Making the digital economy “ fit for Europe ”

Over the past three decades, cyberspace has gradually become an engine of unsustainable outcomes from an economic, social and environmental perspective. The European Commission has launched several new initiatives, in the attempt to restore public control over cyberspace, remedy the distributional imbalances generated by the rise of large-scale digital platforms, and promote Europe's digital sovereignty. The paper argues that only by embedding rules and values in “ code ” and preserving openness towards the rest of the world will the EU manage to achieve its desired goals. Current initiatives such as the data strategy, the AI regulation, the Digital Services Act and the European Cloud Federation appear still too sparse and uncoordinated to really deliver on Europe's ambition to lead the world in the sustainable use of technology

Today, we increasingly call on the digital infrastructure, and even more on the giants that dominate it, to protect our democracies battered by populism and disinformation, as well as to support and revive our economy, revitalise our social relations weakened by the lockdown age, and unleash the transformation of our economic system towards new shores of resilience and sustainability.The European Union is now officially pursuing a "twin" transition (green and digital), in its quest for resilient and sustainable recovery after the pandemic. 2Yet, relying on the digital ecosystem as a thaumaturge of the distortions and difficulties of the real world may also be seen as an acrobatic, if not paradoxical, attempt.To some extent, the almost blind reliance on technological solutions, such as contact-tracing apps at the beginning of the COVID-19 pandemic, shows how puzzling and awkward the relationship between governments and digital technologies still is. 3As a matter of fact, beyond its thrills and wonders, cyberspace today is also a paradigmatic example of unsustainability.It suffices to look back a few years to realise that the magnificent promise of the Internet has remained largely written in a book of dreams, nurtured by the rhetoric of laissez-faire that inspired the founders of the Web from the very outset.The phenomenal thrust of the early, anarchic days of the Internet has inevitably put the legislator in the passenger seat, deprived of control, spectator of the triumphant rhetoric of permissionless innovation (a stance that is currently resurfacing, almost unchanged, when it comes to smart contracts and distributed ledger technologies). 4 The Cahier de doléances is dense, and encompasses economic, social and to some extent also environmental considerations.First, economic unsustainability emerged as a result of the extraordinary concentration of economic power in the hands of a fistful of entities.These entities feature an alternative, hybrid governance, combining elements of the traditional "firm", as theorised by academics such as Ronald Coase and Oliver Williamson, and some of the elements of market exchanges. 5So-called "platforms" bear little resemblance to the structure and features of firms as contemplated by the civil and commercial laws of most countries around the world.Thanks to the centripetal dynamics caused by network externalities in the Internet's end-to-end architecture, these entities were capable of capturing a large part of the value generated by the digital ecosystem 6 ; yet, they are at the same time able to outsource and externalise almost all business functions, including monitoring employee performance, as well as verifying compliance with the legislation by the products and services that pass through it, generating attractive advertising opportunities and swaths of data that, once aggregated, generate substantial value.Already a few years ago, a study compared the "Big 3" car manufacturers (GM, Ford and Chrysler) in 1990 with Silicon Valley's "Big 3" (Google, Apple and Facebook) in 2014, and found that the tech giants had nine times fewer employees and were worth 30 times more on the stock market: with the pandemic, this anomaly has become even more macroscopic. 7 is well known, large online intermediaries have remained shielded from legally imposed liability with regard to most of the impact that their activity exerts on society, the economy and the environment, as well as on the democratic process.To be sure, this initially responded to the need to preserve the neutrality of the Internet, preserving it as a locus of free exchange of information between users, in line with the end-to-end architecture of the Internet. 82 See, for example, the speech by President Ursula Von der Leyen on the State of the Union of 16 September 2020, in which it is reiterated that the Today, however, the situation has changed considerably: the Internet (or at least its visible part) is in the hands of a few subjects who control information flows in a very pervasive way, governing the attention of end users (hence the name of "attention merchants" used by Tim Wu, now member of the National Economic Council in the US Biden-Harris administration) and extracting a substantial portion of the value generated.The result is obvious: the (two) trillion dollar companies, whose valuation further multiplied even before the pandemic, were already worth more than the entire European stock market. 9Already at the beginning of 2020, big techs were worth $2 trillion more than the media sector. 