The European Union has agreed on a Digital Services Act, a proposal designed to protect consumers and their privacy, in a move that could pave the way for similar legislation in the United States. Though illegal activity is thriving more than in any other time, the U.S. has been slow to respond to the evolving digital threats. In 2021, cybercrime losses reached an all-time high. Online users lost nearly $7 billion in damages due to cybercrimes, with large companies and public individuals common targets for digital attacks. Whether it’s large-scale attacks or phishing scams designed to target an individual user, online crimes are on the rise — which prompted the EU to take swift action to combat the worrisome trend.

Since the U.S. government has not implemented universal policies to protect consumers, some companies have marketed privacy as a feature. Namely, Apple has introduced a slew of features to protect users against predatory companies who harvest data for targeted advertisement, among other purposes. The company’s iPhone privacy report shows what information is being collected by apps and websites that request user data. It has specific information, such as what sensors and internet domains are accessed during tasks, and can inform people whether certain applications or websites really need the data collected. Although the features can be helpful, they are limited to Apple devices. The EU’s new act, however, will apply to a wide range of companies, websites, and services.

Related: Apple Has Been Rejecting Apps To Protect User Privacy

The agreement was announced by the European Commission, and was approved by both the European Parliament and EU Member States, according to the commission. The Digital Services Act was first introduced in 2020, and sets firm regulations for digital companies. “The DSA will upgrade the ground-rules for all online services in the EU,” said European Commission President Ursula von der Leyen in a statement. “The greater the size, the greater the responsibilities of online platforms.” The legislation sets expectations for many online websites and services — intermediary services, hosting services, online platforms, and ‘very large’ online platforms — all must comply with guidelines for user privacy and to combat illegal activity.

How The U.S. Might Implement Digital Legislation

iPhone privacy info on a Samsung Galaxy smartphone

‘Very large’ online platforms — which the act defines as platforms reaching more than 10 percent of the 450 million consumers in Europe — have the most legal obligations under the Digital Services Act, as they must take an active effort to thwart cybercrime on their platforms. This includes data sharing with authorities, external auditing, and the option for users to opt-out of certain recommendations based on profiling. Other standards apply to all digital services that are covered by the legislation, like transparency reporting, requirements in terms of service agreements that protect user rights, and cooperation with national authorities.

Some of the directives introduced by the Digital Services Act are present in the U.S. due to the efforts of private companies, like Apple. For example, transparency reporting and cybercrime protections have been added in some versions of the company’s software, but not all of the legislation’s provisions are willingly included by digital services providers. Apple’s App Tracking Transparency features reportedly cost social media giants just under $10 billion in revenue, according to a Financial Times report. Among the companies, Facebook was hurt the most by the privacy-focused features.

Voluntary features that protect consumers will never be universally accepted in big tech, since there are immense profits to be had in collecting, selling, and marketing user data. At the end of the day, corporations report to their shareholders, and must take the actions that will best benefit that group. In order for the U.S. to really have digital privacy rights, the government must take similar action to the EU’s Digital Services Act.