Chapter 4|Supervision, Investigation, Enforcement and Monitoring of VLOPs and VLOSEs|📖 22 min read
1. The Commission may, by decision, impose fines not exceeding 6% of the total worldwide annual turnover of the provider of the very large online platform or of the very large online search engine concerned in the preceding financial year where it finds that the provider, intentionally or negligently:
(a) infringes any of the provisions listed in Article 73(1), points (a), (b) or (c);
(b) fails to comply with a decision ordering interim measures pursuant to Article 70;
(c) fails to comply with a commitment made binding by a decision pursuant to Article 71.
2. The Commission may, by decision, impose fines not exceeding 1% of the total annual income or worldwide annual turnover of the provider of the very large online platform or of the very large online search engine concerned in the preceding financial year where the provider, intentionally or negligently, supplies incorrect, incomplete or misleading information in response to a request pursuant to Article 67, or does not rectify incorrect, incomplete or misleading information within a time limit set by the Commission.
3. In fixing the amount of the fine, the Commission shall have regard to the nature, gravity, duration and recurrence of the infringement and, for fines imposed pursuant to paragraph 2, to the delay caused to the proceedings.
4. When deciding whether to impose a fine and when fixing the amount of the fine in each individual case, due account shall be taken of the provider's ability to pay the fine in question.
5. Fines imposed pursuant to this Article shall be effective, proportionate and dissuasive.
6. Where the Commission intends to impose a fine pursuant to this Article, it shall inform the provider of the very large online platform or of the very large online search engine concerned of its objections, affording the provider concerned the opportunity to be heard on the matter.
Understanding This Article
Article 74 creates European Commission's financial penalty authority enabling fines up to 6% provider's total worldwide annual turnover for substantive DSA violations and up to 1% for procedural infractions. Provision serves three functions: (1) Punishment - retrospectively sanctions past violations imposing economic consequences for non-compliance, (2) Deterrence - prospectively discourages future violations through credible threat of significant financial penalties, (3) Compliance incentive - creates economic motivation to invest in robust compliance systems preventing violations. Fine authority complements Article 73 non-compliance decisions (establishing legal violation finding) and Article 75 periodic penalties (coercing future compliance through daily payments) - together creating comprehensive enforcement toolkit addressing past, present, future compliance failures.
Dual Fine Structure - Substantive vs. Procedural: Article 74 establishes two-tier penalty framework reflecting violation severity differential. Paragraph 1 substantive fines (6% ceiling) apply to core DSA obligation violations harming users, public interests, or regulatory processes: Section 5 obligations (Articles 33-43 VLOP/VLOSE requirements including risk assessment, mitigation, transparency, researcher access, compliance function), Article 70 interim measure non-compliance (refusing to implement provisional remedies preventing imminent harm), Article 71 binding commitment breaches (violating negotiated undertakings accepted as enforcement settlement). These violations directly undermine DSA's protective objectives warranting higher penalties. Paragraph 2 procedural fines (1% ceiling) apply to investigation obstruction: providing incorrect, incomplete, misleading information responding to Article 67 requests, failing to rectify false information within Commission deadline. Procedural violations frustrate enforcement without directly harming users - warrant lower penalties reflecting derivative rather than primary harm. Tiered structure enables proportionate response - Commission need not impose maximum penalties for minor procedural deficiencies while retaining authority for severe substantive violations.
Turnover Calculation Methodology: Fine ceilings based on 'total worldwide annual turnover in preceding financial year' - encompasses all revenue from all commercial activities globally regardless of geographic source or product/service category. Worldwide scope prevents providers from arguing DSA violations generated limited revenue warranting minimal fines - regulatory violations often create cost savings (avoiding compliance expenses) rather than direct revenue making violation-specific profit calculation inappropriate baseline. Total turnover includes parent company and all subsidiaries under common control - prevents corporate structuring minimizing penalty exposure by operating through low-revenue entities while profits flow to holding companies. 'Preceding financial year' refers to most recently completed fiscal year before Commission fine decision - creates certainty about penalty ceiling using audited financial statements. However, timing may create discrepancies if significant business changes occurred: rapid growth companies face penalties based on prior smaller revenue (lower fines), declining businesses penalized based on prior larger revenue (potentially exceeding current ability to pay requiring paragraph 4 adjustment). Commission practice typically uses calendar year for simplicity though respects providers' fiscal years if different. For private companies without public financial disclosures, Commission can demand turnover information through Article 67 information requests verified through Article 69 inspections of financial records.
