A Billion-Dollar Betrayal
Europe’s Digital Services Act (DSA) does not protect victims of online fraud — it protects the platforms that profit from it.
Internal documents cited by Reuters showed that Meta allowed over 15 billion high-risk scam ads per day across Facebook and Instagram. Even worse: Meta’s internal rules only removed advertisers when its algorithm reached 95 % confidence they were fraudulent. Below that threshold, scammers could continue advertising — just at a higher ad-rate. Fraud became a monetized risk factor.
This is not a technical failure. It’s a deliberate business model.
The DSA: Promising Structure, Hollow Core
When adopted, the Digital Services Act was hailed as a milestone for safer online spaces.
But as EFRI wrote in 2022, it was a missed chance — a half-finished architecture without real consumer protection.
1. No strict liability rules for platforms
The DSA still shields platforms under the centuries-old “mere conduit” principle. Even when a platform knows it is distributing scams — or, as Meta does, profits from them — victims have no clear route to compensation.
The DSA offers only a generic damages clause (Art. 54) with high burdens of proof, but no strict liability framework that links negligence or the monetisation of scams to mandatory restitution
2. Traceability without teeth
The so-called “Know-Your-Business-Customer” (KYBC) obligation (Art. 30 DSA) requires only “reasonable efforts” to verify advertisers. For professional scammers, this is an open invitation.
Fake shell companies can buy thousands of ad impressions before any human ever looks at their credentials.
3. Transparency without consequences
Very Large Online Platforms (VLOPs) must provide an ad-repository, yet it contains incomplete, inconsistent, and unverifiable data.
Advertisers behind known frauds vanish behind opaque corporate structures. Victims cannot trace them. Authorities cannot audit them.
Transparency without enforcement is window dressing.
4. (Regulatory) Fines without deterrence
The DSA’s maximum penalty — 6 % of global turnover — sounds impressive. But when fraudulent ads generate billions, a fine of even €1 billion becomes a cost of doing business
The Meta Files: Proof of Systemic Negligence
The Reuters investigation exposed Meta’s internal revenue calculus:
“Each one-percent tightening of fraud-filtering reduces ad revenue by roughly $1.6 billion”.
Instead of tightening, Meta optimized — choosing revenue over safety.
Reports also showed Meta rejected or ignored over 90 % of scam reports submitted by users.
For a company with global reach, this isn’t oversight — it’s complicity.
Europe’s Online Crime Enablers Keep Profiting From Fraud
Victims of online investment and payment fraud face a brutal reality:
The scammers disappear overnight, leaving no trace, no assets, and no accountability.
Law enforcement remains ill-equipped — lacking the cross-border powers, funding, and technical expertise needed to pursue complex online fraud networks.
European enablers escape liability: payment service providers, crypto exchanges, social media platforms, and other intermediaries continue to facilitate these schemes without fear of civil or regulatory consequences.
The Digital Services Act does nothing to change this — it provides no strict liability rules, no victim compensation fund, and no obligation for platforms to freeze or return ad revenues derived from fraudulent activity.
The outcome is both predictable and intolerable: fraud victims are abandoned, while the digital intermediaries that enabled the crimes grow richer from their pain.
EFRI’s Demands — 2025 Edition
Europe can no longer tolerate “best efforts.” The next regulatory reform must finally deliver justice.
1. Full disclosure of ad-revenues from high-risk advertisers
Platforms must publish how much they earn from advertisers flagged as fraud-related and redirect those profits into a Victims’ Restitution Fund.
2. Positive civil liability
When a platform knowingly monetizes scams or fails to act despite internal red flags, it must be held jointly liable for consumer losses.
3. Quantified verification standards
“Reasonable efforts” must become measurable targets:
– 100 % identity verification for advertisers spending > €10 000 per month;
– automated removal within 24 h for ads flagged by national regulators.
Europe’s Moral Test
The DSA (applicable since end of 2023) was meant to make the digital space safer. Instead, it left the door wide open for industrialized deception.
Platforms like Meta can exploit regulatory ambiguity to turn scams into revenue streams — while consumers bear the losses.
This is the moral test of Europe’s digital age:
Will lawmakers protect citizens — or keep shielding trillion-dollar intermediaries who profit from crime?
