Brussels has imposed at least €3.77bn in fines on Big Tech in 2025, marking the first year in which the European Union’s new digital rulebook has been enforced with significant financial penalties. It was worth it.
The sanctions target anti-competitive conduct, certain data practices and transparency failures, and represent the first real test of the Digital Markets Act and the Digital Services Act. While the sums are substantial in absolute terms, they remain well below the maximum penalties allowed under EU law. This is fuelling debate over whether fines alone are enough to curb Big Tech’s entrenched digital power, or whether Brussels will ultimately have to go further.
And the winner is… Google’s €2.95bn
The largest fine of the year went to Google, after the European Commission concluded that the company had abused its dominant position in digital advertising technology.
In September 2025, regulators fined Google €2.95bn, finding that it favoured its own ad exchange and tools across the adtech stack. The Palo Alto company this distorted competition to the detriment of advertisers and publishers. It was Google’s fourth major antitrust fine in the EU, by far the biggest issued last year.
More importantly, the decision went beyond a financial sanction. The Commission ordered Google to propose remedies to address structural conflicts of interest in its adtech business, reopening the long-running question of whether behavioural fixes are sufficient, or whether parts of the business may need to be separated.
You might be interested
Taken together, Google’s EU antitrust fines now exceed €8bn from confirmed penalties over the past decade. This includes a €2.42bn fine in 2017 for abusing its dominance in the Google Shopping market, a €4.34bn penalty in 2018 related to anti-competitive practices involving the Android operating system, and a €1.49bn fine in 2019 for restrictive online advertising practices.
Runners-up: X, Apple
The most recent enforcement action came in December, when the EU fined X €120M, issuing the first-ever non-compliance decision under the DSA (Digital Services Act). Brussels cited multiple violations. The deceptive use of the blue “verified” checkmark, failures in advertising transparency, and X’s refusal to provide researchers with access to public-interest data. The case quickly became one of the most politically charged enforcement actions of the year. It drew sharp criticism from X owner Elon Musk and renewed accusations of EU censorship from the United States.
Apple was fined €500M in April for breaching the DMA’s anti-steering rules. The Commission found that Apple prevented app developers from informing users about cheaper offers outside the App Store, limiting consumer choice and competition.
Brussels framed the case as a DMA (Digital Market Act) violation. Apple had been designated a “gatekeeper” and failed to comply with legally binding obligations. The company criticised the decision as disproportionate, warning that it would undermine the security and quality of its ecosystem.
The fine followed a €2bn antitrust penalty in March 2024. At the time, the Commission concluded that Apple abused its control over music-streaming distribution via the App Store. Together, the cases bring Apple’s EU fines to around €2.5bn in just over three years.
Meta: A forced change of course
In parallel to Apple, Meta received a €200M fine in April for its controversial “pay or consent” advertising model. This forced users to either accept personalised ads or pay a subscription. The Commission concluded that the approach did not offer genuine user choice, breaching the DMA. In response, Meta compromised to change its advertising model for EU users, the first concrete behavioural adjustment triggered by a DMA fine.
Meta promised to offer users of Facebook and Instagram a third option. Less personalised ads, without being forced to either consent to extensive tracking or pay. The Commission is now assessing whether the revised model meets the DMA’s requirement for genuine and equivalent choice.
Since 2023, Meta has accumulated roughly €2.29bn EU fines. To the 2025 fine, it adds a €797.72M competition penalty in 2024. The reason is Facebook tying Marketplace to its social network, as well as sanctions for data-handling failures. The total is reinforced by a €91M penalty in September 2024 for storing users’ passwords in plaintext. Additionally, in late 2023, the EU’s data protection authorities imposed a €1.2bn GDPR fine on Meta for unlawful transfers of EU user data to the United States.
A shift in enforcement
The fines imposed in 2025 reflect a bigger change in how the European Union regulates Big Tech. Brussels has moved to rule-based enforcement under two landmark laws: the Digital Markets Act and the Digital Services Act.
The Digital Markets Act, adopted in 2022 and largely applicable since May 2023, targets the economic power of the largest platforms. It designates companies such as Google, Apple, Meta, Amazon and ByteDance as “gatekeepers” and subjects them to ex-ante obligations. This includes bans on self-preferencing, restrictions on tying services, and requirements to allow fair access for business users and competitors.
Running in parallel, the Digital Services Act, operational since 2023, focuses on how platforms operate and moderate content. It gives Brussels new powers to police platform design, advertising transparency and systemic online risks, including disinformation, illegal content and election interference. For the first time, very large online platforms face binding obligations around risk assessments, data access for researchers and transparency over algorithms and ads.
Big players, small impact
Under both regimes, the Commission can impose fines of up to 10 per cent of global turnover, rising to 20 per cent for repeat infringements. Against those ceilings, even billion-euro penalties represent only a fraction of Big Tech revenues. That gap has fuelled criticism that enforcement remains too cautious. Particularly amid transatlantic tensions, with US officials repeatedly warning that EU digital fines amount to disguised trade barriers.
One way to assess the deterrent effect is to compare fines with free cash flow. According to calculations by Proton, Big Tech companies can often pay off EU penalties in days or weeks, not years. In 2024, Google could have covered nearly €3bn in fines with less than three weeks of cash generation. While Apple and Meta required little more than a week in most cases.
Looking ahead to this year, the Commission has opened multiple market investigations under the DMA. This includes probes into cloud computing services such as Amazon Web Services and Microsoft Azure to assess whether they should be designated as “gatekeepers” and subject to stricter rules on interoperability, data access and competitive fairness. At the same time, DSA compliance checks continue across a broad set of very large online platforms, such as Facebook, Instagram, TikTok and X, amid preliminary findings that some operators may be falling short on transparency obligations and access for independent research.
