Responding to the challenges that new technologies and the emergence of digital society have posed to law, EU digital regulation seeks to occupy the space of constitutional practice between legislation and constitutional adjudication.
In my intervention, I aim to do three things. First, I briefly address the judgment in Commission v Hungary and logic of the red lines adopted in it; I do not discuss it at length, as other contributions to the symposium already analyse it in detail. Second, I show how digital regulation can facilitate the circulation of the values underpinning European society and contribute to its emergence. Third, I identify the obstacles to building shared European values in the digital sphere, while also showing how specific legislative solutions may help to mitigate those obstacles especially introducing new forms of participation and legitimation.
Beyond Red Lines: European Society in the Digital Sphere
The debate surrounding Commission v Hungary has largely focused on the constitutional dimension of European values and the identification of constitutional red lines. This represents an important and symbolic aspect of the European Union’s ongoing transformation, marking a turning point in how European integration is understood through the lens of European society. At the same time, however, this red-lines logic developed in Commission v Hungary can only be deployed in exceptional circumstances involving particularly manifest and serious breaches (para 556).
The logic of red lines is ill-suited to address certain categories of fundamental rights violations that affect the values underpinning European society more broadly. This is particularly true in areas where restrictions are not obvious but emerge gradually over time. Privacy and autonomy provide useful examples. In the age of Big Tech, both may be eroded incrementally through data-driven business models, algorithmic decision-making, and network effects associated with social media platforms. In such cases, no single instance of data processing may significantly affect an individual’s legal position. Yet the cumulative effect of countless small interferences may substantially diminish the quality of life and, ultimately, even affect constitutionally protected values such as human dignity, equality, participation in public discourse or health. It is also significantly harder to identify a clear red line where European values are affected not by a Member State openly departing from Article 2 TEU, but by private actors and business models that are, at least to some extent, themselves protected by EU law.
Operationalising European Values in the Digital Sphere
The debate on a European society based on the values enshrined in Article 2 TEU is an attempt to conceptualise the transformation of EU law from a predominantly economic project into a value-based legal order. Several developments in EU law now make it increasingly difficult to identify a single dominant logic of European integration. The EU can be seen as a project in transition, in which traditional approaches centred on the governance of the internal market continue to constitute an important undercurrent of the system, while a new normative framework is increasingly being layered upon them through the introduction of public-law frameworks grounded in constitutional values. Digital regulation is a particularly revealing example of this overlap.
EU digital law comprises a broad and internally diverse body of instruments, including, but not limited to, the General Data Protection Regulation (GDPR), the Digital Services Act (DSA), the Artificial Intelligence Act (AI Act), and the emerging data governance framework, including the Data Act, the Data Governance Act and European data spaces. In my view, this regulatory framework supports the values underpinning European society in a way that complements the perspective of red lines found in Commission v Hungary. This complementarity is already suggested by the decision itself, where Article 2 TEU and the EU Charter appeared alongside sectoral instruments concerning, inter alia, information society services, and data protection. Digital regulation operationalises the Union’s constitutional commitments within the digital sphere. Many of these commitments are closely linked to the values enshrined in Article 2 TEU and find more concrete expression in the EU Charter and secondary legislation.
Proponents of European society have identified several threats, such as the migration crisis, the rule-of-law crisis, climate change, or the pandemic, which make shared values visible, contested, and subject to institutional operationalisation. To explain society building in the digital sphere, I will use sector specific lens of digital constitutionalism, which shares the emphasis on value-based foundations of EU law, and helps to conceptualise one of these threats: the “digital revolution”, understood as a crisis resulting from the development of new technologies and the platformisation of the digital public sphere. Together, those phenomena create asymmetries of power between providers, public authorities, and users of information society services. These conflicts prompted the EU, in line with European values, to address the dominance of Big Tech companies, which, from a geopolitical perspective, are embedded in a different paradigm of value and rights protection.
What can a digital constitutionalism perspective add to the discourse of European society? Of course, there is no fully settled understanding of digital constitutionalism. It is sometimes described as a utopian vision that seeks to replace the logic of the market with the logic of constitutional law. In this context, however, digital constitutionalism can be understood by placing the European Union at the centre of the analysis, as a legal order that develops legislative frameworks and regulatory choices based on values. From this perspective, digital constitutionalism can be understood as a normative framework for responding to the fact that the conditions for the exercise of fundamental rights, participation in public discourse, and social interaction online, are increasingly shaped by private actors within digital infrastructures. In this sense, it provides a normative orientation for regulating the market according to a logic of values important for European society, with concrete implications for individuals’ ability to participate in public debate, engage in social life online, and develop their personalities.
