Getty Images

EU's new big tech regulations target online advertising

The Digital Markets Act and Digital Services Act focus on bolstering business competition and consumer control over data online.

New tech regulations passed in the European Union targeting big tech companies could also affect the advertising practices of other businesses that rely on these platforms.

The EU's legislative body, the European Parliament, passed the Digital Markets Act (DMA) and Digital Services Act (DSA) Tuesday. Lawmakers spent months working on the two sweeping pieces of tech regulation to address concerns related to the power of tech companies such as Google, Apple and Amazon and their data collection, usage and sharing practices.

The DMA focuses on competition and prohibits tech giants from ranking their own products and services more favorably on their platforms than third-party products, as well as processing users' personal data for targeted advertising. The DSA targets social media companies and the spread of illegal content and online disinformation. It also focuses on advertising, banning advertising based on sensitive data such as race or religion, and requiring platforms to provide transparent explanations to users regarding why they're seeing certain ads.

The EU's new rules affect not only the tech giants they're aimed at, but also commercial organizations and their ability to use data from the tech platform providers for advertising, said Forrester principal analyst Paul McKay.

McKay said that not having access to sensitive data will challenge direct marketing efforts.

"This is a potentially enormous change for CMOs to grapple with, and it will only be with the implementation of the act that the day-to-day realities will become clearer," he said in a statement.

Changes to businesses' advertising practices

The tech regulations will require businesses to get clear consumer consent before selling or sharing data with companies like Google or Amazon, which the acts call "gatekeepers."

The tech regulations aim to close what Forrester analyst Stephanie Liu called a "consent loophole" for data tracking and usage that resulted after the EU's General Data Protection Regulation (GDPR) went into effect. GDPR required businesses get user consent before using cookies, which are small text files that online advertisers can use to track user activity.

However, while the opt-in option for cookies is clear when visiting a website, the ability to opt out of cookies is much more difficult.

The new acts mean that marketers and businesses "need more consent from consumers to do things they could've previously done without consumer permission, and the way they ask for that permission is getting more stringent," Liu said.

Liu said the DSA will also require companies to explain to consumers why they're seeing certain ads. Facebook owner Meta, for example, already offers a feature that allows consumers to understand why they're seeing particular ads.

Liu said that kind of requirement for the open web could get tricky and raises questions.

How much of your ad targeting would you be okay with a consumer seeing?
Stephanie LiuAnalyst, Forrester

"How much of your ad targeting would you be okay with a consumer seeing?" she said.

Ultimately, passage of the DMA and DSA "signals a marked change in the relationship between consumers, big tech platforms and the commercial organizations that rely on them," Forrester's McKay said.

"This change has the power to act as a model for how governments and regulators around the world can re-empower the consumer to avoid some of the imbalances and dominance that have become normal in the technology sector over the past several years," he said.

Makenzie Holland is a news writer covering big tech and federal regulation. Prior to joining TechTarget, she was a general reporter for the Wilmington StarNews and a crime and education reporter at the Wabash Plain Dealer.

Dig Deeper on CIO strategy

Cloud Computing
Mobile Computing
Data Center
and ESG