On 15 December, the European Commission published proposals for Regulations on the Digital Services Act (DSA) and the Digital Markets Act (DMA), with the goal to reform the digital space, creating a comprehensive set of new rules for all digital services, including social media, online market places, and other online platforms that operate in the European Union.
The proposed Regulation on a Digital Services Act aims to update the eCommerce Directive (ECD) from the year 2000 as well as introduce new binding, harmonized, EU-wide obligations which will have a significant impact on a wide range of digital services that connect consumers to goods, services and content. This blog post sheds some light on some of the main provisions of the Digital Services Act and their subsequent impact on businesses.
Which companies will be affected by the new Digital Services Act proposal?
The Digital Services Act proposal includes rules for online intermediary services. The obligations of different online players match their role, size and impact in the online ecosystem. Among the regulated groups are intermediary services offering network infrastructure (Internet access providers, domain name registrars), hosting services such as cloud and webhosting services, online platforms bringing together sellers and consumers such as online marketplaces, app stores, collaborative economy platforms and social media platforms, and very large online platforms. All online intermediaries offering their services in the EU Single Market, whether they are established in the EU or outside, will have to comply with the new rules. Micro and small companies will have obligations proportionate to their ability and size while ensuring they remain accountable.
An asymmetric approach: different obligations for different players
The Digital Services Act will introduce a series of new, harmonized EU-wide obligations for digital services, carefully graduated on the basis of those services’ size and impact. All intermediaries falling under the scope of the DSA will have obligations in terms of transparency and fundamental rights protection and would have to cooperate with national authorities. Additionally, all intermediaries not established in the EU but offering services in the Union will have to designate a legal representative in one of the Member States where the provider offers its services. The absence of general monitoring obligations, already enshrined in the ECD, will remain in place in the Digital Services Act. Additionally, the Commission has introduced a “good Samaritan” principle, under which providers of intermediary services are not excluded from liability exemptions because they carry out voluntary activities to detect and remove illegal content.
For online platforms and hosting services, the proposal includes requirements for more detailed notice & action provisions. The proposal also introduces the concept of trusted flaggers, appointed by Member States authorities, whose notices should be processed with priority. Furthermore, the proposal introduces a “Know your business customer” principle, under which platforms will be required to obtain and verify identification information from the traders prior to allowing them to use their services. Finally, transparency obligations for online advertising will require online platforms to provide their users information on the sources of the ads they see online, including on why an individual has been targeted with a specific advertisement.
Platforms that reach more than 10% of the EU’s population (45 million users) monthly in average will be considered systemic in nature and will be subject to specific obligations to control their own risks. Very large online platforms will have to conduct yearly risk analyses, they will be subject at their own expenses to annual audits, adhere to transparency obligations for recommender systems as well as comply with additional measures for online advertising transparency. Finally, very large online platforms will have to appoint one or more compliance officers responsible for monitoring their compliance with the Digital Services Act Regulation. Member States will have to lay down the rules on penalties applicable to infringements of these rules by providers of intermediary services under their jurisdiction with the maximum not exceeding 6 percent of the annual income or turnover of the intermediary service.
Strengthened enforcement & cross-border cooperation
EU countries will be required to appoint a so-called “Digital Services Coordinator” to oversee enforcement of the regulation, which will have powers in terms of investigation, enforcement (including fines) and the imposition of access restrictions. Additionally, the coordinator would have the possibility of cooperating cross-border by requesting another digital service coordinator in a country of establishment to carry out an investigation. An independent advisory group of Digital Services Coordinators named the “European Board for Digital Services” will be established, which will contribute to the guidance and consistent application of the regulation and assist the digital service coordinators. For the case of very large platforms, the Commission will have direct supervision powers and, in the most serious cases, will be able to impose fines of up to 6 percent of the global turnover of a service provider.
What implications could the Digital Services Act proposal have for businesses?
Industry stakeholders’ responses to the proposal are mixed, with overall positive reactions to the extra harmonization measures, and the preservation of the ECD’s core principles. However, many raise concerns about the Act’s compatibility with other existing legislation, such as the Platform-to-Business Regulation and the Omnibus Directive, as well as the way the trusted flaggers’ concept would work in terms of transparency, an issue raised also by consumer protection groups. The inclusion of the requirement for non-EU companies to have a legal representative in the EU, while burdensome for such companies, has so far been accepted positively by European players as it would ensure a level playing field within the Single Market. Relating to the fines, the issue has been raised that the threat of significant fines for non-compliance might lead to preventive removal of content which might otherwise be considered legal, putting companies in the uncomfortable position of risking fines under the Digital Services Act or being criticized for violating freedom of expression by censorship.
