Impact of the Digital Services Act: a new era for online intermediaries

by | Oct 31, 2024 | Blog | 0 comments

The need for robust regulations overseeing online intermediaries has become more pressing, given the industrial landscape shaped by digital technologies. The Digital Services Act (DSA), a key EU initiative, addresses the challenges and opportunities of the digital age.

The Digital Services Act (DSA) is an EU regulation aimed at addressing the challenges and opportunities presented by the digital age, which came into force in EU law in November 2022 and which is directly applicable across the EU. This landmark piece of legislation seeks to update and modernize the rules governing online intermediaries, ensuring a safer and more transparent digital environment for users and businesses alike.

Since of August 2023, these rules already apply to designated platforms with more than 45 million users in the EU (10% of the EU’s population), the so-called Very large online platforms (VLOPs) or Very large online search engines (VLOSEs). The DSA rules are applicable to all online intermediaries from 17 February 2024.

1. Context

The Digital Services Act comes as a response to the evolving nature of the internet and the rise of digital platforms that have become central to our daily lives. Social media, e-commerce, and other online services play a crucial role in connecting people, facilitating business transactions, and disseminating information. However, the growing influence of these platforms has raised concerns about issues such as misinformation, hate speech, and the abuse of market dominance. Digital services include a large category of online services, from simple websites to internet infrastructure services and online platforms.

The rules specified in the DSA primarily concern online intermediaries, including the following categories:

  1. Very large online platforms and search engines – these can entail particular risks in the dissemination of illegal content and societal harms.
  2. Online platforms – these are platforms together sellers and consumers such as online marketplaces, app stores, collaborative economy platforms and social media platforms.
  3. Hosting services – these can include cloud and web hosting services (also including online platforms).
  4. Intermediary services offering network infrastructure – including internet access providers, domain name registrars and hosting services providers.

As such, online marketplaces, social networks, content-sharing platforms, app stores, and online travel and accommodation platforms will all be required to comply with the obligations set out by the DSA.

2. Essential Obligations

The primary objectives of the Digital Services Act are to establish a harmonized regulatory framework for digital services across the European Union and to ensure a safe, predictable and trusted online environment, addressing the dissemination of illegal content online and the societal risks that the dissemination of disinformation or other content may generate.

Duty of Care for Platforms

The DSA introduces a duty of care for online platforms, requiring them to take proactive measures to address illegal content, disinformation, and other harmful activities on their services.

Further, hosting services providers (including here online platforms) are obliged to implement content moderation policies and mechanisms for users to report harmful content, as well as the obligation to notify law enforcement or judicial authorities of certain suspected criminal offences it becomes aware of.

Upon receiving a notice, the service provider must, without undue delay, confirm receipt and follow-up with the user once a decision in respect of the notice has been reached, therefore it is advisable to have a complaint handling mechanism in place. In the context of the provider’s reasoned decisions, the user should also be informed about the possibilities for redress and the provider must allow users to challenge the platform’s decisions to remove content.

Decisions on notified content must be taken in a timely, diligent, non-arbitrary, and objective manner, which requires providers to implement adequate technical and organisational precautions such as sufficiently detailed notice forms and adequate staffing. Additionally, where automated means are used for decision-making, this must be disclosed to the user.

Transparency and Accountability

The DSA aims to increase transparency in the digital space by obliging platforms to provide clear information about their content moderation practices, decision-making algorithms and advertising policies.

All service providers are required to publish annual reports that are easily accessible and in a machine-readable format, providing clear and comprehensible information with respect to any content moderation activities undertaken during the specified reporting period. Depending on the type of service, this may include information concerning takedown or other orders received from competent authorities, content notices by users and trusted flaggers, as well as complaints received through internal complaint-handling systems.

Given the extent of information to be reported, providers should assess whether their content moderation systems (e.g. dashboards) enable them to efficiently extract, document, and report the required information. Moreover, the Commission may adopt implementing acts to introduce templates apropos the form, content, and other details of these reports, including harmonised reporting periods.

Market Fairness

To address concerns related to market dominance, the DSA includes provisions to prevent unfair business practices, such as self-preferencing by large online platforms. By fostering fair competition, the legislation seeks to create a level playing field for businesses of all sizes.

Cooperation with Authorities

The DSA encourages collaboration between online platforms and relevant national authorities. Platforms are required to appoint a single point of contact in the EU, facilitating communication and cooperation with regulatory bodies, as well as with service recipients. All service providers must designate single points of contact and publish respective (electronic) contact information for both communications with Member State authorities, the Commission, and the European Board for Digital Services and for communications with users.

In addition, providers without an EU establishment must appoint an EU-based legal representative to receive, comply with, and enforce DSA-related decisions. These representatives may also bear liability for DSA non-compliance, without prejudice to any liability of the provider itself.

Extended obligations for VLOPs and VLOSEs

VLOPs and VLOSEs face extensive additional compliance obligations under the Digital Serrvices Ac. Specifically, providers of VLOPs and VLOSEs must undertake the following:

  1. conduct a risk assessment and implement risk mitigation measures;
  2. implement a crisis response mechanism;
  3. commission annual independent compliance audits;
  4. implement at least one non-profiling-based recommender system option;
  5. observe heightened advertising transparency;;
  6. provide data access and scrutiny to supervisory authorities;
  7. install a compliance function, such as a “DSA Officer”;
  8. file additional transparency reports;
  9. pay supervisory fees.

3. Controversies

While the Digital Services Act represents a significant step towards regulating the digital space, it has not been without controversy. Some critics argue that the legislation may stifle innovation and impose undue burdens on smaller platforms. Striking the right balance between ensuring user safety and fostering innovation remains a challenge for lawmakers. Organisation will need to consider carefully how to comply with enhanced transparency obligations and the requirements to publish certain information specifically required under the DSA. The presentation format and level of detail for the necessary information remain uncertain at present. Nevertheless, organizations will definitely need to implement technical modifications to their platforms to ensure compliance.

4. Implementation and Enforcement

The successful implementation of the Digital Services Act will most certainly rely on effective enforcement mechanisms. Both national authorities and the Commission bear responsibility for overseeing, enforcing, and monitoring the DAS.

National authorities possess the primary competence to supervise and ensure compliance with the DSA for intermediary service providers operating within their jurisdiction, regardless of user volume. Meanwhile, the Commission holds exclusive authority to oversee, enforce, and monitor VLOPs and VLOSEs in meeting the enhanced due diligence obligations mandated by the DSA to address systemic risks. However, both the Commission and national authorities share competence for all other obligations imposed on VLOPs and VLOSEs under the DSA.

In Romania, the authority designated to supervise and ensure compliance with the DSA is The National Authority for Management and Regulation in Communications of Romania (ANCOM).

5. Outcome

The Digital Services Act reflects a proactive effort by the European Union to address the challenges posed by the digital age. By setting clear standards for intermediary service providers, including online platforms and search engines, and by promoting transparency, accountability, and fair competition, the legislation aims to create a digital environment that benefits both users and businesses. As the digital landscape continues to evolve, the DSA provides a framework that can adapt to emerging challenges, fostering a safer and more responsible online space. The transition may present challenges, given the need for adjustments both in technical infrastructure and in operational practices.

Cluj IT will not be liable for any false, inaccurate, inappropriate or incomplete information presented, as the authors are free to choose their approach and relevant topics, within the general guidelines of the newsletter. The opinions expressed by the authors and those providing comments are theirs alone, and do not reflect the opinions of Cluj IT.

Certain links in the articles or comments may lead to external websites. Cluj IT accepts no liability in respect of materials, products or services available on any external website which is not under the control of Cluj IT.