Following raft of consumer complaints, Shein and Temu face early EU scrutiny of DSA compliance

Ultra-low-cost e-commerce giants Shein and Temu have only recently been confirmed as subject to centralized enforcement of the strictest layer of the European Union's digital services regulation, the Digital Services Act (DSA), but on Friday the Commission announced it's sent a bunch of requests for information (RFI) to both platforms vis-à-vis to their compliance with various requirements of the law.

The DSA is the bloc's recently rebooted online rulebook which aims to raise standards on digital services including marketplaces -- with lawmakers touting the regime as their tool of choice to shrink consumer risks in areas like the sale of illegal or dangerous goods.

The two marketplaces have been subject to the regime's general rules since mid February but were recently designated as so-called very large online platforms (VLOPs) under the DSA, back in April and May respectively, further amping up their regulatory risk as Commission enforcers joined in the oversight.

Just ahead of its designation as a VLOP Temu had also been targeted in a series of complaints filed by consumer protection groups from around the bloc -- alleging the platform is rife with manipulative design tricks which they suggested could pose a range of risks to kids. The complaints also accused Temu of operating "opaque recommender systems" and failing to ensure the traceability of traders, arguing there's no way for consumers to know if the products it sells meet EU safety standards.

The Commission said today's enforcement action draws on concerns set out in the complaints.

The EU's RFIs highlights areas where the two marketplaces are facing early DSA scrutiny -- and could prefigure the opening of formal investigations if the bloc's enforcers deem they're falling below the legal standard for consumer protection.

The regime allows for penalties of up to 6% of global annual turnover for confirmed breaches so any compliance failures could end up being costly for the pile-it-high-flog-it-cheap e-tailers. Strict enforcement of higher standards on the marketplaces could even -- potentially -- force changes to business models that clearly hinge on driving high volumes of sales.

At the very least the pair's ultra-low-cost, high-volume approach raises question-marks about product quality/safety -- so EU enforcement in this area looks like an interesting test case for the DSA.

The Commission appears to have several early concerns about the two marketplaces. In a press release, the EU said it's asking Shein and Temu for more information about measures they've taken to meet DSA obligations related to what's known as "Notice and Action" mechanisms, which should allow users to notify the marketplaces of illegal products.

It has also requested info related to the design of their online interfaces, which the pan-EU law mandates must not deceive or manipulate users, such as via so-called "dark patterns". Other areas the Commission said it's seeking more information from both businesses relate to the protection of minors; the transparency of recommender systems (aka the algorithms used to surface things like related products); the traceability of traders; and "compliance by design".

While Shein and Temu have only been designated as VLOPs for a matter of months, as noted above the bulk of DSA requirements have applied to both since mid February. And while enforcement of the general rules is typically decentralized to a network of Digital Services Coordinators (DSC) located at EU Member State level, as designated VLOPs Shein and Temu can also face Commission enforcement of the general rules -- i.e. in addition to oversight by the Irish DSC since their regional HQs are located in Dublin.

EU lawmakers designed this two-tier enforcement structure to avoid the risks of forum shopping being used to undermine enforcement of the DSA on larger platforms, as has happened in the case of decentralized enforcement of the bloc's General Data Protection Regulation.

When it comes to the extra set of DSA requirements for VLOPs -- which covers issues like algorithmic transparency and mitigation of systemic risk in areas like minors' mental health -- the Commission is the sole enforcer.

Both marketplaces do still have a few months' grace before compliance with these additional obligations is expected, though: Shein is due to submit its first risk assessment report to the Commission in August, while Temu has until the end of September to file its first risk report.

Still, with these early RFIs the Commission looks keen to be on the front foot when it comes to assessing those future reports -- and also keen to be seen responding swiftly to what are already widely raised consumer protection concerns.

Shein and Temu have been given until July 12 to provide the requested information. The EU said it will then "assess next steps", noting this "could entail" the formal opening of proceedings, i.e. if it suspects any infringements of the rules.

Shein and Temu were contacted for comment on the Commission's RFIs.

A Shein spokesperson confirmed it has received the request for information from the Commission, telling us the company is "working to promptly address it". "We share the Commission’s goal of ensuring that consumers in the EU can shop online with peace of mind, and we will continue working closely with the Commission to ensure our compliance with the Digital Services Act,” they added.

A Temu spokesperson also told us: "We are cooperating fully with the EU. We’d also like to reiterate that we are fully committed to complying with all applicable laws and regulations in the markets where we operate."