A statue holding the symbol of the Euro in front of the European Parliament building.
Photo: Mark Renders via Getty Images

It’s your last chance to shape Europe’s Big Tech crackdown

Protocol Policy

Hello and welcome to Protocol Policy! Today, we wander far from Capitol Hill and check in on Europe’s race to rein in Big Tech. Plus, Spotify finally responds to its critics, the push to crack down on app stores and the “electoral tsunami” headed toward Facebook.

All eyes on Europe

Between the antitrust thrust in Congress, privacy pushes in the states and a newly activist FTC, you could be forgiven for tuning out the big tech crackdown that’s barreling ahead in Europe.

But ignoring the EU's tech push now would be foolish. Because if you want to have a say in a new law that stands to change just about everything about how companies do business online in Europe — and potentially the rest of the world — the clock starts now.

  • Today marks the beginning of the end of negotiations over the Digital Services Act, a truly massive piece of legislation that will rewrite the rules of content moderation, targeted advertising and even user interface design in Europe.
  • Different versions of the legislation have already passed the European Commission, Parliament and Council. All that’s left now is to harmonize the drafts before it becomes law — likely before summer.

So what’s at stake? The future of online ads and web design for a start. The draft of the bill that passed Parliament earlier this month contains some new and forceful provisions that are still up for debate:

  • There’s an all-out ban on targeted advertising to minors, as well as a ban on targeted advertising based on sensitive categories like race and religion.
  • That draft also includes a ban on “dark patterns” for all online platforms. In the Council’s version, that ban would only apply to online marketplaces (which would still be big!).
  • Now, it’s all about compromise. “We came up with the Parliament’s list of priorities. They have come up with theirs,” Jana Gooth, a policy adviser at the European Parliament, told me last week. “We will be sitting there on Monday comparing these lists and seeing where each of them has their priorities.”

There’s also a lot that’s non-negotiable, and you need to start preparing now.

  • The DSA will create a lot more oversight of content moderation practices for “very large online platforms.” Just who qualifies as a very large online platform? That’s still being ironed out. But you can bet it includes Facebook, YouTube, Twitter and other dominant U.S.-based platforms.
  • Under the law, they’ll have to conduct annual risk assessments and audits, propose mitigation plans and more related to illegal and legal-but-problematic content on their platforms.
  • “So much of what tech companies care about is already in all three drafts,” said Daphne Keller, director of the Program on Platform Regulation at Stanford's Cyber Policy Center, who is also advising Pinterest on this law.

It’s not just big platforms that need to worry.

  • The law includes a laundry list of new requirements for almost all online platforms in Europe, including requiring them to appoint a legal representative in the EU and establishing a strict notice and action regime around illegal content.
  • “The kind of obligations Facebook and YouTube didn’t even come close to meeting until very late in their development will become obligatory on their smaller competitors very early in their growth,” Keller said.

Even if you don’t do business in Europe, you still need to watch how this all unfolds. Europe led the global privacy movement with GDPR. The DSA will likely be no different.

  • And that doesn’t even include Europe’s own antitrust push in the Digital Markets Act (which the Biden administration is reportedly trying to narrow) or its attempt to regulate artificial intelligence with the AI Act. But we’ll save those for another newsletter.

For all of Washington’s talk of a tech crackdown, it’s Europe that’s actually walking the walk. Ignore it at your peril.

— Issie Lapowsky (email | twitter)

In Washington

Developers are pushing senators to to regulate mobile app stores. The CEOs of 20 companies — including Spotify, Tile and others that have been key to apps’ resistance to Apple and Google — urged lawmakers to support the Open App Markets Act ahead of a planned markup on Wednesday. Apple and its allies have cast the bill, as well as antitrust legislation the committee moved forward in January, as rushed threats to security.

A bipartisan group of top senators is targeting Google with a bill aiming to prevent conflicts of interest in the online ad market. The draft bill seeks to address much of the conduct uncovered in a multistate competition lawsuit led by Texas. If passed, the measure could effectively result in the breakup of the company.

The FAA will let Verizon and AT&T expand C-band 5G deployments around airports. The agency said it used data provided by the wireless companies to more precisely determine areas where signal interference presents a risk to aviation.

