Why Ireland is at the Center of the Transatlantic Battle Over Digital Regulation

Liz Carolan is a fellow at Tech Policy Press.

Coimisiún na Meán’s (CnaM) neat three-storey office in a leafy corner of Dublin gives little hint that the 200 public servants inside are now at the center of a transatlantic political fight. The Irish media regulator, less than three years old, is battling 12 lawsuits from international tech companies.

Earlier this month, it was singled out by the Republican-led House Judiciary Committee for putting “censorship pressure” and “harassing” US tech platforms as part of a “global campaign to censor speech.” EU officials have been threatened, with some peers facing visa restrictions and potential sanctions by the US State Department. In this context, the Irish regulator is under heightened scrutiny from Brussels and beyond, amid concerns about any sign of Irish leniency toward the tech companies it is tasked with regulating under the Digital Services Act (DSA).

Perhaps we can sympathize with the US Judiciary Committee’s bafflement when it declares that “for some reason, Ireland's media regulator, the Coimisiún na Meán, is one of the most powerful in the world.”

Yet Ireland, an outpost on the furthest reaches of Europe that is smaller than Maine, has come to be the chief enforcer of the European Union’s digital policy. It ended up here by being a bridge between European ideals and US corporations, a Faustian bargain that is crumbling at its foundations.

Ireland’s tech-driven growth model has long depended on being both host and referee to US multinationals. The DSA is now testing whether that balancing act is sustainable.

How Ireland became the EU’s tech policy enforcer

After independence, Ireland spent decades poor and protectionist. By the 1950s, it pivoted toward openness, lowering trade barriers and courting foreign direct investment with tax and policy incentives. EU membership in 1973 accelerated that shift, giving Ireland market access and credibility.

The EU’s “country of origin” principle allowed services firms to base themselves in one member state while operating across the bloc. Ireland positioned itself as a low-tax, business-friendly gateway to Europe, attracting pharmaceutical and later tech giants.

It worked. Today, Ireland’s GDP is the EU’s second-highest, at over 200% the average. This growth enabled sharp upward economic and social mobility, and saw Ireland become a country of net inward migration for the first time. This is very recent history. Today’s political leaders grew up watching their friends and classmates emigrate for building site jobs in Birmingham and Baltimore. They know that the reason younger generations have opportunities at home in science, tech and beyond is simple: EU membership and an open economy built on FDI.

But that success created structural dependence. In 2024, 57% of corporate tax revenue came from just 10 overseas firms, mostly in pharma and tech. Regulatory decisions affecting those firms now carry macroeconomic consequences. Pharmaceuticals may face tariff threats, but moving high-tech production facilities — most of the world’s Viagra is made in Ringaskiddy, County Cork, for example — is a tall order. In pharma, Ireland competes on having high regulatory standards, which include agreements with the US FDA, who inspect Irish drug factories.

Accusations of leniency against Big Tech

Ireland has faced accusations of taking the opposite tack with more mobile tech companies; of competing to retain investment through under-enforcement of EU regulations. When the General Data Protection Regulation (GDPR) came into force in 2018, “country of origin” meant that global enforcement of this landmark regulation for major tech companies — Alphabet, Meta, Apple, Twitter/X, etc.— fell to Ireland’s Data Protection Commission (DPC).

Criticism grew that the DPC was an understaffed “bottleneck” for GDPR complaints. It started in 2018 with just 85 staff, growing modestly to 251 last year. It has also faced accusations of leniency, evidenced by the two-thirds of its GDPR decisions that have been subsequently overruled by the European Data Protection Supervisor, who often votes to dramatically increase fines and penalties. These perceptions of cosiness were strengthened when the DPC last year announced that its new Commissioner would be a person who was, until a few years ago, a senior Meta lobbyist.

The DSA hits at a different time

Perhaps learning from GDPR, the European Commission was careful to design the DSA to split powers between national regulators and itself. Somewhat chastened, the Irish state gave DSA enforcement to the new CnaM with greater resources and political space than the DPC ever appeared to have on GDPR.

Yet CnaM picked up the mantle of DSA enforcement in 2024, just as the US tech industry dropped any pretense of centering harm reduction — the DSA’s main focus — in its work. That first year, it faced four legal challenges, with legal bills of €5.8m. It is now fighting at least 12 separate pieces of legal action by tech companies. No less than five of these cases have been brought by X, including at least one where Elon Musk is personally named as an applicant.

And while Irish regulators may have had to historically reckon with the Irish Government’s conflicted interests in relation to FDI dependency, that has been nothing compared to the overt and aggressive threats from the US political system since January 2025. Irish media reported on visits from US officials that were preceded by the sharing of “provocative materials” denigrating European regulation. And more broadly, the US Secretary of State Marco Rubio has threatened regulators in Europe with visa restrictions and potential sanctions for “censoring Americans”.

This latest escalation from the US builds on this pressure for officials in Dublin. The question now is how the Irish Government will react, with the “country of origin” principle creating new political instability. The Irish electorate is shown in polling to favor strong tech regulation, but they have also come to expect living standards that come from an economy buoyantly but precariously perched on movable technology capital. Its two allies in making this state of affairs possible in the first place — European institutions and corporate America — are at odds, and the world’s most powerful country has taken sides.

So far, the official approach appears to be to say as little as possible, in contrast to both Brussels and many other member state capitals, where momentum for regulatory action is growing. In relation to the Grok nudification controversy, for example, government figures spoke of horror at the “misuse” of the platform, but said it was something the government would need to “look at down the road.” This prompted one opposition politician to accuse the Taoiseach (Prime Minister) of not wanting to “annoy or harm your relationship with big tech."

Looking at the year ahead

The road is only so long, and it may soon run out. Government figures will be anxious to see if these issues are raised by Trump in the annual St. Patrick’s Day visit by the Taoiseach to the White House in March.

And digital policy watchers will be keeping an eye on what Ireland does when it assumes the EU Presidency in July: will it use its rare agenda-setting powers to push for AI image abuse laws, as it has been suggesting, or fold under corporate and US pressure? Either way, and at some point soon, the Irish government will be forced to take a side between the increasingly hostile Trump-Big Tech alliance and its EU allies. Those taking that decision know what is at stake, but it likely won’t make the choice any easier.