Mens Rea Requirement - Intentional or Negligent: Both paragraph 1 and 2 fines require violations be 'intentionally or negligently' - eliminates strict liability preventing penalties for pure good faith compliance failures. Intentional violations involve deliberate knowing non-compliance: provider aware of DSA obligation and consciously decides to violate (e.g., deliberately deploying dark patterns knowing they manipulate users, refusing Article 67 information requests to conceal violations, systematically denying Article 40 researcher access to prevent accountability). Intentional violations warrant highest proportionality factor weighting given bad faith. Negligent violations involve failures to exercise reasonable care: provider unaware of obligation due to inadequate compliance systems, misinterprets requirement through unreasonable legal analysis, implements technically compliant measures ineffectively due to insufficient quality control. Negligence threshold relatively low - Commission typically finds negligence where sophisticated platforms with extensive legal resources should have understood obligations. Only genuine good faith reasonable interpretation errors might escape negligence finding, though Commission rarely accepts such defenses given DSA's clear language and extensive guidance. Burden of proving good faith falls on providers - Commission presumes negligence absent compelling contrary evidence. Intentionality vs. negligence affects fine calculation under paragraph 3 gravity factor - intentional violations receive higher penalties within 6% ceiling.
Proportionality Factors - Paragraph 3: Commission must 'have regard to nature, gravity, duration, recurrence' when fixing fine amounts - prevents mechanical application of maximum penalties requiring individualized assessment. (1) Nature - violation type and affected interests. Article 34 risk assessment failures differ from Article 40 researcher access denials - both serious but different harm profiles (public safety vs. accountability). Violations affecting vulnerable users (minors, harassment victims) weighted more heavily than commercial violations. Multiple simultaneous violations across different provisions warrant higher aggregate fines than isolated infractions. (2) Gravity - harm severity and violation scope. Systematic algorithmic amplification of illegal content harming millions users more grave than isolated content moderation errors. Violations enabling serious harms (child exploitation, terrorist recruitment, election manipulation) more grave than technical transparency failures. Evidence of actual harm (documented user injuries, measurable societal damage) increases gravity versus purely potential risks. (3) Duration - temporal scope from violation commencement to termination. Violations spanning months or years warrant higher penalties than brief isolated incidents. Continuing violations after Commission warnings or interim measures particularly aggravating. However, long-duration violations may reflect legal uncertainty rather than bad faith - Commission must assess whether extended duration reflected reasonable compliance efforts or deliberate delays. (4) Recurrence - repeated violations of same or similar obligations. Prior Article 73 decisions finding non-compliance establish recurrence if provider violates again - creates escalating penalty trajectory. Repeated violations demonstrate compliance system inadequacy or willful disregard warranting enhanced deterrence. Recurrence may involve same provision violated multiple times or pattern of violations across related provisions indicating systemic compliance failure. Paragraph 3 also considers 'delay caused to proceedings' for paragraph 2 procedural fines - extended obstruction through false information provision warrants higher penalties than brief inadvertent misstatements quickly corrected.
Ability to Pay - Paragraph 4: Commission 'shall take due account of provider's ability to pay fine in question' - implements proportionality preventing insolvency-inducing penalties. Ability to pay consideration particularly relevant for: private platforms without public market capitalization, providers experiencing financial distress, companies with high turnover but low profit margins making percentage-of-turnover fines exceed available liquidity, providers facing multiple concurrent regulatory penalties across jurisdictions (GDPR, DMA, national laws) creating aggregate payment obligations exceeding capacity. Assessment examines: liquid assets and cash reserves, debt obligations and financial commitments, ongoing business viability and revenue projections, availability of credit or capital markets access, other pending or imposed regulatory fines. Commission may reduce fines below calculated amount or grant extended payment timelines if necessary to prevent provider insolvency that would harm users (service discontinuation), competition (reducing platform diversity), or enforcement (uncollectable fines). However, ability to pay cannot eliminate fines entirely - paragraph 5 requires fines remain 'effective' and 'dissuasive' even when reduced for financial constraints. Providers bear burden of proving inability to pay through detailed financial disclosures verified by Commission.
