To Regulate or Not to Regulate?

The Digital Omnibus Regulation Proposal and the Digital Omnibus on AI Regulation Proposal, both presented on 19 November by the European Commission, are certain to attract substantial attention from commentators in the coming months. Containing provisions that appear to depart from prior positions or to mitigate the impact of existing ICT regulations, the Proposals may represent a significant turning point in European technology regulation policy.

To date, the European Union has consistently oriented its policy toward comprehensive regulation of ICT, with the ambition of positioning itself globally as a model for the implementation of the rule of law and the protection of individual rights in the digital environment. Its strategy for achieving digital sovereignty (i.e., the “control of our present and destiny as manifested and guided by the use of technology and computer networks”, in Pierre Bellanger’s words) has, after all, been premised on “promoting more actively European values and principles in areas such as data protection, cybersecurity, and ethically designed artificial intelligence”, as the European Parliament explains. The link between digital sovereignty and power to regulate was made as clear as possible in the recent Declaration for European Digital Sovereignty, adopted in Berlin on 18 November by the EU Member States: “Our common understanding of digital sovereignty is the ability of Member States to be able to regulate their digital infrastructure, data and technologies.”

Against this backdrop, the Digital Omnibus Proposals might be perceived as a step backward in the pursuit of digital sovereignty. And perhaps – indeed, quite probably – it is. Whatever interpretation one adopts, recent developments merit close examination in order to assess whether the policy pursued thus far is truly the most effective means of achieving the objectives proclaimed by the European institutions.

The Importance of Geopolitics

I will not undertake a substantive critique of the various acts and provisions adopted in Brussels or Strasbourg (a first comment is provided by Hannah Ruschemeier). Instead, I shall propose a methodology through which such policies – and the legislative acts that embody them – may be analyzed.

Although the EU’s actions in the ICT domain may share common objectives, they are by no means uniform. Their diversity is evident from numerous perspectives, but here attention will be directed to the insights offered by geopolitics. This term, however, requires clarification. Geopolitics has not yet acquired a universally accepted definition among scholars. Since a conceptual choice is necessary, I will refer primarily to the work of Yves Lacoste, whose approach is particularly instructive in its emphasis on the role of geography in the geopolitical analysis, which main goal is understanding how conflicts and rivalries between actors over specific spaces emerge and evolve.

How, then, can geopolitics – understood in this sense – be useful to lawmakers, but also to legal scholars, and specifically to the study of EU regulation of ICT?

First, geopolitical analysis reminds us that “new technologies” manifest at a wide range of geographical scales. Some technological phenomena unfold within the territory of the European Union or its Member States: for example, the 5G network can be mapped onto the EU’s territorial boundaries; likewise, decisions concerning the siting of servers or cable infrastructure occur within far more limited jurisdictions, often managed by local authorities. Issues linked to smaller territorial scales are certainly important, yet they tend to be overlooked – often unjustifiably – in ICT law. They will be largely set aside here, however, for the simple reason that within the EU’s internal borders the relevance of geopolitical analysis diminishes in light of the already well-defined allocation of competences between levels of government.

Far more interesting, instead, is the question of how geopolitical methods can illuminate the appropriate form of regulation for phenomena that extend beyond the EU’s territorial scope. A substantial proportion of ICT law is transnational, if not global, in nature. While instances of national closure exist, the open-door policy is the general rule, so that North Korea, Russia, or China (just to refer to the most frequently cited examples) can be considered as exceptions. Basically, data flows and circulation of technologies are not impeded by physical borders.

From a legal perspective, the transnational character of ICT phenomena entails familiar corollaries: (a) a State may regulate a transnational fact only within the territorial limits of its jurisdiction; (b) interactions between regulations in different national legal orders fall under conflict-of-law rules; and (c) where a regulation applies extraterritorially, enforcement challenges arise – challenges that international treaties have sought, with varying success, to address.

Geopolitical analysis enriches this picture by adding further insights with potentially significant implications.

Geopolitics and the Different Dimensions of Transnationality

By mapping phenomena associated with new technologies, geopolitical analysis offers lawmakers and legal scholars a concrete understanding of the different dimensions of transnationality. Through mapping, substantial distinctions emerge between transnational phenomena, particularly in terms of their geographic distribution and concentration in certain regions. Two main categories can be identified.

