Many of America’s largest technology firms have their European headquarters in Dublin.
Arthur Vidak Nurfota | Getty Images
The new EU rules, which force Big Tech to more aggressively monitor online content, will be implemented directly by the European Commission, which experts say will reduce Ireland’s role in overseeing the digital giants in the region.
Since 2018, the Irish Data Protection Commission has been the main privacy watchdog that oversees such parent companies Facebook Meta and Google under the European Union’s General Data Protection Regulation, which aims to give consumers more control over their data.
This is because many of the largest US technology firms, including Meta, Google and Microsoft, have chosen Dublin for their European headquarters, in large part because of Ireland’s favorable tax regime.
But the Irish DPC has for years faced criticism for slowly conducting serious privacy investigations and for not imposing many substantial fines.
“Ireland remains a major obstacle to meeting the GDPR,” said CNBC’s Paul-Olivier Dechae, founder of Personal Data, a Swiss non-profit organization that focuses on online privacy.
For its part, the Irish DPC said such criticism was incomplete and out of context.
However, with the recently approved Digital Services Act Ireland will no longer be at the center of the EU’s big technology fight. Along with Brussels ’new antitrust base, the Digital Markets Act, the rules represent the most significant Internet policy reforms in the bloc’s history.
The DSA, which is expected to take effect by 2024, will require large online platforms to quickly remove illegal material such as hate speech or child sexual abuse material, otherwise facing a multibillion-dollar fine.
How did we get here?
The original text of the DSA gave the authorities of individual member states the opportunity to punish the largest online platforms headquartered in these countries for violations.
But EU members have refused to do so, worried that it could lead to delays in implementation. Eventually, the European Commission – the EU’s executive body – was given the power to comply instead.
“We warned the government about this a year ago,” Johnny Ryan, a senior fellow at the Irish Civil Liberties Council, told CNBC. “It’s been clearly marked for a long time.”
Companies that violate the new rules face possible fines of up to 6% of their global annual revenue. For a company like Meta, that could mean a fine of up to $ 7 billion. This is actually lower than the maximum 10% of fines to be enforced under the GDPR.
The problem is that enforcing such large fines means the risk of encountering costly returns from technology companies. Critics, from EU officials to supporters of confidentiality, say Ireland’s DPC is ill-prepared to deal with such a setback. According to the ICCL, since the entry into force of the GDPR DPC has ruled in only 2% of cases in the EU.
A DPC spokesman said: “I would like to note that we have recently published three separate reports, namely our annual report for 2021, the report on cross-border complaints under the GDPR and the independent audit report conducted by our internal auditors, all of which demonstrate that the Irish DPC is clearly complying in terms of applying the GDPR ”.
So far, more than 1 billion euros in fines have been imposed since the entry into force of the GDPR. The largest was last year from the Luxembourg Data Control Service, which fined Amazon 746 million euros for violating the rules of the bloc.
Ireland could be the center of the world. It could be a superregulator.
Senior Research Fellow, Irish Civil Liberties Council
Ireland’s fine of 225 million GDPR against WhatsApp became the second largest. Both companies are appealing the relevant decisions.
The Irish government has insisted that the country will “play a crucial role” in implementing the DSA.
“The DSA provides a network of national authorities and the European Commission that work together, share information and conduct joint investigations,” a spokesman for the Department of Entrepreneurship, Trade and Employment told CNBC.
While the Commission will act as the main executive body for “systemic” companies like Meta and Google, which have millions of users across the bloc, Ireland and other EU countries “will be responsible for all other commitments in the DSA,” he added. spokesperson.
Owen Bennett, Mozilla’s senior public policy manager, said the development was a “turning point” for oversight of big technology in the EU.
“Ireland has for years been the de facto European regulator for almost all major technology companies,” Bennett told CNBC. “The DSA is setting a new precedent for centralizing control of big technology in Brussels, not Dublin.”
“I would be surprised if this does not become a trend in the coming years, when the European Commission will take a more prominent role in enforcing the rules against big technology.”
The European Commission will also be the only executor of the Digital Markets Act, which seeks to prevent so-called Internet “guards” from harming competition. For example, Google will be prohibited from preferring its services to a competing search engine.
Under the DMA, firms can be fined up to 10% of their global annual turnover for breaking the rules. This can rise to 20% with repeated violations.
“Ireland could be the center of the world,” Ryan said. “It could be a super-regulator, a super-performer – basically a decision-making center for these companies.”
– Unfortunately, this will not happen.
The EU has become a leader in introducing new digital rules, and now the governments of the US, UK and other countries are trying to catch up.
In Washington, the administration of President Joe Biden has invited prominent critics of big technology to lead antitrust crackdowns on companies, while in the UK the government of Prime Minister Boris Johnson is pursuing its own iconic digital reforms.