The world's major tech titans must crack down on illegal content and keep European users safe online from Friday, when far-reaching EU rules force digital firms to fall into line.
The landmark Digital Services Act (DSA) compels tech companies to better police content to protect European users against disinformation and hate speech.
And it also demands the firms are more transparent about their services, algorithms and how ads are targeted.
The first phase of the regulation came into force on Friday, affecting 19 "very large" digital platforms including social media networks, websites and online retailers with at least 45 million monthly active users in the European Union.
They are: Alibaba AliExpress, Amazon Store, Apple AppStore, Booking.com, Meta-owned Facebook and Instagram, Google's Maps, Play, and Shopping, LinkedIn, Pinterest, Snapchat, TikTok, Twitter (rebranded as X), Wikipedia, YouTube and Zalando as well as Bing and Google Search.
Many inside and outside of the EU hope the DSA will be a beacon for other countries to take similar action and bring more regulatory oversight of big tech worldwide.
PAY ATTENTION: Share your outstanding story with our editors! Please reach us through firstname.lastname@example.org!
"These systemic platforms play a very, very important role in our daily life and it is really the time now for Europe, for us, to set our own rules," the EU's top tech enforcer, industry commissioner Thierry Breton, said in a video posted online.
Questions over compliance
"The DSA is here, here to protect free speech against arbitrary decisions and, at the same time, to protect our citizens and democracies against illegal content," he said.
"My services and I will now be very, very rigorous to check that systemic platforms comply with the DSA. We will be investigating and sanctioning them, if not the case."
Under the rules, companies must provide an easy-to-use system for people to report illegal content and give users the option to opt out of seeing content on their social media feeds based on profiles created by monitoring their personal web use.
Companies will come under annual audits and those that breach the law could face fines of up to six percent of annual global turnover.
There have already been legal challenges from Amazon and German clothing retailer Zalando against their description under the DSA as "very large".
Both companies must still comply with the law but Amazon scored a small victory when an EU court suspended the requirement to give information on adverts for an ad repository, one of the stipulations under the DSA, an EU official said.
The Friday deadline is the date after which the 19 platforms must give their risk assessments, and two months later publish transparency reports.
The DSA will apply to all digital services from February 2024.
One of the burning questions in Brussels is whether the social media network formerly known as Twitter, owned by billionaire Elon Musk, will comply with the EU's rules.
Twitter was among five social media platforms that undertook a "stress-test" this summer to gauge whether they were compliant.
Breton warned Musk he needed more resources to moderate dangerous content, but after the billionaire's takeover, he unleashed a wave of firings.
A wave of companies include Google, Meta and Bing and LinkedIn owner Microsoft made announcements this week detailing the changes they made including greater transparency over targeted ads and giving users more control over their feeds.
Taking on big tech
Brussels has also identified more "very large" platforms but the EU official would not say when the companies would be named.
The focus will soon be on another milestone law when the EU names which tech companies are "gatekeepers" under the Digital Markets Act (DMA) by September 6.
Brussels said in July the companies which say they meet the threshold are Google parent Alphabet, Amazon, Apple, TikTok owner ByteDance, Meta, Microsoft and Samsung.
The DMA subjects internet giants to tougher regulation to ensure competition and avoid big companies manipulating their power to keep users in their ecosystem.
The laws are not the EU's first strike against tech firms.
The mammoth GDPR data protection law came into force in 2018, triggering a slew of fines worth billions of euros against major players like Meta and bringing closer scrutiny over their access to and use of people's data.
And the bloc is moving full steam ahead with plans for the world's first comprehensive law to regulate artificial intelligence by the end of the year.