Don't Let E.U. Bureaucrats Design Americans' Tech

For years, iPhone users have been saddled with an unusual feature: The popular Apple smartphone used a proprietary cable, called the Lightning cable, for charging.

By the 2020s, most manufacturers of comparable devices had switched to a universal standard, USB-C. Even some other Apple devices—including the iPad, which in many ways resembles an oversized iPhone—moved to the common USB-C. But the iPhone remained stubbornly attached to its Apple-specific cord.

Inevitably, this caused headaches and complications for some iPhone users, even those fully ensconced in the ecosystem of Apple devices. What if you want to borrow a friend's charging cable and that friend uses an Android phone? What if you're also lugging around an iPad? How many charging cords does one person really need to carry?

But the iPhone 15, released in 2023, uses the USB-C port for charging—in Europe, the U.S., and everywhere else. Starting with this model, Apple customers won't have to worry about what type of phone their friends have when asking to borrow a charger.

This change didn't come from a new innovation or from consumer demands. It was mandated by European regulators.

In September 2021, the European Commission proposed a common charger regulation, claiming it was appropriate to reduce electronic waste and consumer frustration. The proposal was passed in 2022, and the mandate goes into effect in 2024.

This might sound like a boon for users. But in the long term, this sort of rule threatens to thwart future innovation by locking tech companies into government-determined feature sets that can be updated or improved only with regulatory approval. Rules like this turn bureaucrats into product designers.

The charging rules are a symptom of a larger problem. E.U. bureaucrats' "regulate-first" approach has been spreading beyond Europe's borders to impact American companies and American consumers. Unfortunately, many American policy makers seem to be looking to Europe as a model.

A Rising Wave of E.U. Regulation

Many Americans first experienced the impact of the European regulatory approach in May 2018, when they started noticing more click-through requirements to accept cookies and updated privacy policies. All those annoying security pop-ups and repeated notice of updates to terms of service on websites were the direct result of General Data Protection Regulation (GDPR), an E.U. policy that required companies to adopt specific practices around interactions with user data and users' rights related to those data.

The GDPR didn't just bring a bunch of annoying pop-ups, it also caused huge corporate compliance costs. When the GDPR went into effect in 2018, companies reported spending an average of $1.3 million on compliance costs. A Pricewaterhouse-Coopers survey found that 40 percent of global companies spent over $10 million in initial compliance. These weren't one-time costs; some companies spend millions annually to comply.

Unsurprisingly, some organizations decided to pull out of the E.U. market entirely rather than comply with these rules. Others chose to deploy these changes all around the world rather than try to tailor compliance to the European Union. In other words, they treated the E.U.'s rules as global requirements.

This is a common result of tech regulations: Laws passed in one region end up affecting citizens located in other areas as companies standardize practices.

Consider the Digital Markets Act (DMA), a European regulation that went into effect in 2022. Under this law, regulators can put additional restrictions on otherwise legal business practices for companies labeled "gatekeepers." In September 2023, regulators gave six companies—Alphabet (the parent company of Google), Amazon, Apple, ByteDance (the parent company of TikTok), Meta (the parent company of Facebook), and Microsoft—the gatekeeper label. Notably, five of these six companies are American, and none are European. Meta and ByteDance have challenged their designation as gatekeepers, while Microsoft and Google have announced they do not plan to challenge the change.

The DMA's rules aren't yet finalized. But they could keep companies stuck with the gatekeeper designation from prioritizing their own products or services, and they might impose restrictions on messaging and advertising.

The Digital Services Act (DSA) is another European regulation that could significantly change the way users experience the internet both in Europe and beyond. The DSA was part of a legislative package with the DMA, but it's focused on disinformation and supposedly harmful online content. The law gives regulators more power to require that online platforms respond to their requests for information about content moderation actions and speakers and even allow regulators to mandate takedowns.

Even prior to the DSA, European governments had far greater ability to intervene in moderation decisions than U.S. officials, who are mostly limited to making nonbinding requests. In contrast, companies subject to the DSA risk fines of up to 6 percent of their annual turnover.

Europe also adopted an AI Act in December. While E.U. bureaucrats trumpeted the law as the "first of its kind," that's not something to brag about. The regulation will create a series of stringent requirements on various artificial intelligence (AI) technologies. If there's good news, it is that some nations in Europe, including Germany, France, and Italy, are pushing for AI self-regulation instead. Although they probably won't stop new AI controls completely, their objections could at least reduce the regulatory burden that AI companies face and signal awareness of the impact such regulations can have on innovation.

Europe seems committed to forcing innovators to prove to regulators that a technology will not cause harm rather than making rules designed to stop proven harms. This approach to regulation—sometimes described as "the precautionary principle"—presumes a technology is guilty until it is proven innocent.

Europe's Tech Policy Isn't Just About Europe

In 2015, President Barack Obama applauded U.S. technological success and warned that European lawmakers were trying to use regulation to hamstring American business. "We have owned the internet," he told Recode. "Our companies have created it, expanded it, perfected it in ways that they can't compete. And oftentimes what is portrayed as high-minded positions on issues sometimes is just designed to carve out some of their commercial interests." He cast European regulation as a way to "set up some roadblocks for our companies to operate effectively there."

Obama isn't the only American leader to worry publicly about the E.U.'s overreach. In 2019, President Donald Trump said, "Every week you see them going after Facebook and Apple and all of these companies….They think there's a monopoly, but I'm not sure that they think that. They just think this is easy money." In 2022, a bipartisan group of senators warned that the DMA and DSA, "as currently drafted, will unfairly disadvantage U.S. firms to the benefit of not just European companies, but also powerful state-owned and subsidized Chinese and Russian companies, which would have negative impacts on internet users' privacy, security and free speech."