Effectiveness, Proportionality, Dissuasiveness - Paragraph 5: Fines must satisfy triple standard: (1) Effective - fines must meaningfully impact provider behavior rather than constitute negligible cost of business. For platforms generating hundreds of billions annual revenue, fines measured in millions likely ineffective - providers might rationally accept penalties rather than change profitable practices. Effectiveness requires fines sufficient to motivate compliance investments and operational changes. (2) Proportionate - fines must not exceed what violation severity warrants. Even where 6% ceiling legally available, Commission should impose lower amounts if violation relatively minor, brief, inadvertent, or caused limited harm. Disproportionate fines violate Charter Article 49(3) and general EU law principles, creating grounds for judicial annulment. (3) Dissuasive - fines must deter both penalized provider and other platforms from similar violations. Individual deterrence requires penalties unpleasant enough that provider prefers compliance to repeated violations and penalties. General deterrence requires public visibility that DSA violations trigger significant consequences encouraging industry-wide compliance. Dissuasiveness particularly challenging for platforms where violation generates profits exceeding fines - Commission must set penalties above violation benefits. Tension exists between proportionality (limiting fines to violation-justified levels) and dissuasiveness (requiring substantial penalties creating deterrence) - Commission must balance ensuring fines meaningful without becoming punitive.
Procedural Rights - Paragraph 6 Objections: Before imposing fines, Commission must 'inform provider of objections, affording opportunity to be heard' - implements right to defense (Charter Article 48, general principles). Statement of objections specifies: alleged violations with legal and factual basis, proposed fine amount with calculation methodology showing turnover basis and proportionality factors, evidence supporting violation finding (database analyses, inspection findings, documents, testimony), provisional assessment of intentionality or negligence. Provider may respond through written submissions and oral hearings (if granted) presenting: legal arguments disputing violation, factual evidence contradicting Commission findings, proportionality objections arguing fine calculation inappropriate, ability to pay evidence requesting reduction, procedural defect claims challenging investigation validity. Hearing typically conducted before independent Hearing Officer ensuring impartiality. Commission must seriously consider provider submissions - cannot rubber-stamp preliminary assessment. Final fine decision must address provider's arguments explaining why rejected or how incorporated. Adequate right to be heard essential to fine decision validity - procedural defects create grounds for judicial annulment even if substantive violation occurred.
Fine Payment and Enforcement: Article 74 decisions specify payment deadline (typically 30-90 days from notification) and payment mechanisms (bank transfer to Commission account). Non-payment triggers enforcement proceedings: Commission obtains enforcement order from Court of Justice EU under Article 280 TFEU enabling asset seizure, garnishment, liens across Member States. Unpaid fines accrue interest at rate set by Commission (typically ECB rate plus premium). Payment obligations survive even if provider ceases DSA operations or dissolves - corporate successors, acquiring companies, parent entities may inherit liability. Providers cannot avoid fines through bankruptcy if insolvent - Commission ranks as creditor in insolvency proceedings though likely behind secured creditors. Fines payable to EU general budget becoming EU revenue - Member States don't receive fine proceeds despite national authorities often assisting investigations. Revenue allocation has generated political debate whether Member States should share fine proceeds incentivizing national enforcement cooperation.
Judicial Review: Article 74 fine decisions subject to EU Court review under TFEU Article 263 (annulment) and Article 261 (unlimited jurisdiction over penalties). Annulment grounds include: lack of competence, procedural violations, substantive errors, misuse of powers. Courts apply unlimited jurisdiction enabling them to: cancel fines entirely if violation not proven, reduce fine amounts if disproportionate even if violation occurred, increase fines if Commission calculation too lenient (rarely exercised), modify fine calculation methodology. Proportionality receives intensive judicial scrutiny - Courts independently assess whether Commission properly evaluated nature, gravity, duration, recurrence factors and whether fine amount justified by violation severity. Ability to pay claims also judicially reviewable - providers can argue Commission insufficiently accommodated financial constraints. Right to be heard defects often succeed - Courts rigorously enforce procedural rights annulling fines where Commission failed to adequately inform providers or consider their submissions. Judicial proceedings typically span 2-4 years creating delayed payment uncertainty - providers often request payment suspension pending appeal, which Courts may grant upon demonstrating fine payment would cause irreparable harm (typically requires bank guarantee securing eventual payment if appeal fails).
