Amazon, Systemic Risk, and the Digital Services Act: What the General Court Did and Did Not Decide

The EU General Court’s ruling in Amazon v Commission marks a pivotal moment for digital regulation, confirming that the Digital Services Act (DSA) targets platforms based on their societal reach rather than traditional financial interdependence. By interpreting systemic risk through the lens of population impact and market dominance, the court sidesteps a narrow contagion model and aligns the DSA with broader public‑interest objectives. This nuanced definition expands the regulatory perimeter, ensuring that any platform crossing the VLOP threshold faces heightened scrutiny regardless of its internal network structure.

Beyond definitional shifts, the judgment reinforces the DSA’s macro‑prudential framework, mirroring EU financial‑law principles. VLOPs are now subject to a suite of preventive duties—risk assessments, design adaptations, independent audits, advertising repositories, and data‑access provisions for researchers. These obligations echo the proactive oversight seen in banking supervision, where regulators intervene before crises materialise. The court’s endorsement of this differentiated regime underscores a strategic move toward anticipatory governance, compelling large platforms to embed compliance into their core operations.

Looking ahead, the decision leaves several interpretive questions open, notably whether Article 34(1)’s risk list is exhaustive. Companies must therefore adopt a flexible compliance posture, anticipating broader risk categories and potential regulatory refinements. For policymakers, the ruling offers a template for balancing market innovation with consumer protection, suggesting that future EU digital legislation may further entrench proportionality reviews that tolerate only manifestly inappropriate measures. In practice, the verdict signals to global tech firms that the EU will enforce rigorous, scale‑based oversight, shaping compliance strategies worldwide.