Such concerns are far from misguided. Remember, five of the six designated gatekeepers under the DMA are American. Similarly, the DSA designated 19 companies as "very large online platforms" or "very large search engines" subject to increased regulatory scrutiny and specific requirements within the areas they are deemed potential gatekeepers. Of the 19 companies slapped with a "very large" designation, 15 are American and only two are European.

At times, some of these regulations seem constructed in such a way to directly target American companies—while giving a boost to the few European companies that might otherwise be subject to their regulations.

Global Consequences

This growing array of requirements could have unintended consequences for how products function far beyond Europe—and how we can use them to speak online.

Supporters of the GDPR claimed the law would preserve privacy and online safety. But some E.U. tech rules could actually make software and devices less safe. For example, requiring platforms to allow third-party payment processors or "side loading"—essentially installing software that isn't explicitly authorized by the phone or operating system manufacturer—is intended to level the playing field for smaller competitors. But making devices and software more open to third-party modification could also make them vulnerable to hacking. The likely global reach of these rules would mean those vulnerabilities wouldn't be limited to Europe.

More rules on product design, meanwhile, could produce a chilling effect on new tech. Companies may be less likely to try new products or privacy tactics that might not comply with European regulations if they know that will foreclose a big market. Even an innovation that improves privacy and cybersecurity might struggle to comply with GDPR requirements designed with a different model in mind.

It is not just innovation and security that are at risk. Americans may soon find themselves subject to European bureaucrats' norms when it comes to free speech.

Already, many European and Latin American countries have created laws governing hate speech or harmful content. These laws are likely to result in more aggressive takedowns by social media companies, especially on hot-button political issues. If tech companies decide to enforce a single global standard for community guidelines, American internet users will end up communicating in online spaces where the rules were designed to comply with foreign hate speech laws that aren't restrained by the First Amendment's protections.

What Not To Do in Tech Policy

While some American officials have criticized these E.U. regulations, others have seen them as an opportunity to argue that the U.S. should change its own approach. A growing number of American policy makers are looking to Europe as an example—or even actively collaborating with E.U. tech regulators.

In March 2023, the Federal Trade Commission sent officials to Brussels to aid in implementing and enforcing the DMA. At the same time, the agency has taken an increasingly aggressive approach domestically, attempting to enforce antitrust standards that resemble Europe's by waging a yearslong legal campaign against mergers in the tech sector. (This campaign has failed repeatedly in U.S. courts.)

Some policy makers have directly applauded the European approach. In June 2022, Sens. Ed Markey (D–Mass.), Bernie Sanders (I–Vt.), and Elizabeth Warren (D–Mass.) sent a letter asking the secretary of commerce to "restore the sanity" and follow the E.U. in requiring a universal charger for smartphones and certain other electronic devices.

Meanwhile, European regulators seem eager to gain a greater foothold in the United States. The E.U. has opened an office in San Francisco to promote compliance with its technology regulations, a move that seems to more than just tacitly acknowledge that these regulations will have a big impact on American companies.

The stakes are high. A 2022 study found that 16 percent of European companies would be willing to switch to a Chinese tech provider due to anticipated cost increases from the DMA. Others might turn to providers that are not subject to the regulations but provide inferior products either in quality or security. These policies would punish successful American companies while benefiting those of more questionable regimes.

The U.S. needs to be an alternative to such heavy-handed controls. It should stick with the relatively hands-off approach that has helped make America a global leader in tech.

In 1996, when the modern internet was in its infancy, Congress made clear it was the policy of the United States "to preserve the vibrant and competitive free market that presently exists for the Internet and other interactive computer services, unfettered by Federal or State regulation." As Rep. Christopher Cox (R–Calif.) said at the time, America does "not wish to have a Federal Computer Commission with an army of bureaucrats regulating the Internet because, frankly, the Internet has grown up to be what it is without that kind of help from the Government."

Similarly, the Clinton administration's Framework for Global Electronic Commerce not only described the potential benefits of the internet for global commerce but criticized the consequences of overregulation by declaring that the internet is presumed free. This nonregulatory position allowed the internet to flourish without tight constraints.

"For this potential to be realized fully, governments must adopt a non-regulatory, market-oriented approach to electronic commerce, one that facilitates the emergence of a transparent and predictable legal environment to support global business and commerce," read the Clinton report. "Official decision makers must respect the unique nature of the medium and recognize that widespread competition and increased consumer choice should be the defining features of the new digital marketplace."

Further, it cautioned that governments could "by their actions…facilitate electronic trade or inhibit it." This approach told innovators and investors they were free to try. It is miles from what we're seeing from politicians eager to crack down on tech companies today.

What's Really at Risk

We have a new iPhone charger now. For some users, it might be more convenient. But consider what would have happened if this decision had been made a decade earlier.

In 2012, smartphones were still evolving. Apple used cumbersome 30-pin chargers for their phones. Other companies used older USB options, such as micro- and mini-USB, which were clunky in different ways. When the Lightning cable arrived, it was faster, smaller, more durable, and more physically secure. It offered an improved user experience relative to the other options, which in turn spurred adoption of the USB-C standard.

A more regulated marketplace might have stopped this development in its tracks, letting bureaucrats who prioritize uniformity over all else decide on a single standard rather than letting the market evolve.

The debate about European tech regulations and their ripple effects on American companies and consumers is often framed in terms of safety or privacy or the consumer experience. But at heart, it's about a much simpler question: Who gets to design the future—the government, or innovators?