Key Points
Dual fine structure: substantive violations up to 6% worldwide turnover (paragraph 1), procedural violations up to 1% (paragraph 2)
6% fines apply to: Section 5 obligation violations, Article 70 interim measure non-compliance, Article 71 binding commitment breaches
1% fines apply to: providing incorrect/incomplete/misleading information, failing to rectify false information within Commission deadline
Mens rea requirement: fines require 'intentionally or negligently' - pure good faith compliance failures theoretically exempt though negligence broadly construed
Turnover basis calculated on 'preceding financial year' - creates certainty about penalty ceiling but may understate current economic power if rapid growth
Paragraph 3 proportionality factors: nature (violation type and affected interests), gravity (harm severity), duration (violation timespan), recurrence (repeated violations)
Ability to pay consideration (paragraph 4) - Commission must account for provider's financial capacity preventing insolvency-inducing fines
Effectiveness, proportionality, dissuasiveness standard (paragraph 5) - fines must meaningfully deter violations without excessive punishment
Right to be heard (paragraph 6) - Commission must inform provider of objections and afford hearing opportunity before imposing fines
Fines imposed through separate Article 74 decision following Article 73 non-compliance finding - two-stage procedure enabling distinct challenges
Worldwide turnover encompasses entire corporate group not merely DSA-violating entity - prevents corporate structuring to minimize penalty exposure
Maximum 6% threshold rarely imposed - Commission typically calculates lower amounts based on proportionality factors unless egregious intentional violations
Fines payable to EU general budget not affected Member States - creates EU enforcement revenue stream
Non-payment triggers enforcement proceedings before EU Courts with potential asset seizure and accruing interest penalties
Judicial review available under TFEU Article 263 - Courts may annul or reduce fines if disproportionate, insufficiently reasoned, procedurally defective
First Article 74 fines expected 2024-2025 for X, Meta, TikTok cases - will establish precedential fine calculation methodology
Practical Application
Hypothetical X (Twitter) Fine Calculation - First Article 74 Precedent: Following Article 73 non-compliance decision finding X violated Article 25 (dark patterns through deceptive verification), Article 39 (advertising repository deficiencies), Article 40 (researcher access obstruction), Commission calculates Article 74 fine using paragraph 3 proportionality factors. Turnover basis: X's 2023 annual revenue approximately €5 billion (significant decline from €5.1B in 2022, €5.08B in 2021 due to advertiser exodus after Elon Musk acquisition), setting 6% maximum at €300 million. Fine calculation: (1) Nature assessment - violations span consumer protection (dark patterns misleading users), transparency (ad repository opacity), accountability (researcher access denial). Multiple violations across different provisions indicate systematic compliance failures warranting higher baseline. Dark patterns particularly concerning as deliberately manipulative versus inadvertent errors. Researcher access obstruction undermines entire DSA accountability architecture. Nature factor suggests upper-tier fine within 6% ceiling. (2) Gravity assessment - verification badge deception affects all X users (~250M globally, ~50M EU) creating widespread misinformation risk enabling impersonation. Advertising repository defects harm electoral transparency, competitive oversight, academic research - significant public interest damage. Researcher access denial prevents independent verification of X's risk assessments and mitigations across all systemic risks (disinformation, hate speech, election manipulation). Evidence shows actual harms: documented impersonation incidents exploiting paid verification, political advertising opacity during EU elections, researchers unable to study platform dynamics. High gravity warranting substantial fine. (3) Duration assessment - X launched Blue verification November 2022 and maintained despite criticism through 2024 fine decision (24+ months). Advertising repository deficiencies began when X designated as VLOP April 2023 through fine decision (18+ months). Researcher access obstruction evident from August 2023 API restrictions through investigation (12+ months). Extended duration across all violations suggests willful persistence not inadvertent temporary failure. (4) Recurrence assessment - no prior Article 73 decisions against X as DSA enforcement just beginning, but pattern of multiple simultaneous violations indicates compliance culture problems. Platform continued violations after Commission preliminary findings and interim measures (if ordered) - recurrence of non-compliance during enforcement proceedings particularly aggravating. (5) Intentionality assessment - evidence suggests intentional violations: internal communications discussing verification monetization without fraud prevention, deliberate API pricing and restrictions designed to deter researchers, conscious choice to maintain deficient ad repository despite compliance obligations. High intentionality weighs heavily toward maximum fine. Commission preliminary calculation: 4.5% turnover (€225M) based on high gravity, extended duration, intentional violations, multiple provisions breached. However, paragraph 4 ability to pay consideration requires examining X's financial position: company struggling financially (revenue declines, advertiser losses, debt obligations from Musk's leveraged acquisition), though still operating with substantial cash reserves. Commission determines €225M fine wouldn't cause insolvency but represents meaningful impact given constrained finances. Final fine: €200M (4% turnover) - substantial deterrent effect while accommodating financial constraints, establishing precedent that serious multi-violation cases warrant fines in 4-6% range.
