After a two-year investigation, the European Commission has preliminarily concluded that Meta’s Instagram and Facebook platforms breach the Digital Services Act through design choices the Commission says are built to maximise engagement rather than protect user wellbeing.
What the Commission actually found
The investigation centres on a specific set of design mechanics: infinite scroll, autoplay, push notifications, and recommender algorithms tuned for maximum personalisation and engagement. According to the Commission’s preliminary findings, these features push users into what regulators describe as an “autopilot mode” that fuels compulsive use, and Meta failed to properly assess the risk this poses to the physical and mental wellbeing of users, including minors and other vulnerable groups, as the DSA requires platforms of Meta’s size to do.
This is a distinct issue from earlier scrutiny of Meta’s messaging privacy or content moderation practices. It is a finding about product design itself, treating the mechanics that keep users scrolling as a regulated risk category in their own right, not merely a business choice.
The changes Meta is being told to make
The Commission has specified concrete remedies rather than leaving the response open-ended: disabling autoplay and infinite scroll by default, introducing effective screen-time breaks, and modifying recommender systems to reduce their reliance on pure engagement-driven signals. Meta disputes the findings and says it has already taken significant steps to protect teenage users, but the Commission’s preliminary decision stands until Meta responds and a final ruling is issued. The exposure is substantial: a fine capped at 6 percent of Meta’s total worldwide annual turnover, a figure that could exceed 12 billion US dollars based on 2025 revenue.
Why this reaches further than Meta
The DSA’s obligations around manipulative design and risk assessment for very large online platforms are not written narrowly around any one company’s product choices. Infinite scroll, autoplay, and engagement-optimised recommendation logic are standard patterns across social platforms, consumer apps, and increasingly business software built to maximise time-on-app metrics. A finding of this scale against the largest player in the category is a strong signal about where regulatory attention is heading next, and how concretely the Commission is now willing to specify the fix.
Any organisation operating a digital platform with EU users, whether a social network, a marketplace, or an app with engagement-driven features, should treat this as a prompt to review its own design against DSA risk assessment obligations now, rather than waiting to find out through an investigation of its own.
If your business needs help understanding how the Digital Services Act applies to your platform’s design and recommender systems, or wants a compliance review before a regulator asks for one, contact Excello Digital. We help European organisations build digital products that hold up to regulatory scrutiny without sacrificing the user experience.
