• The European Commission has adopted a new delegated act under the Digital Services Act, granting vetted researchers access to internal data from major online platforms starting July 2, 2025.
  • Final guidelines to strengthen protections for minors online were released on July 14, 2025, mandating stringent privacy, safety, and security measures for child users.
  • The EU's assertive regulatory stance, emphasizing its sovereign right to oversee digital markets, is set to increase compliance costs for tech giants and may establish a new global benchmark for platform governance.

In a significant move that underscores its regulatory autonomy, the European Union has forcefully reaffirmed its sovereign right to regulate digital services, implementing key provisions of the Digital Services Act (DSA) this month. The latest actions demonstrate the bloc's expanding authority over the oversight and governance of online platforms, particularly those designated as Very Large Online Platforms and Search Engines (VLOPs and VLOSEs).

On July 2, the European Commission adopted a delegated act providing rules to grant vetted researchers access to internal data from major platforms. This measure, which targets companies like Meta, Google, Amazon, and TikTok, aims to support research into systemic risks, especially those affecting elections and public safety. "This is about understanding the digital ecosystem at a deeper level to protect our democratic processes," said an EU official familiar with the matter, who spoke on condition of anonymity because the discussions are private.

The regulatory push continued on July 14 with the release of final guidelines designed to strengthen protections for minors online. These guidelines require platforms to implement stringent privacy, safety, and security measures for child users and will serve as benchmarks for compliance assessments by regulators. Companies must now adopt uniform reporting templates and align their data collection and transparency practices, with harmonized reports due in early 2026.

This assertive stance is part of a broader EU policy designed to safeguard fundamental rights online and curb monopolistic practices, occasionally causing tension with the US and other governments advocating for lighter-touch approaches. The DSA, which replaces the earlier E-Commerce Directive, marks a decisive shift from industry self-regulation to proactive state oversight.

While the regulations aim to establish a level playing field for businesses and foster competition within the EU digital market, they are expected to significantly increase compliance costs for global tech firms. The requirement for greater transparency could impact market strategies and profit margins, though it may also improve user trust and digital ecosystem integrity.

Attempts to reach several major tech companies for comment on the new requirements were unsuccessful. The new rules have sparked debate among stakeholders about privacy, academic independence, and potential costs to innovation, even as they aim to improve online safety and combat illegal content.

In the short term, tech companies must rapidly adapt to these new compliance regimes and possibly adjust business practices within the EU. Looking ahead, the EU's model may become the global benchmark for regulating digital platforms, with other jurisdictions already considering similar obligations. Parallel regulatory efforts are underway in the UK under its Online Safety Act, with policymakers worldwide watching the EU's outcomes as potential precedent for future digital regulation.