10 This concentration of value in a few hands is unsustainable for all economic actors who see a growing dependence on the giants of the Web, with consequent transfer of value to the latter's advantage (think of the 30% toll imposed by Apple on those businesses that use its store to reach consumers). 11corollary of this situation is the deterioration of the innovative capacity of smaller companies, gradually deprived of the necessary resources to invest in research and development, as well as frustrated in their ambitions by an increasingly penalising market context.Even the International Monetary Fund has started to report a worrying trend, with market concentration rising in many sectors along with mark-ups and profits, which are not being sufficiently converted into investment. 12The problem of "value capture", denounced among others by Mariana Mazzucato, has become a hot topic on the most exclusive and influential political tables, and even turned into a geopolitical problem (given that the platforms are essentially American or Chinese), with the United States and China themselves grappling with a problem of internal distribution of economic value, to the point that they, too, are starting to implement more stringent forms of regulation. 13t the unbearable lightness of digital platforms does not end with economic considerations.Beyond the perimeter of profits and losses, the precariousness and devaluation of human work in an increasingly algorithmic context appears as a dystopian, yet very realistic scenario.A recent ILO flagship publication of the International Labour Organisation highlighted the progressive deterioration of the conditions of workers in many digital platforms, as labour contracts are replaced by a network of short-term, extremely precarious contracts. 14Moreover, an analysis of working conditions governed by algorithms projects even more apocalyptic scenarios, with entire squads of workers employed to train machines that one day, thanks to such training, will finally be able to do without them. 15e unsustainability of cyberspace also has environmental implications, in particular as regards the energy consumption of data centres and deep learning systems, which require huge amounts of energy to be properly trained. 16en more evident is the case of peer-to-peer network technologies which, in order to guarantee information redundancy, require continuous synchronisation between nodes and complex cryptographic procedures for validating transactions, thus requiring disproportionate amounts of energy (think of the blockchain, which to date is estimated to consume more energy than countries like Argentina). 17Work by the International Telecommunications Union 9 See T. Wu, The Attention Merchants: The Epic Scramble to Get Inside Our Heads (Vintage Books, 2017).In fact, FAANGS stocks in 2018 were instrumental in bringing back equity index values that otherwise would have been significantly negative.See, also, J. Pound, 'US Tech Stocks Are Now Worth More Than the Entire European Stock Market', CNBC, 28 August 2020, available at https://www.cnbc.com/2020/08/28/us-tech-stocks-are-now-worth-morethan-the-entire-european-stock-market.html; and J. Jolly, 'Is Big Tech Now Just Too Big to Stomach?',The Guardian, 6 February 2021, available at https:// www.theguardian.com/business/2021/feb/06/is-big-tech-now-just-too-big-to-stomach. 10 See G. Bridge, 'Big Tech Is Now Worth $ 2 Trillion More Than Media Sector', Variety, 3 January 2020, available at https://variety.com/2020/biz/news/big-tech-is-now-worth-2-trillion-more-than-media-sector-1203456031/. 11See the start of the European investigation in the Spotify case v. Apple, and the commentary by D. Geradin and D. Katsifis, 'The Antitrust Case Against the Apple App Store', available at https://ssrn.com/abstract=3583029.Similar is the controversy between Epic Games (video game producer, including the famous Fortnite) and Apple, which, after various skirmishes, resulted in an appeal to the European Commission by Epic Games on 17 February 2021. 12See International Monetary Fund, World Economic Outlook Report, April 2019. 13 recently highlighted that compliance with the Paris Agreement will require the industry to reduce greenhouse gas emissions by 45% by 2030, mostly through a shift to renewable and low-carbon energy. 18A recent review of available estimates concluded that "under business as usual, the most optimistic projection sees ICT's emissions staying stable at the current level", and that ICT will not reduce its emissions without a major concerted effort involving broad political and industrial action. 19veral other aspects of the digital economy show traces of growing unsustainability.On the one hand, cybersecurity is an ever-shifting frontier, especially when one thinks of the rise of the Internet of Things, which exposes networks to a growing threat of cyberattacks by making the attack surface denser and more porous every day. 20On the other hand, the promises of work automation and the transformation of value chains risk excluding entire countries from the global economy, even more so today that re-shoring becomes a possible and necessary perspective to obviate the country-risk induced by the pandemic. 21In this context, the digital divide continues to penalise entire portions of territory, even within the EU, potentially setting up a loss of opportunity for all citizens that reside in areas that are least served by digital services and connectivity.
