The European Union has preliminarily ruled that Instagram and Facebook break its digital rulebook by design. In findings published Friday morning, July 10, the European Commission said Meta's use of addictive features like infinite scroll and autoplay breaches the Digital Services Act, a conclusion that, if confirmed, could carry a fine of up to 6% of global turnover, more than $12 billion. It is the second time this year Brussels has found Meta in breach, and the clearest signal yet that engagement-by-design is now a legal liability in Europe.

  • The ruling. The Commission's preliminary finding says Instagram and Facebook's addictive design breaches the DSA duty to assess and manage systemic risk to users' wellbeing.
  • The features. Infinite scroll, autoplay, push notifications, and personalized recommendation feeds were flagged for driving compulsive, autopilot use.
  • The stakes. A confirmed breach caps the fine at 6% of Meta's worldwide turnover, over $12 billion against 2025 revenue near $201 billion.
  • What is next. This is preliminary; Meta can review the case file and respond in writing before any binding decision or fine.
How the EU says Meta's design hooks users Four engagement features feed compulsive, autopilot use, which the Commission ruled an unmanaged systemic risk that breaches the Digital Services Act. FLAGGED FEATURES Infinite scroll Autoplay video Push notifications Recommendation feed autopilot modecompulsive use DSA systemic-riskbreach fine up to 6%of global turnover The Commission calls these features a systemic risk to users' wellbeing, not a product choice. genztech.blog
Fig 1 The EU's theory of harm: everyday engagement features combine into compulsive use, which the DSA treats as an unmanaged systemic risk.

What exactly did the European Commission find?

The Commission's preliminary conclusion, published Friday morning, is narrow but sharp: Instagram and Facebook are built to be compulsive, and Meta never properly assessed or mitigated the resulting risk to users. Investigators singled out infinite scroll, autoplay, push notifications, and highly personalized recommendation systems as features that push people into what regulators call autopilot mode. The probe, opened in May 2024, also found that Meta ignored data showing how late into the night under-18 users stayed on the apps, and that formats like Reels and Stories mapped onto patterns of excessive engagement. Meta's existing guardrails did not satisfy the Commission either: default teen time-management tools are too easy to dismiss, and parental controls only help parents with the time and technical skill to configure them.

RelatedChrome's Device-Bound Sessions Go Live to Kill Cookie Theft

Why does the DSA treat addictive design as illegal?

The mechanism most coverage skips is that the DSA does not ban any single feature. It bans failing to manage systemic risk. Under Articles 34 and 35, very large online platforms must assess and mitigate the risks their design poses to fundamental rights and to users' physical and mental health, then document that they did so. The Commission is not saying autoplay is unlawful. It is saying Meta ran engagement-maximizing systems at scale without adequately measuring or reducing the harm, which is the actual legal duty. That framing is why a design choice becomes a compliance failure, and why the remedy is process plus product change, not just a cheque.

Flagged featureWhat the Commission saysMeta's response
Infinite scrollRemoves natural stopping cues, drives compulsive usePoints to Teen Accounts and time limits
AutoplayShould not be on by default; keeps users watching passivelySays its protections were not fully weighed
Push notificationsPull users back into autopilot engagement loopsCites parental controls and night limits
Recommendation feedToo engagement-oriented; must be rebalancedDisagrees with the preliminary findings

How big could the fine actually get?

If the findings are confirmed, the DSA caps the penalty at 6% of Meta's total worldwide annual turnover. On 2025 revenue of just under $201 billion, that ceiling is more than $12 billion, or roughly 11 billion euros. That does not mean Meta pays the maximum: fines are calibrated to severity and cooperation. But the scale reframes the stakes. The two largest DSA fines to date were 120 million euros against X in December and 200 million euros against Temu in May. Meta's exposure sits an order of magnitude above both, which is what makes this the most consequential DSA action yet.

What 6% of Meta's turnover looks like The DSA caps fines at 6% of global annual turnover. Against Meta's roughly 201 billion dollar 2025 revenue, that is a penalty scale from about 2 billion to 12 billion dollars. POTENTIAL FINE - 6% CAP ON ~$201B REVENUE 1% of turnover $2.0B 3% of turnover $6.0B 6% cap (max) $12.1B For scale, the biggest DSA fine so far was 200M dollars against Temu. Meta's exposure is an order of magnitude larger. genztech.blog
Fig 2 - scale The DSA's 6% cap turns a design finding into an existential-scale number: against ~$201B in 2025 revenue, the ceiling is roughly $12B.

Who is affected and what changes for users?

If Meta is forced to comply, the most visible changes land on the interface itself. The Commission's proposed remedies include disabling key addictive features like autoplay and infinite scroll by default, adding stronger nudges to take screen-time breaks, and rebalancing recommendations so they are less engagement-oriented. For EU users, especially teenagers, that could mean a Facebook and Instagram that feel calmer and less bottomless. For Meta, it threatens the core loop that drives time-on-app and therefore ad inventory, which is exactly why the company is fighting the finding rather than settling.

RelatedChrome will warn on every HTTP site by default in 2026

  1. May 2024Commission opens a formal DSA proceeding into Meta over minors and addictive design.
  2. Apr 2026EU finds Meta failed to keep under-13s off its platforms. first breach this year
  3. Jul 10 2026Preliminary finding: Instagram and Facebook addictive design breaches the DSA. today
  4. NextMeta reviews the case file and replies in writing before any binding decision and fine.

What happens next?

This is a preliminary finding, not a verdict. Meta now gets to examine the Commission's investigation files and respond in writing before any binding non-compliance decision is issued. The company has already said it disagrees, arguing the Commission undervalued its Teen Accounts, which auto-restrict minors, allow nighttime blocking, and cap daily use. A final decision, if it goes against Meta, would set both the design mandates and the size of the fine. Expect months of back-and-forth, and expect Meta to litigate whatever lands.

What to watch - 2026
  • Meta's rebuttal. Whether its written response and Teen Accounts data move the Commission off a full non-compliance decision.
  • Design mandates. If the EU forces autoplay and infinite scroll off by default, expect Meta to ship it EU-wide, then fight exporting it.
  • The number. Any signal on where in the 0 to 6% range a final fine could land.
  • Copycat regulators. Whether UK, US states, or Australia cite the EU's addictive-design theory in their own actions.

Our take

The important shift here is legal, not moral. Everyone has known for a decade that infinite feeds are engineered to be hard to put down. What is new is a regulator with real teeth treating that engineering as a measurable, mitigable risk that a platform is legally obligated to manage. The DSA turns addictive-by-design from a critique into a compliance line item with an 11-billion-euro backstop. Meta will argue, correctly, that it has shipped teen protections, but the Commission's point is subtler: bolt-on safety toggles do not offset a system whose defaults are tuned for compulsion. If this finding holds, the template travels. Every large platform that monetizes attention now has to prove its defaults are defensible, and users can turn it off will stop being a good enough answer.

Primary sources

Original analysis by GenZTech. Reporting confirmed via CNBC.