Meta Fine Calculation - Article 40 and Article 16/20 Violations: Article 73 decision finds Meta violated Article 40 (researcher access), Article 16 (illegal content reporting burdens), Article 20 (ineffective content moderation appeals) across Facebook and Instagram. Turnover basis: Meta 2024 revenue approximately €165 billion, setting 6% maximum at €9.9 billion. Fine calculation: (1) Nature - three distinct violations with different harm profiles. Article 40 researcher access failure undermines accountability for platform affecting 3.6 billion users globally (~400M EU). Article 16 reporting burdens enable illegal content proliferation by discouraging user reports. Article 20 appeal deficiencies deny users meaningful recourse against moderation errors - fundamental rights implications (expression, privacy). Multiple violations across transparency, user rights, accountability indicate broad compliance failures. (2) Gravity - violations affect hundreds of millions EU users. Researcher access obstruction prevents independent analysis of Meta's algorithmic amplification, content moderation bias, teen mental health impacts, election manipulation - precisely the systemic risks Article 40 meant to illuminate. Reporting burdens documented through user testing showing 7-12 click requirement deterring illegal content reports - measurable harm to content moderation effectiveness. Appeal deficiencies with <2% reversal rate suggest perfunctory review violating users' Article 20 procedural rights. However, no evidence of catastrophic harms (no documented cases of researcher access denial enabling major crisis Meta could have prevented) - violations serious but not maximally grave. (3) Duration - researcher access issues began April 2023 designation through October 2024 preliminary findings (18 months); reporting and appeal problems appear longstanding predating DSA but continuing through enforcement period. Moderate duration as DSA enforcement relatively new - platforms entitled to some learning curve. (4) Recurrence - no prior Article 73 decisions against Meta, but pattern across three violations plus Meta's history of regulatory non-compliance in other contexts (GDPR fines totaling €2.5B, FTC violations, various national enforcement) suggests systematic compliance culture problem. (5) Intentionality - evidence suggests conscious choices: researcher access restrictions designed to prevent unfavorable research despite Article 40 requirements, reporting friction deliberately maintained to reduce moderation costs, appeal processes optimized for efficiency over accuracy. However, arguably some good faith uncertainty about Article 40 scope and Article 16/20 standards as first-time DSA enforcement. Mixed intentionality: negligent regarding novel interpretation questions, intentional regarding obvious requirements. Commission preliminary calculation: 3% (€4.95B) reflecting serious multi-violation case but acknowledging no catastrophic harms and some legal novelty. Ability to pay assessment: Meta extremely profitable with $85B annual profit, substantial cash reserves, strong market position - no financial distress. Fine would represent ~6% annual profit - meaningful but not threatening viability. However, paragraph 5 proportionality concern: €4.95B fine unprecedented in tech regulation, far exceeding largest GDPR penalties (~€1.2B), potentially excessive relative to violation severity. Commission concerned disproportionate fine would be judicially annulled setting problematic precedent. Final fine: €2.1B (~1.3% turnover) - represents largest DSA penalty establishing serious enforcement credibility, remains proportionate to violations, creates deterrence without entering unprecedented territory inviting judicial reduction. Meta can absorb fine without existential impact but feels substantial economic consequence incentivizing compliance improvements.