Another example of businesses that would be impacted by the new rules are information society services offering a wide range of services such as search engines, cloud services and other platforms. Those businesses generally welcome the fact that the core foundations of the e-Commerce Directive are maintained, i.e. limited liability, no general monitoring obligations and the maintenance of the country of origin principle. However, there will be extra obligations for ‘very large online platforms’, having more than 45 million users across the Union. These platforms will have to provide regulators and outside groups with greater access to internal data, and appoint independent auditors who will determine if these firms are compliant with the new rules. The biggest tech companies will also be forced to provide greater transparency on online advertisements. These extra obligations will require additional resources and also raise a question about the legislative coherence between the Digital Services Act on the one hand, and provisions in for instance the recently published European Democracy Action Plan on the other.
Finally, there have been concerns among Big Tech companies that the criteria for identifying very large platforms need to be clearer and more inclusive, with several accusing the Commission of selection bias. Furthermore, the Digital Services Act is likely to have significant consequences for gig economy companies, such as well-known travel accommodation websites, as the extra requirements against illegal content and the provision of information on users would allow local authorities to require the removal of unregistered properties and receive information on hosts with outstanding tax obligations. City authorities in big European cities such as Amsterdam, Berlin and Paris, had adopted rules against said platforms and the Digital Services Act would allow them to enforce them.
What to expect next in the legislative process?
Following the publication of the Digital Services Act in December, the DSA will likely be the subject of long and arduous discussions in the Council of the EU and in the European Parliament.
Within the European Parliament, on 29 April, the Conference of Presidents, which gathers the leaders of all political groups, reached an agreement on which committee can take the leadership on the Digital Services Act (DSA), Initially, IMCO was assigned the exclusive competence on the legislative file in view of its impact on the Single Market legislation, but LIBE, JURI and ITRE also argued that they should have competence.
After a long-lasting debate, the President of the Conference of Committee Chairs, Mr. Antonio Tajani, proposed a solution. In order to reach a compromise, Tajani proposed to appoint all committees that challenged the leadership to be “associated” with IMCO under rule 57 of the European Parliament. Collaboration will take place through regular meetings between IMCO, ITRE, LIBE and JURI for the DSA proposal, and the rapporteurs of each committee will participate in all shadow meetings, the drafting of the IMCO reports, trilogue sittings and compromise amendments negotiations. All amendments of the associated committees will be voted in IMCO, while the mandate to enter trialogues will be voted in plenary, instead of committee sitting, to allow all associated committees to jointly vote and re-table amendments.
A parliamentary discussion on IMCO Rapporteur MEP Christel Schaldemose’s (Denmark, S&D) draft DSA report is set for 21 June. Within the LIBE Committee, MEP Patrick Breyer (Germany, Greens/EFA) has been appointed rapporteur. Within the JURI Committee, MEP Geoffroy Didier (France, EPP) has been selected as rapporteur.
Council of the EU
As confirmed by the Portuguese Presidency of the Council of the EU, the Digital Services Act is discussed in the Internal Market Working Party, falling within the remit of the Competition Council formation. According to insights into a draft progress report on the DSA from the Portuguese Council Presidency, dated 27 April, there is overall support among the Member States for the ambition of the DSA proposal and the need to swiftly adopt it. A few issues have however been identified as sensitive political and legal issues, such as the need for effective implementation and better coordination between countries, their authorities and the Commission, in particular in terms of cross-border enforcement and the impact on the country-of-origin principle. Questions were also raised on enforcement vis-à-vis service providers established outside of the EU. Further discussion will be needed on the scope, Article 6, Trusted Flaggers, the protection of trade secrets, out-of-court dispute settlements and the application date. The progress report will be presented to COREPER, after which it can be submitted to the Competitiveness Council on 27 May.
In terms of the time frame for adopting the DSA, France has announced a highly ambitious plan to conclude the negotiations for the proposal during its Presidency of the Council of the EU in the first half of 2022. The Commission shares this objective for the co-decision process to be finalized in a year and a half, however, it is useful to remember that other recent and major files, such as the General Data Protection Regulation and the Copyright Reform, took respectively 5 and 2.5 years to be adopted.
Dr2 Consultants closely monitors the developments on this file for its clients. If you would like to know more about the proposal, and how it might impact your business, please contact Dr2 Consultants.
Visit our Digital & Tech webpage to learn more about our services.
You might also be interested in: