The European Commission has announced preliminary findings that tech giants TikTok and Meta (owner of Facebook and Instagram) have breached Digital Services Act (DSA) transparency rules. This marks another significant step in the EU’s ongoing effort to rein in Big Tech under its landmark legislation.
The Alleged Violations
The core of the issue centers on data access for researchers. The Commission accuses both companies of failing to provide researchers with “adequate access” to public data on their platforms, an obligation clearly laid out in the DSA.
The preliminary findings suggest that both companies “may have put in place burdensome procedures and tools” for researchers to request data. This, the EU argues, often results in researchers getting “partial or unreliable data,” severely limiting their ability to conduct vital research—for instance, on whether users, including minors, are exposed to harmful or illegal content. The EU stresses that this access is crucial for public scrutiny of the technology’s potential physical or mental health impacts.
Additionally, the Commission specifically flagged Meta for potential breaches on both Instagram and Facebook, including failing to provide users with. Simple mechanisms to notify illegal content. Effective ways to challenge content moderation decisions.
Companies Push Back
Both Meta and TikTok have responded by disputing the preliminary findings and asserting their commitment to compliance:
Meta spokesperson Ben Walters stated they “disagree with any suggestion that we have breached the DSA.” He highlighted that Meta has already introduced changes to its content reporting, appeals process, and data access tools since the DSA took effect and is “confident that these solutions match what is required.”
TikTok emphasized its commitment to transparency and the contribution of researchers, noting it has already granted almost 1,000 research teams access to data via its tools. However, TikTok raised a serious concern, arguing that the requirements to ease data safeguards create “direct tension” between the DSA and the GDPR (General Data Protection Regulation). They urged regulators to “provide clarity”on how these conflicting obligations should be reconciled.
What’s Next and The High Stakes
The tech companies are now formally invited by the Commission to review the findings and submit a written response.
If these preliminary findings are upheld, the consequences could be severe. The Commission has the power to issue a non-compliance decision, which could carry a hefty fine of up to 6% of the company’s total worldwide annual turnover. For massive companies like Meta and ByteDance (TikTok’s owner), this fine could be an astronomical amount.
The EU has already shown a willingness to levy substantial penalties:
- Meta was recently hit with a €200 million fine under a related piece of legislation, the Digital Markets Act (DMA), concerning how users consented to data collection.
- TikTok faced a massive €530 million fine earlier this year from Ireland’s data protection authority over the transfer of user data to China.
This latest action under the DSA signals the EU’s unwavering resolve to use its powerful new laws to ensure Big Tech platforms operate with a level of transparency and accountability it deems necessary.
What are your thoughts on the tension between the DSA’s push for data transparency and GDPR’s data protection requirements raised by TikTok?