The IRS is reportedly reconsidering that whole facial recognition thing. According to Bloomberg, the Treasury Department is looking into alternatives to ID.me, after its deal with the identity verification service prompted widespread backlash.


The numbers are in. Voters want new regulations harnessing the power of America’s tech sector, but there’s a wide gap between where they stand and the tech legislation in Congress. When asked about their top priorities for tech regulation:

  • Top Choice: Cybersecurity (35%)
  • Second Choice: Protecting data privacy (12%)

In the states

The FCC is sending more than $1.2 billion to 32 states through its Rural Digital Opportunity Fund. The funding will pay for broadband deployment by 23 different providers. The agency also said it will be stepping up audits of the program.

Waymo is suing the California DMV in an attempt to stop the agency from sharing data on self-driving vehicle crashes. Waymo says that the crash data should be treated as a trade secret. An anonymous entity had requested crash data from the California DMV, but the agency gave Waymo a chance to redact information. The anonymous entity challenged the redactions, kicking off this lawsuit.

On Protocol

Mobile game copycats could expose Apple and Google to legal risk,according to Protocol gaming reporter Nick Statt. Free-to-play copycats can be breeding grounds for fraud, scams and other security and privacy risks. Many slip under the radar of reviewers due to the volume of app store submissions.

AWS and Microsoft executives keep warning about the threat of China’s artificial intelligence ambitions, but that hasn’t stopped either company from growing its own AI and cloud projects there.

Around the world

Facebook is “not ready for the coming electoral tsunami,” the company’s former public policy director, Katie Harbath, wrote in an op-ed this weekend. Elections in France, Kenya, Australia, Brazil, the Philippines and the United States are all happening this year, which will require Facebook to “start planning now for how it will exponentially scale up people, products and partnerships to handle so many elections at once in 2022 and 2024,” Harbath wrote.

Russia may be stepping up efforts to ban what it considers to be “toxic” online content. Vladimir Putin’s crackdown on online speech already forced Apple and Google to pull an app associated with opposition leader Alexei Navalny from their stores last year. The country also hit both Google and Meta with multimillion-dollar fines last month over their failures to remove “banned” content.

Gay dating and hookup app Grindr has disappeared from Apple’s App Store in China. The country, which has nudged Apple into policing its app environment on behalf of Beijing’s priorities, is doubling down on online content ahead of the Winter Olympics, which begin Friday.


Autonomous vehicles can help the United States address issues of mobility, traffic safety, and climate change. Read the latest analysis on how AVs stand to benefit communities across the country.

Learn more

In the media, culture and metaverse

Meta has been offering employees a chance to “win swag” if they wear its AR glasses around and collect data using the glasses’ camera and sensors. As for the creepiness factor, according to The New York Times, employees are supposed to wear “research participant” T-shirts while wearing the glasses. That should do it.

Google stopped serving ads to Dan Bongino’s website after YouTube banned the controversial conservative commentator. Bongino had been a top target of the non-profit Check My Ads Institute, which aims to pressure not just advertisers but ad exchanges that fund hate speech and disinformation — and he seems to blame the group.

Spotify published its “long-standing” platform rules Sunday, as its stock price took a nosedive and artists including Neil Young and Joni Mitchell vowed to pull their music from the platform. CEO Daniel Ek tried to allay critics saying, “I want you to know that from the very first days of the pandemic, Spotify has been biased toward action.”

In the C-Suite

Mystery solved! Chris Lehane, former policy lead at Airbnb, confirmed he’s heading to Katie Haun’s new crypto fund KRH Partners. “I'm thrilled to announce I’m joining @katie_haun’s new firm as Chief Strategy Officer to help crypto & web3 startups as they seek to democratize the next gen of the internet,” Lehane wrote in a tweet.

Now that he’s out of office, former Manhattan DA Cy Vance will chairthe cybersecurity practice at the law firm Baker McKenzie. Vance, who helped launch an ongoing city probe into Trump’s real estate empire, apparently called cybercrime “a huge issue.”

Is this even legal?

You can trademark a color, but can you…blockchain it?

Thanks for reading — see you Wednesday.

Recent Issues