Finally, the lack of effective control of the governance of the network by public institutions involves increasingly evident problems also for the stability of the democratic process.Those who were shocked by the Cambridge Analytica scandal, which exposed for the first time the disturbing world of behavioural experiments that social networks conduct every day on unaware masses of users, must today surrender in the face of the spread of algorithmic practices that are deployed with very limited accountability, not only in the private sector but also in government.Recent cases such as those involving algorithms like Syri and Gladsaxe in European countries, and COMPAS in the United States show that the relationship between governments and their citizens has now reached a "red alert" level when it comes to AI deployment, and that the potential benefits of digital government need to be carefully scrutinised to ascertain that the modus operandi of AI systems does not violate basic fundamental rights, as well as the provisions of administrative law and the right to good administration. 22 a result, there are no grounds for claiming the primacy of public governance over private governance (of platforms): rather, both sides risk plunging society into an unsustainable, technology-driven dystopia, if they do not equip themselves with instruments of transparency, democratic control and accountability when using AI systems and applications.And although it is certainly true that digital technologies, by their intrinsic characteristics, are both a cause and a solution to this problem, the fact remains that reliance on free market forces has led so far to unsustainable results, rather than driving meaningful progress. 23In this continuous evolution, already exacerbated by the pandemic, a symbolic point of no return is represented by the attack on the US Capitol Hill in January 2021, followed by the unilateral decision of Twitter and Facebook to permanently ban from their communities the (then) President of the United States.A culminating moment in which many of the problems raised in the previous pages are easily spotted: the manipulation of social networks for political use, the absence of full responsibility on the part of intermediaries, the triumph of private governance, without any legal instrument in place to effectively constrain the conduct of digital platforms.A worrying scenario that has disturbed the sleep of European legislators for quite some time and is now beginning to worry policy-makers in the United States, Japan and China, with a rising, sneaky feeling: that in the quest for permissionless innovation, we ended up legitimising the spread of equally permissionless surveillance. 24

| FROM LEGAL CODES TO SOFTWARE CODES: MAKING THE DIGITAL ECONOMY " FIT FOR EUROPE"
The European emphasis on the digital transformation as a salvific tool for sustainable post-pandemic recovery crucially requires action to bend cyberspace to the needs of protecting the fundamental principles and values of European law.This is even more important since, beyond the challenges already highlighted, Europe also faces a geo-economic problem, due to the fact that none of the platforms that dominate the Web is European, and yet platforms thrive thanks to the data and behaviour of European individual and business users. 25The value capture problem is therefore tinged with double meaning: on the one hand, there is a need for a redistribution of value; on the other hand, EU leaders attempt to achieve also a "repatriation" of data, or at least the chance that future data produced by citizens and industry do not depart from Europe to land on American and Chinese shores.
The need for a distinctive European approach to digital policy, however, appears as evident in theory as it is incredibly complex to realise in practice.The poster child of the past years of "Brussels effect", the EU General Data Protection Regulation (GDPR), has certainly had the merit of relaunching the role of public authorities in "interfering" with the constant evolution of cyberspace 26 ; however, it also showed the ability of big techs to circumvent the obstacle. 27To date, the GDPR compliance rate seems to be rather low, and even where data processors strive to comply with the provisions of the GDPR, the goal of empowering end users with greater control over their personal data has remained unattained. 28Thus, as lawmakers around the world, from Brazil to Japan and even California, rush to copy the GDPR model, it is gradually becoming self-evident that a traditional approach to regulation, based essentially on ex post control by courts and regulatory agencies, can only scratch the surface of a subject matter that travels at the speed of light, and hides patterns of compliance (or lack thereof) under a thick veil of code.The so-called "pacing problem", which scholars highlighted with respect to all disruptive technologies, here calls for new forms of adaptive regulation, which may require the introduction of new tools, and more agile forms of governance. 29ainst this backdrop, the European Union has gradually changed its vision of the digital single market, acting on various fronts and with different tools to "tame" cyberspace to the need for the protection of fundamental rights, the requirements of the Green Deal, as well as to the European ambition of greater technological sovereignty and open strategic autonomy. 