TikTok Fine Calculation - Article 40 Researcher Access Violations: Article 73 decision finds TikTok violated Article 40 researcher data access through systematic obstruction. Turnover basis: TikTok 2024 revenue estimated €23 billion, setting 6% maximum at €1.38 billion. Fine calculation: (1) Nature - single provision violation but strikes at core accountability mechanism. Article 40 enables independent research identifying algorithmic harms, election manipulation, youth mental health impacts, coordinated inauthentic behavior - violation prevents crucial oversight of platform operating primarily for younger demographic facing heightened vulnerability. (2) Gravity - affects academic research community, policy makers, civil society lacking independent platform insights. Research obstruction particularly concerning given TikTok's algorithm-driven model and documented youth mental health risks. However, severity limited by single provision (versus Meta's three), affects primarily researcher community rather than direct user harm. Moderate-to-high gravity. (3) Duration - researcher access issues began April 2023 designation through October 2024 findings (18 months), similar to Meta. (4) Recurrence - no prior TikTok Article 73 decisions, but company accepted Article 71 commitments in August 2024 regarding TikTok Lite Task & Reward program then subsequently violated Article 40 - suggests ongoing compliance issues. (5) Intentionality - evidence of systematic access denial through burdensome application process, restrictive terms, non-disclosure requirements, fees - indicates intentional obstruction. TikTok argued Chinese data export restrictions prevented compliance - Commission rejected as pretextual but acknowledges genuine cross-border legal complexity. Mixed intentionality with some legitimate compliance challenges. Commission preliminary calculation: 2.5% (€575M) reflecting serious accountability violation, intentional obstruction, but single provision and limited direct user harm. Ability to pay: TikTok/ByteDance profitable with strong financials - no viability concerns. However, Commission notes: first Article 40 enforcement establishing interpretation precedent, cross-border data governance complexity presents novel issues, TikTok demonstrated some good faith through partial researcher access despite restrictions. Final fine: €400M (~1.7% turnover) - establishes Article 40 non-compliance triggers substantial penalties, acknowledges interpretive novelty and cross-border challenges, creates meaningful deterrent for TikTok and other platforms facing data localization constraints. Fine high enough to signal Article 40 importance but lower than Meta's given single violation scope.
Paragraph 2 Procedural Fine - Information Request Obstruction: Commission conducting Article 66 investigation of e-commerce VLOP for Article 35 systemic risk mitigation failures (specifically inadequate counterfeit product detection and removal). Article 67 information request demands: complete database of product listings flagged as potential counterfeits by automated systems or user reports, documentation of counterfeit detection algorithm training data and accuracy testing, internal communications regarding counterfeit policy development, data on seller account verification procedures. Platform provides response stating: automated system flags approximately 50,000 products monthly as potential counterfeits with 85% removal rate after human review, counterfeit detection algorithm proprietary so cannot share training details but achieves "industry-leading accuracy", seller verification includes business registration confirmation for professional sellers. Commission conducts Article 69 inspection accessing platform's internal databases and documents revealing: actual flagging rate ~300,000 monthly (6x reported), removal rate only 41% (not 85%) as many flagged products remained available, algorithm training data heavily biased toward luxury brand counterfeits with minimal coverage of other categories, seller verification perfunctory with minimal document authenticity checking. Platform deliberately provided false information minimizing counterfeit problem scope and overstating mitigation effectiveness - constitutes Article 74(2) violation. Turnover basis: platform €8B annual revenue, setting 1% maximum at €80M. Fine calculation: Information false on multiple dimensions (flagging volume, removal rates, algorithm capabilities, verification rigor), suggesting systematic rather than inadvertent misrepresentation. False information material - concealed compliance failures Commission investigating. Duration of obstruction: 4 months between information request and inspection revealing falsehood, substantially delaying proceedings and necessitating resource-intensive inspection that should have been unnecessary if truthful information provided. Intentional - implausible platform didn't know actual statistics differed dramatically from representations. However, paragraph 2 violations less severe than paragraph 1 substantive violations - 1% ceiling reflects derivative obstruction harm versus direct user harm. Commission calculates: 0.6% (€48M) reflecting intentional material misrepresentation causing substantial delay but acknowledging procedural nature. Platform arguments: data discrepancies result from different measurement methodologies (flagging volume included duplicates, removal rate calculation error), algorithm details genuinely proprietary requiring protection, seller verification standards reflect industry practice. Commission rejects arguments finding implausible that measurement "errors" uniformly overstated compliance, trade secret claims don't excuse providing false effectiveness data, industry practice irrelevant to accuracy of factual representations. Final fine: €45M establishes paragraph 2 information obstruction triggers substantial penalties even below paragraph 1 ceiling, deters other platforms from investigation obstruction strategies, creates precedent that "technical" violations like false information won't receive nominal penalties.
