Introduction
On June 27, 2025, President Trump suspended trade negotiations with Canada. This action targeted Canada’s proposed Digital Services Tax.
President Trump characterized this tax as an attack on American innovation. Furthermore, he threatened retaliatory tariffs in response.
This dispute reflects a broader strategic pattern, with the Trump administration viewing international digital regulations not as neutral policy measures but as protectionist challenges to U.S. technological leadership. In response, the administration has deployed a comprehensive toolkit that includes tariff threats, trade suspensions, and legislative measures such as Section 899, which was removed from the One Big Beautiful Bill Act on June 26, 2025.
Ronin Legal has been examining the escalating conflict between U.S. tech companies and the EU in a series of articles. In Part 1 of this ongoing series, we examined the EU’s initial regulatory efforts in the 2010s. These efforts aimed to address U.S. tech dominance through privacy and antitrust laws.
Then, in Part 2 we traced the evolution of EU tech regulations from 2020 onward. These regulations include the Digital Markets Act, Digital Services Act, digital taxes, and key enforcement actions. Additionally, we covered the growing U.S. opposition to these measures.
In this instalment of our ongoing series, we examine the 2025 EU enforcement actions. These actions target Meta, Apple, and TikTok specifically. Therefore, these cases provide essential context for understanding the transatlantic conflict over global digital economy governance.
The 2025 Legal Landscape: Key Cases
The EU’s regulatory grip tightened significantly in 2025. Three high-profile cases reshaped US tech operations as a result.
Meta’s “Consent-Or-Pay” Model: Undermining Data Choice
In November 2023, Meta introduced a “Consent-or-Pay” model for EU Facebook and Instagram users. This model required consent for extensive data sharing for targeted ads. Alternatively, users could pay a subscription fee instead.
The European Commission initiated a case in response. The Commission leveraged the European Data Protection Board’s Opinion 08/2024. This opinion stresses the importance of voluntary consent.
The Commission found Meta’s model coercive and non-compliant with DMA Article 5(2). Specifically, the model lacked an equivalent, less data-intensive alternative for users.
Sanctions and Requirements
This resulted in a €200 million sanction on April 22, 2025. Additionally, Meta received a 60-day deadline for system revision. Although Meta launched a new ad model in November 2024, the Commission is still assessing its compliance.
Meta is expected to appeal their initial DMA fines. Therefore, this will prompt further legal review as the Commission continues engagement for full compliance.
Apple’s “Anti-Steering” Rules: Restricting Payment Choice
The European Commission initiated scrutiny under DMA Article 5(4) against Apple’s “anti-steering” rules. For years, these rules restricted app developers from directing users to cheaper external purchasing channels. Moreover, the rules allowed Apple to levy a 15-30% commission on in-app purchases.
Long-standing complaints prompted this action, notably from Spotify. As a result, the Commission opened investigations in March 2024. Then, they issued preliminary findings in June 2024.
The Commission’s Findings
The Commission concluded that Apple’s prohibitions on link-outs and in-app commissions for external transactions unlawfully blocked developers. Specifically, these restrictions prevented developers from promoting alternatives. Furthermore, the Commission found Apple’s security justifications disproportionate.
Consequently, on April 22, 2025, Apple was fined €500 million. The company was also ordered to remove these restrictions within sixty days (by June 22, 2025).
Apple’s Response and Ongoing Issues
Despite Apple’s August 2024 adjustments to allow external links, the Commission deemed them insufficient. The Commission mandated not just permission but active technical enablement of steering. Additionally, Apple cannot charge for steered transactions.
Apple has publicly stated that it intends to appeal against the decision. The company alleges unfair targeting and a shifting compliance standard. Meanwhile, the Commission continues engagement to ensure full DMA compliance. The calculation of “initial user acquisition” value will likely become the next point of contention.
Tiktok’s Data Transfers to China: A Breach of GDPR
On May 2, 2025, Ireland’s Data Protection Commission (DPC) fined TikTok €530 million. TikTok serves as the company’s lead GDPR regulator. The fine addressed TikTok’s breach of GDPR by transferring European Economic Area (EEA) user data to China without adequate safeguards.
Investigation Findings
A four-year probe revealed significant issues. TikTok failed to ensure data accessed by Chinese staff met EU protection standards. China’s national security laws exacerbated this problem further.
Initially, TikTok misled investigators by denying data storage in China. Later, the company admitted to limited transfers.
Additional Violations and Requirements
The DPC cited transparency violations in TikTok’s privacy policy. The commission ordered compliance within six months. If TikTok fails to meet these requirements, it faces a potential data transfer ban by November 2025.
Additionally, class action lawsuits filed in Germany in 2025 are seeking a nationwide ban on the TikTok app, citing ongoing GDPR violations and inadequate data protection measures.
TikTok’s Appeal
TikTok appealed to Ireland’s High Court in June 2025. The company argues it implemented adequate safeguards. The case is ongoing, with a ruling expected in mid-2026.
Conclusion
The €1.2 billion in combined fines against Meta, Apple, and TikTok demonstrates significant consequences. EU digital regulations now carry real enforcement teeth as a result.
These cases establish precedents that challenge core Silicon Valley business models. These challenges affect data collection practices, app store commissions, and cross-border data transfers.
With all three companies preparing appeals, the legal battles will likely continue for years. The EU’s willingness to impose substantial penalties signals a fundamental shift. This shift moves toward European digital sovereignty. Therefore, it threatens to fragment the global internet along regulatory lines.
In Part IV, we examine the economic cost of this pressure, quantifying compliance expenses, operational changes, and the broader political response from the U.S., including tariffs, trade action, and legislative retaliation.
Authors: Shantanu Mukherjee, Alan Baiju, Mohak Vilecha