Some transnational phenomena are genuinely global: they are present everywhere and are roughly equally significant everywhere. Examples include the widespread use of Apple or Samsung hardware, reliance on Google’s search engine, and interaction with ChatGPT.

On the contrary, other phenomena are transnational yet far more geographically concentrated. E-commerce, for instance, is practiced worldwide, but when represented on a map according to trade volume and economic value, stark differences appear between global regions, highlighting the centrality of wealthier areas such as the United States and Europe.

In general, the analytical force of mapping is amplified when geographical observations are paired with historical ones. A map depicting present-day conditions is informative in itself, but becomes even more meaningful when compared with a map representing the same phenomenon in the past. For example, current technological research investments are highly relevant, but their significance increases when compared with data from ten years earlier – particularly when the comparison reveals notable shifts suggestive of long-term trends.

These observations are not relevant only from the geopolitical point of view. Indeed, at least in some cases, they may offer valuable guidance for regulatory design. The EU’s approach to ICT regulation is a revealing example of how geopolitics can assist lawmakers and, at the same time, can help legal scholars understand the concrete impact of regulation.

EU Regulation Through the Lens of Geopolitical Analysis

If the European Union intends to regulate transnational phenomena, it must consider both the legal characteristics of transnationality and the geopolitical dynamics that influence the EU’s leverage over ICT actors.

The EU possesses considerable regulatory strength when dealing with phenomena that are transnational but geographically concentrated in a few areas – including Europe itself, of course. Actors subject to regulation in such cases cannot easily challenge EU authority without risking the loss of substantial market share or revenue.

By contrast, the Union’s regulatory influence is substantially diminished when dealing with transnational phenomena whose distribution is genuinely global. In such cases, the EU cannot rely on the structural advantages it enjoys in the first scenario. If the EU introduces regulations, companies operating within its territory will be subject to rules that will put them at a disadvantage compared to companies operating elsewhere. European companies therefore risk losing their competitive edge on a global scale. Therefore, they can try to resist the implementation of the legislation. Alternatively, given the truly global nature of the market in which companies operate, they can seek ways to free themselves from European constraints.

This may lead to enforcement difficulties, but more importantly, it increases the likelihood of “foot voting”: according to the Tiebout model, actors may simply relocate their operations to jurisdictions with more permissive regulatory frameworks, with limited impact on their global activities.

The regulation of artificial intelligence is particularly illustrative. Europe does not currently enjoy a favorable geopolitical position in AI: for instance, it does not outspend its competitors in research, nor does it possess the most competitive infrastructure. Strict regulatory measures therefore risk prompting developers and research centers to move to other parts of the world where constraints are fewer. If such relocation gains momentum, the result may be not only a decline in the effectiveness of EU regulations, but also the empowerment of competitors – especially the United States and China – who may later find themselves in a position to dictate terms to the EU.

Here, once again, the comparison of maps from different periods is invaluable: it enables assessment of whether and to what extent EU regulations (or even the anticipation of them) have triggered a process of relocation. What holds for AI applies equally to other regulatory domains, such as personal data protection or intermediary liability.

These observations do not constitute a plea for laissez-faire or deregulation. ICT must not be left to create a virtual jungle in the name of a highly questionable conception of freedom. As a global geopolitical actor, the EU cannot relinquish its role as a promoter of the rule of law and fundamental rights (see Michał Czerniawski, who criticizes the recent Declaration for European Digital Sovereignty precisely because of the lack of consideration from fundamental rights). Faced with the risks posed by new technologies, an adequate regulatory framework is essential.

What matters is that regulation be adequate. This means not only that it must be consistent with the Union’s principles and values, but also that it must be effective. And effectiveness requires careful attention to geopolitical considerations. As the Digital Omnibus Proposals show, neglecting them exposes lawmakers to the risk of “pauses for reflection,” or even genuine “backtracking” – hesitations that are perceived, and indeed function, as signs of weakness, hardly compatible with the pursuit of digital sovereignty.