Part 1: Digital Services Act: Regulating online platforms to protect users
Digital services are constantly evolving. The last few years have seen a rapid and widespread development of digital services; offering consumers new ways to communicate, share content or even buy products and services online. The benefits of this for users, the economy and innovation are undeniable.
However, with such advancements, the legislation that regulates such services also needs to continue to develop. Two pieces of key legislation have been proposed by the European Commission in order to tackle the issues arising from the advancement of digitalisation – the Digital Services Act and the Digital Markets Act. In this article, we will be focusing on the former.
What is the Digital Services Act?
The main aim of the Digital Services Act (the “DSA”) is to create a safer digital space in which the fundamental rights of users of digital services are protected.
The expansion of online services has allowed for actions that are detrimental to users’ rights to become more widespread. These risks include the publication of illegal content, products and services, the spread of misinformation, and even incitement to hatred, violence, and harassment. Therefore, the DSA aims to prevent and stop such practices.
Who does the Digital Services Act apply to?
The rules specified in the DSA mainly concern intermediaries and online platforms. For example, online marketplaces, social networking platforms, content sharing platforms, application stores, Internet service providers or cloud services.
Furthermore, there are additional obligations for very large online platforms (“VLOPs”) and very large online search engines (“VLOSEs”), which are platforms and search engines with more than 45 million monthly active users.
This legislation modernises part of the Directive 2000/31/EC on Electronic Commerce of 8 June 2000, which is over 20 years old and therefore, unfit for modern practices, and is intended to better control illegal content and products offered online. The guiding principle of this regulation is that "what is illegal offline must also be illegal online".
The stakes of the DSA appear more concrete for users - this act is intended to incite the tech giants to review their entire operations in Europe. Thus, whilst the economic concerns arising from “gatekeeper” practices will be addressed by the DMA (which we will discuss in Part 2 of our series), broader societal concerns will be addressed in the DSA.
What are the obligations under the Digital Services Act?
The DSA will incorporate several new obligations for online platforms, which have different purposes. In particular, it will:
Introduce measures to prevent illegal products, services or content online and the spread of misinformation such as:
Online platforms will have to react quickly when receiving a report of illegal content from a user. The current process for notifying and removing such content/products varies from one Member State to another and does not allow for effective action due to long delays. The DSA introduces a more effective notification mechanism where reports must be handled in a non-arbitrary and non-discriminatory manner.
While platforms cannot be held directly liable for illegal content that they host, the DSA requires that they should make every effort to verify the identity of service providers to ensure that they can be held legally responsible.
Introduce measures to protect users such as:
Users will be able to challenge content moderation decisions by platforms and seek redress, either through an alternative dispute resolution mechanism or through legal recourse.
Limiting targeted advertising, most notably the targeting of minors and processing of sensitive personal data such as political and religious beliefs and sexual orientation.
Obliging platforms, that can access minors in the EU, to implement special safeguards to ensure their safety; including, as mentioned above, a ban on the use of minors’ personal data for targeted advertising.
Implementing transparency measures for online platforms on a variety of issues, including “user traps” or “dark pattens” (specific techniques to extort consent for the collection of personal data, such as the repeated display of pop-ups), deceptive practices and recommendation systems (algorithms used to recommend content or products to users).
Introduce measures for very large platforms and search engines to assess and mitigate risk, such as:
Carrying out risk assessments and implementing mitigation measures to prevent misuse of their systems and to allow independent audits of their risk management systems.
Publishing transparency reports every 6 months and submitting additional reports to the Digital Service Coordinator and the Commission.
Appointing a compliance officer.
Being subject to enhanced monitoring and enforcement by the Commission.
What are the sanctions for non-compliance?
Under the DSA, each of the Member States of the European Union will appoint a Digital Services Coordinator, who will be able to investigate and take legal action if they find irregularities, or even sanction a company directly in certain circumstances.
The 27 Coordinators will cooperate together and will have the power to conduct joint investigations in several Member States. However, the Commission will have exclusive powers to supervise VLOPs and VLOSEs.
Lastly, the DSA provides effective and dissuasive sanctions - offenders may be fined up to 6% of their annual revenue or turnover or even be banned from operating in the EU single market in case of repeated serious breaches.
When will the Digital Services Act be introduced?
The DSA was agreed upon by the European Parliament and the European Council on 23 April 2022. Once the DSA is then formally adopted by these two EU co-legislators, it will be published in the Official Journal of the European Union and is intended to enter into force 21 days after its publication.
The Act will be directly applicable in two stages: firstly, 15 months after it comes into force or 1 January 2024 (whichever is later) and secondly, for “very large online platforms” or “very large online search engines”, the DSA will apply from an earlier date – 4 months after they have been designated as entering the prescribed categories.
It will be interesting to follow the adoption of the DSA as well as its concrete application. Stay tuned for part 2, where we will be discussing the Digital Markets Act. For further information about the DSA or the DMA – please contact us!
Article by Evane Alexandre and Gabrielle O’Sullivan, Gerrish Legal.