30One telling example is the proposed "Regulation on a European Approach to Artificial Intelligence", adopted by the European Commission on 21 April 2021, which represents the first-ever attempt to 24  with platforms in national antitrust legislation in November 2020).In 2020, Japan adopted a law on improving transparency and fairness in the commercial practices of some specific digital platforms, which closely recalls the European P2B regulation. 25See the recent European Commission Communication, '2030 Digital Compass: the European Way for the Digital Decade', COM(2021)118 final, in which the Commission observes that 90% of the EU's data are managed by US companies, and less than 4% of the top online platforms are European. 26See A. Bradford, The Brussels Effect (Oxford University Press, 2019). 27See the 2019 Capgemini Research Institute Report entitled 'Championing Data Protection and Privacy-A Source of Competitive Advantage in the Digital Century', which highlights that companies have adhered to the regulation more slowly than expected, citing how the complexity of regulatory requirements, implementation costs, and legacy infrastructure challenges have hindered progress.According to Capgemini, just 28% of the companies interviewed had managed to fully meet the requirements of the legislation one year after its entry into force. 28See I. van Ooijen and H.U. Vrabec, 'Does the GDPR Enhance Consumers' Control over Personal Data?An Analysis from a Behavioral Perspective', (2019) 42 Journal of Consumer Policy, 91-107. 29See G. Marchant, B. Allenby and J. Herkert (eds.), 'The Growing Gap Between Emerging Technologies and Legal-Ethical Oversight: The Pacing Problem (Springer, 2011). 30For a more complete analysis of the impact of these initiatives on the technology stack, see A. Renda, 'Single Market 2.0: The European Union as a Platform', in S. Garben and I. Govaere (eds.),The Internal Market 2.0 (Bloomsbury, 2020).develop a comprehensive framework for the regulation of Artificial Intelligence. 31In this proposal, the European Commission took an extremely bold stance on the prohibition of certain uses of AI, and proposed an ambitious approach based on the ex ante assessment of the riskiness of AI products, coupled with rather strong post-market surveillance and ex post enforcement provision, in a framework that fully captures the legacy of the GDPR (including in the governance mechanisms proposed, e.g. an AI Board).
Beyond these developments, a number of new trajectories are becoming apparent.The following appear to be particularly relevant.
First, EU institutions, pushed by some Member States, are working on a gradual and progressive redefinition of the scope of application of competition rules.The need to revisit traditional antitrust law instruments had already emerged in the past, particularly during the years of the US and EU Microsoft cases, dating back to the 1990s and early 2000s. 32In the following years, while the main principles of antitrust law have remained valid, the tools and proxies used by competition authorities have gradually proven less and less effective and fit for purpose, because they echo the structure and dynamics of the "analogue" market economy. 33Thus, in the domains of abuse of dominance and merger control, and even with regard to cartels with the emergence of algorithmic forms of collusion, the use of competition law to promote a dynamic economy as well as social welfare has gradually lost its teeth, causing a change of direction-at least in embryonic form-which has started to surface in some new proposals for ambitious EU legislation.This is leading to a spectacular U-turn inside the European Commission.After years in which DG COMP pursued the "downward" harmonisation of national competition law, through the elimination of regulations on unilateral conduct that were widespread at national level but absent in EU law, over the past few years the need to make antitrust law more flexible to capture situations of abuse of economic dependence, superior bargaining power or "relative dominant positions" has emerged more strongly. 34This has resulted in both an expansion of ex post control beyond the traditional antitrust perimeter (e.g., overcoming the subtleties of market definition and even proof of abuse, as in the recently proposed Digital Markets Act); and a transition from ex post control towards ex ante forms of regulation (think of the Platform-to-Business or P2B regulation, and more recently the proposed Digital Services Act). 35 this new context, so-called gatekeepers are given a "special responsibility" similar to that previously attributed to super-dominant companies, such as the owners of essential infrastructure or assets, in line with the essential facilities doctrine, 36 with a double result: on the one hand, the liability regime of digital intermediaries is tightened with respect to the fairness and transparency of the conditions they apply to businesses using their platforms; on the other hand, more than favouring the contestability of the market, the sought interventions end up focusing more convincingly on intra-platform competition, and thus on crystallising the centrality of existing large platforms, rather than seeking to create the preconditions for new platforms to emerge over time.