Ability to Pay Reduction - Struggling Platform: Commission Article 73 decision finds mid-sized VLOP violated Article 34 risk assessment and Article 35 mitigation requirements regarding minor protection systemic risks. Platform failed to adequately assess risks of sexual predators using platform to groom minors and failed to implement effective mitigation (inadequate age verification, minimal content filtering, insufficient reporting mechanisms). Turnover basis: €600M annual revenue, setting 6% maximum at €36M. Preliminary fine calculation applying paragraph 3 factors: Nature (child safety violations particularly serious affecting vulnerable users), Gravity (documented cases of predator-minor contact resulting from inadequate protections), Duration (issues persisted 24 months despite warnings), Recurrence (platform had prior safety incidents predating DSA), Intentionality (platform knowingly underinvested in safety to preserve profitability - internal documents show cost-benefit analysis concluding safety improvements too expensive). Factors suggest fine toward upper range: €30M (5% turnover). However, paragraph 4 ability to pay assessment reveals: platform revenue declining (€800M prior year, €600M current year, projected €450M next year) due to user attrition and advertiser concerns; company operating losses of €180M annually burning through cash reserves; debt obligations totaling €400M with refinancing needed within 12 months; credit markets unwilling to extend additional financing given financial distress; €30M fine would deplete remaining €50M cash reserves threatening operational viability within months. Platform provides financial disclosures verified by Commission-appointed auditors confirming distress. Commission faces dilemma: paragraph 5 requires fines be "effective" and "dissuasive" but insolvency would harm users (service shutdown forcing migration), render fine uncollectable, potentially enable platform to escape remediation obligations through bankruptcy. Commission options: (1) Maintain €30M fine accepting potential insolvency - creates strong deterrence but risks counterproductive outcome; (2) Reduce fine to amount platform can pay (€15M without insolvency risk) - questionable whether effective deterrent; (3) Structure deferred payment (€10M immediate, €20M over 3 years contingent on profitability recovery) - maintains deterrent while accommodating constraints. Commission selects option 3: €30M total fine with staged payment preserving nominal penalty amount while enabling platform to restructure and continue operating. Payments accelerate if platform returns to profitability or receives acquisition offer - prevents windfall where financial distress becomes penalty avoidance strategy. Decision establishes precedent that ability to pay can affect payment structure and timing but shouldn't eliminate fines entirely - paragraph 5 effectiveness requirement prevents complete waivers even for struggling platforms.
Recurrence Escalation - Repeated Violations: Platform receives first Article 73 non-compliance decision March 2024 for Article 38 recommender system transparency failures - inadequate main parameter disclosures and ineffective non-personalized alternatives. Article 74 fine: €150M (2% of €7.5B turnover) reflecting moderate severity, limited duration (12 months), first-time violation. Platform implements remediation expanding parameter descriptions and enhancing non-personalized feed. However, March 2025 investigation reveals: platform implemented superficial fixes satisfying literal language but not substance - parameter descriptions technically expanded but still vague generic categories not enabling user understanding; non-personalized alternative added but algorithm still incorporated personalization signals contradicting representation. Essentially platform engaged in malicious compliance satisfying form while evading spirit. Commission Article 73 decision finds continued Article 38 violations plus new Article 40 violation (deceptive statements to researchers claiming full transparency when reality remained opaque). Fine calculation: Base penalty for Article 38 recurrence would be €200M (prior €150M + 33% escalation), but recurrence particularly egregious - not inadvertent subsequent violation but deliberate evasion of prior remediation obligation. Commission treats as aggravated recurrence warranting doubling: €400M (now ~5% of €8B current revenue). Additional €100M for Article 40 researcher deception. Total: €500M combined penalty. Recurrence aggravation factors: violated same provision twice, second violation involved deliberately misleading remediation, pattern indicates compliance culture failure not isolated error, deliberate evasion undermines regulatory settlement mechanisms. Platform arguments: implementation interpretation differed from Commission's, no intent to evade, technical challenges prevented fuller remediation. Commission rejects: interpretation implausible given clear prior decision guidance, technical challenges excuse should have prompted Article 71 commitment renegotiation or good faith consultation not evasive compliance, pattern demonstrates intentional strategy. Final fine: €500M establishes critical precedent that recurrence triggers substantial escalation, deliberate evasive compliance more serious than straightforward violations, creates powerful incentive for genuine good faith remediation not manipulative minimal compliance.