In response to an avalanche of consumer complaints, Shein and Temu will face early EU scrutiny over DSA compliance

It was only recently confirmed that ultra-low-cost e-commerce giants Shein and Temu are subject to centralized enforcement of the toughest level of EU digital services regulation, the Digital Services Act (DSA), but on Friday the Commission announced it had sent a number of requests for information (RFI ) both platforms for their compliance with various legal requirements.

The DSA is the bloc’s recently relaunched online rulebook that aims to raise standards for digital services, including marketplaces – with lawmakers touting the regime as a preferred tool for reducing risks to consumers in areas such as the sale of illegal or unsafe goods.

Both markets have been subject to the general rules of the regime since mid-February, but were recently designated as so-called very large online platforms (VLOPs) under the DSA in April and May respectively, further increasing their regulatory risk as the Commission’s enforcement authorities joined in supervision.

Just before being designated as a VLOP, Temu also found itself in the crosshairs of a series of complaints filed by consumer advocacy groups across the bloc — alleging that the platform was rife with manipulative design tricks that they said could pose a range of risks to children. The complaints also accused Temu of running “unclear recommendation systems” and failing to ensure seller traceability, arguing that consumers had no way of knowing whether the products it sold met EU safety standards.

The commission said today’s enforcement actions are based on the concerns expressed in the complaints.

The EU information requests highlight areas where both markets are subject to early scrutiny by the DSA and could herald the opening of formal investigations if enforcement authorities in the bloc consider they do not meet legal standards for protecting consumers.

The system carries penalties of up to 6% of global annual turnover for confirmed violations, so any failure to comply with the rules could prove costly for buy-high-flog-it-low online sellers. Strict enforcement of higher standards in markets could even potentially force changes in business models that clearly rely on generating high sales volumes.

At the very least, this pair’s extremely low cost and high-volume approach raises question marks about product quality/safety, so EU-level enforcement in this area seems like an interesting test case for DSA.

The Commission appears to have had several concerns about both markets from the outset. In a press release, the EU said it was asking Shein and Temu for more information on the measures taken to meet DSA obligations related to so-called “notify and act” mechanisms, which should enable users to notify markets about illicit products.

It also requested information on the design of their online interfaces, which must not be deceived or manipulated by EU-wide rules, for example through so-called “dark patterns”. Other areas where the Commission said it expected additional information from both companies related to the protection of minors; transparency of recommender systems (that is, the algorithms used to reveal things such as related products); traceability of traders; and “compliance by design.”

While Shein and Temu were only designated as VLOPs a few months ago, as noted above, most of the DSA requirements have applied to both since mid-February. And while enforcement of the general principles is typically decentralised to a network of Digital Service Coordinators (DSCs) located at the EU Member State level, as designated VLOPs Shein and Temu may also face enforcement of the general principles by the Commission – i.e. in addition to oversight by the Irish DSC, since their regional headquarters are in Dublin.

EU lawmakers designed a two-tier enforcement structure to avoid the risk that forum shopping would be used to weaken DSA enforcement on larger platforms, as was the case with the decentralised enforcement of the General Data Protection Regulation.

When it comes to the DSA’s additional set of requirements for VLOPs – covering issues such as algorithm transparency and mitigating systemic risks in areas such as minors’ mental health – the Commission is the sole authority responsible for enforcing the rules.

However, both markets still have several months before they are expected to comply with these additional obligations: Shein is due to submit its first risk assessment report to the Commission in August; while Temu has until the end of September to submit its first risk report.

Still, with these early RFIs, the Commission clearly wants to be at the forefront of assessing future reports – and also wants to be seen as responding quickly to already widely raised consumer protection issues.

Shein and Temu have until July 12 to provide the requested information. The EU said it would then “assess next steps,” noting that this “could entail” formally opening an investigation, i.e. if it suspects any breach of the rules.

Shein and Temu were contacted for comment on the Commission’s Requests for Information (RFI).

A spokesperson for Shein confirmed it had received a request for information from the Commission, telling us the company is “working to quickly resolve this issue.” “We share the Commission’s aim to ensure that EU consumers can shop online with peace of mind, and we will continue to work closely with the Commission to ensure compliance with the Digital Services Act,” they added.

A Temu spokesperson also told us: “We are fully cooperating with the EU. We would also like to reiterate that we are fully committed to complying with all applicable laws and regulations in the markets in which we operate.”