A second trend that is emerging in EU policy is the gradual overcoming of the principle of net neutrality, which has so far translated into an absence of responsibility of intermediaries for the conduct of their users.As cyberspace becomes a critical infrastructure for the economy and society, the principle of neutrality (already largely 31 Proposal for a Regulation of the European Parliament and of the Council Laying Down Harmonised Rules on Artificial Intelligence (Artificial Intelligence circumvented in cyberspace) is no longer easy to justify, unless one accepts the creation of an immense grey area in the enforcement of public policy.The result, once more, is a move in the direction of greater public control over digital platforms.Yet, while in the UK the debate initiated by the White Paper on online harms is leading towards more pervasive statutory responsibility on the side of big platforms, the proposed Digital Services Act (DSA) maintains, though with many exceptions, the exemption from responsibility already contained in the e-commerce directive.In this respect, the DSA is still in continuity with a generation of public policy in which the intrusion of intermediaries in the content exchanged by users was considered heretical and eccentric with respect to the material constitution of cyberspace. 37However, very large platforms are now being asked to put in place stringent measures to ensure the correct and legitimate development of social relations and economic life in their ecosystems.This includes, at least in the Commission proposal, the possibility of inspections on the algorithms used to profile users and order the results of individual searches-a possibility, however, difficult to translate into practice given the limited availability of specific skills in the control authorities. 38 this respect, the DSA does not seem likely to overcome the decade-long paradox of EU law, in which the same entities that are almost demonised by policy-makers (the so-called "GAFTAM") are also asked to contribute to the enforcement of EU rules through algorithmic take-down in contexts that are extremely delicate from the standpoint of fundamental rights, such as those on hate speech or on the protection of copyright. 39The needed step forward, as will be recalled in more detail below, cannot but contemplate rather invasive forms of real-time inspection of the functioning and behaviour of the algorithms deployed by intermediaries.At present, except for what will be said below, EU institutions seem very far from developing this technology-enabled vision of law, let alone proceeding towards its concrete implementation.
A third trajectory that deserves notice is the need to propose technological solutions and technical protocols that embed compliance with regulatory provisions as design features.The failure of the traditional mechanisms of application of the law, from the regulatory authorities to the judges, requires that legislators make an effort towards adapting their tools to the digital economy: in other words, an effort at speaking the same language as the underlying regulated subject matter.Therefore, forms of algorithmic regulation are likely to become almost inevitable, with all the caveats of the case: if artificial intelligence errs in the private sector, it can certainly also create damages in public policy. 40om this point of view, a dazzling but still embryonic example is the EU attempt to counter the excessive power of the cloud giants, not by favouring the emergence of a European giant cloud provider, but through a European cloud federation, a jumble of technical protocols to be compulsorily applied to anyone who wants to provide cloud services in the EU; such a federated cloud would impose compliance with European regulation (first and foremost, laws of cyberspace, opening up possible future legal forays into the technological environment in which users operate, for example by intervening to attribute jurisdiction and direction to smart contracts and realising, in the domain of enforcement, what Lessig once called the "perfect technology of justice". 43re specifically, GAIA-X includes both a policy working group, and an overall "architecture of standards" group, featuring European industrial players.The policy working group essentially works to translate the EU acquis into actionable inputs into the legal and semantic architecture of GAIA-X, whereas the architecture of standards matches policy actions with the development of technical specifications.Key EU policies embedded in GAIA-X include GDPR, the Cybersecurity Act, eIDAS, and the Data Strategy.Later in 2021, work on ensuring GDPR compliance by design and on interoperability obligations may pave the way towards the de facto imposition, via code, of the de jure obligations contained in key pieces of EU legislation. 44GAIA-X is not reserved exclusively to European businesses, and indeed is already including large tech giants such as Microsoft and Google and Chinese companies like Huawei and Alibaba: but the extent to which these giants will be asked to adhere to rather strict, pro-competitive technical specifications (e.g., on data interoperability obligations) will determine whether GAIA-X will become, over time, an instrument of technological sovereignty as well as value redistribution, beyond what traditional public policies would be able to achieve.
In addition to these trends, it bears recalling another tendency that perhaps most clearly represents the change of course of EU digital policy.In the landscape painted by the European Commission, the era of open data, the age of the free flow of information that represented the most revolutionary banner of the Internet as a whole, will enter a phase of decline, at least in some provinces of cyberspace.A key element, in this context, is the new European data strategy, presented in February 2020 and already implemented through a first (indeed very timid) proposal for a Data Governance Act, which will be followed by other regulatory proposals, including a Data Act, in 2021. 45In carving out separate data spaces, where real economy companies will be able to coordinate to optimise service provision and possibly retain the bulk of the value generated without surrendering (as has happened until now) to large cloudbased platforms, the Commission essentially responds to the need for a more assertive industrial policy: one that ensures that real economy firms in industrial markets do not end up witnessing the same value capture so far observed in consumer markets; and that as a consequence, the entire European industrial economy does not fall prey to the tech giants.The plea by EU Commissioner Thierry Breton, which aims at bringing Europe's share of the data economy up to the level of the continent's share of global GDP, is another important trace of this attempted coup.
