18 janvier 2021
Radar - January 2021 – 2 de 3 Publications
In June 2020, the European Commission launched a consultation on a proposed new Digital Services Act package. The consultation looked at a wide range of issues including online harms, online advertising, online competition, smart contracts and governance, as well as at issues around intermediary liability for user generated content.
Following the consultation, the draft Digital Services Act (DSA) was published by the EC in December 2020. It is part of the Commission's package of proposals to foster competition and innovation in the digital economy while preserving fundamental rights and improving online safety for users. The DSA focuses on online intermediary services, in part, overhauling aspects of the eCommerce Directive. It is intended to improve mechanisms for removal of illegal content while protecting freedom of speech, and to create stronger oversight of very large online platforms.
This is the initial proposal for a DSA. The European Parliament and Council will now consider it and come up with their own versions. Following that, trilogues will begin to produce a consolidated version which will become final once approved through the ordinary legislative process. This could take some time to agree. The GDPR, for example, took four years to complete and another two before it came into effect, and the ePrivacy Regulation has still to be agreed some four years after publication.
There is considerable political appetite for regulation of digital service providers which may hasten the legislation through to enactment but it is difficult, at this stage, to predict how long it will take or what it will look like in final form.
If the DSA comes in as currently envisaged, it will place a significant compliance burden on service providers and leaves questions around lawful but harmful content largely unanswered unlike the UK's proposed Online Safety Bill. On the other hand, the EC has included a wider range of unlawful content in scope than the UK which has a number of notable exclusions including in relation to intellectual property, data protection and consumer protection.
Who is caught by the DSA?
It contains a range of obligations which apply to different classes of online players depending on their role, size and impact in the online ecosystem so whether they are:
The DSA will have extra-territorial effect and will apply to intermediary services with a "substantial connection" to the EU.
What are the overarching new measures?
(Reproduced from EC press release)
Providers which act as 'mere conduits' or which only cache or host information have the fewest obligations and they retain the benefit of the hosting exemption for liability for third party content which is carried over from the eCommerce Directive. The DSA makes it clear that there is no general obligation to monitor content and that carrying out voluntary or mandatory investigations to detect and remove illegal content will not void the exemption. The exemption does not apply to liability under consumer protection law where an online platform appears to be providing products or services itself.
Illegal content is defined broadly to cover any information which does not comply with EU or Member State law. Lawful but harmful content is not defined and is not subject to take down measures. This is a different approach to that to be taken by the UK on online harms in its upcoming Online Safety Bill.
All providers must:
Hosting service providers must implement prescribed processes for 'notice and action' under which potentially illegal content is reported and reports are responded to and actioned. This must include providing users with information about redress and how any take down decision was made, including automated decision making. The information must be published on a Commission database. Once subject to notice of potentially illegal content, the provider will most likely lose its liability exemption.
Online platforms must:
Additional rules for very large online platforms
Very large online platforms must comply with all the obligations which apply to intermediary services, hosting service providers and online platforms but they have a number of additional obligations including:
All online platforms must disclose in real time and on a per ad, per user basis:
Very large online platforms must, in addition, publish information at least one year after display about:
In addition to the obligations set out in the DSA, very large platforms will be expected to develop voluntary standards for the interoperability of advert repositories and for the sharing of data between advertising intermediaries, and to develop and adhere to codes of conduct.
Reporting and accountability
All providers will be required:
Online platforms will also need to produce reports every six months detailing their average monthly recipients so it is clear when they need to be designated as very large online platforms.
Very large online platforms will need to appoint compliance officers to cooperate with the DSC, the European Commission and to organise audits and staff training.
All non-EU providers will be required to appoint a legal representative in a Member State in which they provide services. The representative must have the power and resource to cooperate with EU regulators and can be held liable for the provider's non-compliance.
Regulatory oversight and enforcement
A combination of EU and Member State bodies will support the implementation and enforcement of the DSA:
DSCs will have a range of enforcement powers including to:
For more information, listen to our webinar which also covers the Digital Markets Act and the creation of the Digital Markets Unit in the UK. We will also be publishing more about digital policy in the UK and EU on Download. If you would like to receive updates on these and other issues affecting digital services, sign up here.