Ireland Moves Deeper into DSA Oversight with New Meta Dark Patterns Probe

Liz Carolan is a fellow at Tech Policy Press.

Meta is facing two new investigations under the Digital Services Act (DSA), to be led by Irish regulator Coimisiún na Meán (CnaM). The regulator will assess whether Instagram and Facebook are in violation of two parts of the Act, Articles 27 and 25.

The investigation builds on complaints compiled by the regulator, which led CnaM to suspect that the company is using prohibited “dark patterns” to prevent users from exercising a right grant under the Act to choose a recommender system that is not based on profiling. If they are, this would see Meta liable for a fine of up to 6% of its global turnover. Based on last year’s published revenue figures, this could mean up to $12 billion for each violation found.

The regulator will carry out two separate assessments as part of its probe. It will determine whether users can select and modify their preferred recommender system and the functionality through Facebook and Instagram’s interfaces, something that Article 27(3) says needs to be easily accessible. It will also then assess whether Facebook and Instagram’s interfaces “deceive” or “manipulate” users away from choosing a recommender system feed that is not based on profiling of their personal data, the so-called dark patterns prohibition that is in Article 25(1).

The investigation will be carried out in co-operation with the European Commission, and with inputs from DSA enforcement bodies in other EU states. This reflects the shared responsibility for the enforcement of tech rules on the so-called “Very Large Online Platforms” between Brussels and national regulators that the Act calls for. Ireland, which houses the European headquarters of most major tech firms, is deemed to be the national regulator for those companies under the EU’s “country of origin” principle.

The two latest cases bring the number of investigations that Coimisiún na Meán has underway against large tech platforms to five, all of which were launched in the last six months. Last November, CnaM announced an investigation into X’s complaint handling system, and in December, it announced two further probes into reporting mechanisms for illegal content, one at TikTok and one at LinkedIn. CnaM says it is also assisting four further cases being led by the European Commission, two into TikTok, one into X and another into Shein.

Each of these has come from the regulator’s “Platform Supervision and Investigations” team, under the leadership of Digital Services Commissioner John Evans. Evans, an economist who spent 10 years enforcing competition law at Ireland’s national regulator, and then another eight at the communications regulator ComReg, joined Coimisiún na Meán at its founding in 2023 along with three other Commissioners. He shares responsibility for DSA enforcement with Online Safety Commissioner Niamh Hodnett. But while Hodnett leads the policy and research division, it is Evans who has been the face of enforcement actions.

The latest announcement comes as regulators face accusations of being too slow in getting to enforcement of the DSA and its sister regulation, the Digital Markets Act (DMA). While proceedings have been launched, only a handful have been completed. Some of this is the relative newness of the regulations (the DSA entered into force in November 2022, though it was February of 2024 before all of the provisions were fully in place), combined with the slow pace of bureaucracy. But there are signs that there may also be political pressure on regulators to ease off on the (mostly) American companies in the sights, for fear of further complicating trans-Atlantic tensions.

German news outlet Handelsblatt reported last month that the EU postponed imposing a fine on Google’s parent company, Alphabet, in a competition case taken under the DMA. They found that the regulator had concluded its investigation into Google’s abuse of market power in March of this year, but decided to delay announcing the decision. Their sources tell them that this was because of a direct intervention by European Commission President Ursula von der Leyen, something a coalition of over 30 civil society groups said “compromises the goals and the efficient enforcement of the EU’s digital rules.”

Domestically, the announcement of these investigations comes as Ireland prepares to take on the EU Presidency, amidst pressure from Brussels to step up its lackluster performance as Europe’s de facto tech regulator. There are also signs that the Irish public’s patience is wearing thin; polling released today showed that 71% want the EU to seek greater independence from the US. This builds on earlier polling by ICCL that found that 75% of the public want more regulation of tech platforms.

It is unclear how long this investigation will take, though we are starting to have some benchmarks. The first enforcement action under the DSA was issued against X last December, some 24 months after the Commission first started assessing that company’s compliance. Should the regulator find against Meta, they could appeal via the Irish courts; CnaM confirmed to Tech Policy Press via email today that they are currently facing 12 legal actions by tech companies. But perhaps a two-to-three-year timeline could work in Europe’s favor, if it keeps an eye on trans-Atlantic developments.