Against this backdrop, a sneaky sensation emerges, possibly paving the way for a radical rethink of the battles fought, in good faith, over the past three decades.The era of open data is over, at least as far as industry is concerned.Net neutrality, an instinctively attractive principle, ended up becoming the main ally of the non-neutrality of platforms and of the unsustainability of the economy.The Schumpeterian winner-take-all competition, a promise of economic dynamism and prosperity, has become so undesirable that ordoliberal views have gradually regained citizenship after decades of silence and ostracism. 46The idea of open innovation, praised as the promised land for smaller companies, has become a crime scene of contractual imbalances and value capture.More generally, the certainties of the early days of cyberspace, the most inspired ideological and libertarian battles, seem to have turned against the same people who supported them, and the same principles that inspired them.From here, to overcome the sneaky perils of the coming digital age, lawmakers will have to devise a new, more agile and hybrid toolbox, inspired by a combination of traditional law and "law as code". 43L. Lessig, 'The Zones of Cyberspace', (1996) 48 Stanford Law Review, 1403-1411. 44See GAIA-X: Policy Rules and Architecture of Standards, May 2020, available at https://www.data-infrastructure.eu/GAIAX/Redaktion/EN/Publications/ gaia-x-policy-rules-and-architecture-of-standards.pdf?__blob=publicationFile%26v=5. 45Proposal for a Regulation of the European Parliament and of the Council on European data governance, COM(2020) 767, 25 November 2020.

| WILL IT WORK? GAPS AND LOOPHOLES IN THE EU'S NEW DIGITAL STRATEGY
The post-pandemic recovery period will be, among other things, also an unprecedented testbed for the EU's ambition to govern cyberspace and set an example for the rest of the world.The new proposals for a regulation on Artificial Intelligence, the Digital Services Act and the Digital Markets Act, the various elements of the Data Strategy and the European Democracy Action Plan will be accompanied by the launch of an Important Project of Common European Interest on the edge/cloud architecture, the launch of data spaces in a variety of domains, as well as by the possible creation of a public-private partnership on Artificial Intelligence.In addition, the second half of 2021 will see the first concrete steps of the GAIA-X project, perhaps the most ambitious of the EU's attempts to restore sovereignty in cyberspace.
In this context, the European Commission seems determined to set a number of key indicators for the "digital decade", aimed at realising the objective of restoring digital sovereignty, as well as an ambitious new Digital Compass 2030 programme.The Commission, estimating that 90% of European data are managed by US companies, launched a consultation on selected targets to be met by the end of the decade, including the deployment of 10,000 climateneutral highly secure edge nodes in the EU, "in a way that will guarantee access to data services with low latency (few milliseconds) wherever businesses are located" 47 ; achieving a 20% share of the value of cutting-edge and sustainable semiconductors produced on a global scale; covering all European populated areas with 5G connectivity; adding 20 million employed ICT specialists in the EU; providing 80% of the population with advanced digital skills; achieving 100% coverage of online public services; and stepping up international cooperation with key strategic partners such as India, ASEAN and Latin America.
To achieve these goals, a number of challenges remain on the horizon, and the EU's ability to face them will determine whether the overall ambition of boosting Europe's data-driven economy will ultimately be met.Looking at the whole technology stack of the future Single Market, a number of nodes appear worthy of mention. 48First, a more nuanced approach to connectivity will be required, since 5G technologies appear to be cost-effective only in a subset of use cases, with low-power alternatives and more decentralised architectures providing superior performance in many others. 49Moreover, the ambition to provide user control over the flows of personally identifiable data must be backed by the deployment of "Personal Information Management Systems" (PIMS) such as those proposed by the Finnish innovation foundation Sitra, by the MyData movement, or by Tim Berners Lee's Solid project: however, at the time of writing no concrete prospects are emerging in this respect, and progress is needed, especially in light of the ongoing work on the review of GDPR.