Embedding values into digital law takes place at different levels: in substantive law, in procedural law, and in the strengthening and reorientation of supervisory structures. The substantive dimension can be seen in the value saturation of regulation: from the logic of the GDPR, which requires the impact of data processing on individual rights to be assessed, to the obligations imposed by DSA on VLOPs and VLOSEs to assess risks to, inter alia, fundamental rights, human dignity, civic discourse and electoral processes. The procedural dimension is reflected, among other things, in the incorporation of condensed and operationalised forms of proportionality reasoning into regulatory frameworks. The GDPR is a clear example: it translates elements of proportionality analysis into more concrete principles, such as purpose limitation, data minimisation, storage limitation, and accountability. Supervisory structures, in turn, consist of broad, multilevel networks that go beyond mere compliance and shape standards through, among others, consultative, educational, and guidance-oriented activities. In this sense, EU digital regulation can be understood as part of the legal infrastructure of European society in the digital sphere: it translates abstract values into everyday practices.
Overcoming Obstacles to Value Circulation in Digital Regulation
Introducing European values into digital regulation, however, is not a frictionless process. It raises at least three tensions: the legal bases on which digital regulation rests, the technical and compliance-oriented forms through which values are operationalised, and the capacity of those frameworks to activate broader social processes.
The first tension is the rather wonky legal basis. European digital law is mainly built on two legal foundations: Article 114 TFEU, which concerns the establishment and functioning of the internal market, and, where personal data are concerned, Article 16 TFEU. Data protection law is often regarded as the cornerstone upon which EU digital regulation is built, not in the sense of priority of application, but in the broader sense of providing a blueprint for regulatory logics and their interplay with constitutional values. Data protection law is also one of the main legal forms through which privacy is protected. Privacy is an instrumental value deeply connected with other values, such as dignity, equality, freedom of expression, and democracy. This broader normative logic is visible in the GDPR itself, which does not treat data processing as a merely technical operation, but repeatedly links it to the rights and freedoms of natural persons. The application of data protection law may therefore inject a stronger normative component into digital regulation. Nevertheless, regulations such as the DSA and the Data Act do not rely on that legal basis at all. This raises the question of whether this growing gap between limited legal bases and the increasing constitutionalisation of digital regulation needs to be addressed in order to ease tensions between EU-level regulatory choices and Member States’ autonomy.
The second tension lies in the complexity of digital regulation itself. Some of the processes through which normative standards are formed take place in highly technical settings. Since values are often translated into procedural and compliance-oriented obligations, actors who are effectively required to assess the proportionality and fundamental-rights impact of their conduct may not perceive this as value-balancing or constitutional reasoning. Rather, they may experience it as another layer of compliance management, risk assessment, or consumer-protection regulation. This won’t completely stop integration through digital regulation but it may hinder the engagement of important actors, on which co-regulatory logic relies on.
The third tension concerns whether these technical and institutional frameworks can generate broader social legitimation. Digital regulation involves many non-majoritarian bodies, but it also opens alternative channels through which regulatory choices may be exposed to public scrutiny and participation. These include creating conditions for researchers to study the functioning of online platforms, incorporating selected social actors into the regulatory system, for example in the form of trusted flaggers, and imposing broad transparency and reporting obligations on actors participating in co-regulation.
Moreover, a multilevel enforcement system, and especially supervisory authorities in EU digital regulation, such as data protection authorities and digital services coordinators, are often created by design as facilitators of value-based regulatory practice. Their mandate includes not only enforcement, but also guidance, consultation, education, dialogue with stakeholders, and, together with the European Commission, the dynamic interpretation of normative standards. This shows a contrast with, for example, constitutional courts, which engage with similar normative dimensions primarily through adjudication, by resolving conflicts between values and specifying the limits of fundamental rights. They may, of course, also contribute to public debate and constitutional education, but overly intensive activity in this respect is often associated with accusations of activism, overstepping their competences, or undermining the authority of the court.
This picture remains provisional. Most of these regulatory frameworks, with the exception of the GDPR, are still being implemented, while growing calls to reduce regulatory and administrative burdens may affect their future development. The full picture will therefore only become visible in several years. If the EU experiment in digital constitutionalism succeeds, the coming years may show whether digital regulation can become one of the ordinary infrastructures through which European society is sustained from within.