Importantly, the governance of future data spaces, as well as their relationship with the emerging European Cloud Federation, appears to be obscure.On the one hand, while in some domains, such as health and automotive, bottom-up movements to propose solutions for the governance and sharing of data appear to be ongoing and promising, other sectors appear to still be at the starting line, and the governance arrangements that will enable future, constructive and pro-competitive data sharing are far from being clearly delineated.On the other hand, domain-specific groups in GAIA-X appear to be still insufficiently connected to the specific development in the data strategy.More generally, the link between the GAIA-X project and the European Cloud Federation appear to be still far from properly defined.
Intelligence was announced, but has not yet been implemented.The content, funding and direction of these initiatives will be key to the success of future Single Market policies.In this respect, the regulation on Artificial Intelligence, proposed by the European Commission in April 2021, will certainly constitute an ambitious attempt to create a general framework for regulating AI, which has no precedents around the world.At the same time, the opportunities and risks associated with AI development will require much more than mere ex ante regulatory obligations on the side of the regulated entities, and much more than the currently envisaged system of conformity assessments.In particular, the AI regulation will create the need for innovative forms of governance, including the creation of agile institution mechanisms, able to monitor in real time whether high-risk AI applications are behaving in line with what is expected of them.
In a related domain, the regulation of digital platforms through the DSA and the DMA seems to be still floating between the expansion of competition policy tools, and the introduction of full-fledged new regulatory obligations.
In addition, the enforcement of these new provisions seems to still be dependent on the ability of the European Commission to shoulder a massive new wave of complaints, as well as performing algorithmic inspections on platforms and, in particular, gatekeepers.Whether these rules will be enough to promote healthier competition in the digital ecosystem, it is difficult to say at the time of writing, but the search for a suitable balance between an exceptional set of rules within the realm of competition policy and a full-fledged sectoral regulation with rather harsh ex ante rules on a selected group of market players is not going to prove easy from the start.
Perhaps the most significant challenge ahead for EU institutions, in addition to getting enforcement right through a mix of technology-enabled and more traditional means, will be securing a high degree of policy coherence and convergence across the many initiatives launched over the past few months.These include, besides the ones mentioned in the past sections, also the new Industrial Strategy for Europe, which will be updated in April 2021; and the Next Generation EU programme, which will lead to unprecedented financial resources made available in the EU27 over the coming years, aiming for the "twin transition".On the horizon, a possible tension appears to be emerging between the overarching goals of the Green Deal and the Just Transition, the Commission's aspiration to become a more geopolitical actor pursuing sustainable development at a global level, and the possible push by Member States towards more aggressive interpretations of the digital sovereignty ambition, which would clash with the ideal of a more open approach to international cooperation (e.g., in AI or in the free flow of data with trust).The reconciliation of these goals in the future may require a proactive use of technology in support of a regulatory framework that, while levelling the playing field and remedying the inequalities that emerged during the first three decades of the Internet age, avoids falling into the trap of a ring-fenced, protectionist and inward-looking approach aimed at making the digital age fit for Europe, but perhaps unfit for Europeans and for the rest of the world.

Andrea Renda
https://orcid.org/0000-0002-9599-8234 How to cite this article: Renda A. Making the digital economy "fit for Europe".Eur Law J. 2021;1-10. https://doi.org/10.1111/eulj.12388 See, among others, S. Zuboff, The Age of Surveillance Capitalism: The Fight for a Human Future and the New Frontier of Power (Public Affairs, 2019), 691.See, also, C. You, 'Law and Policy of Platform Economy in China', (2020) 39 Computer Law & Security Review (China later disclosed guidelines for dealing See M. Mazzucato, The Value of Everything: Making and Taking in the Global Economy (Public Affairs, 2018).On the same theme, with a focus on P AESI developing, an extensive report was published in 2019 by UNCTAD, 'Value Creation and Capture: Implications for Developing Countries', Digital Economy Report, 2019.See also, D.J. Teece and G. Linden, 'Business Models, Value Capture, and the Digital Enterprise', (2017) 6 Journal of Organization Design, 8. 14 See ILO, 'The Role of Digital Labour Platforms in Transforming the World of Work', World Economic and Social Outlook Report 2021. 15See also H. Hauben, K. Lenaerts and S. Kraatz, 'Platform Economy and Precarious Work: Mitigating Risks', Briefing for the committee on Employment and Social Affairs, Policy Department for Economic, Scientific and Quality of Life Policies, European Parliament, Luxembourg, 2020.