The Regulation on a single market for digital services (https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32022R2065) was published in the Official Gazette of the European Union on October 27, 2022 and entered into force on November 16, 2022.
1. What is it about?
The aim of the regulation is to make the Internet safer and more transparent for users in Europe. In particular, it is about protecting the fundamental rights of users and combating illegal content and misinformation in connection with digital services. This is to be achieved with comprehensive obligations for the providers of digital services.
2. Subject of application
According to Art 2, all information community services ("intermediary services") offered to recipients established or resident in the EU are covered, regardless of where the service provider is established.
An intermediary service is.
- a circuit-only service that provides access to or transmits information on a communications network,
- a caching service that transmits information in a communications network and includes the temporary storage of that information; and
- a hosting service that consists of the storage of information provided by a user (or "recipient") of the service.
Thus, not only Internet user providers are affected, but also cloud and web hosting services, search engines, online platforms such as social media platforms, online marketplaces, app stores, etc.
Regardless of whether they are based in the EU or not, the DSA rules must be complied with by all these services.
3. The major points
3.1 No monitoring obligation
According to Art 8 of the DSA Regulation, intermediary services are not obliged to monitor the information they transmit or store, or to search for facts or circumstances indicating illegal activity.
This means that the discussed obligation to implement upload filters has not found its way into the DSA.
3.2 Reporting and Removal of illegal Content
Users must be given the opportunity to inform the intermediary services about illegal content. There is an obligation to set up an internal complaints system. Hosting service providers would have to act "without unreasonable delay" after receiving such a report.
There is also an obligation to block users who frequently provide illegal content.
Such users must also have the option to choose a certified out-of-court dispute resolution body.
3.3. Information on advertisement
Users shall be able to recognize clearly and in real time
- that the information at hand is advertising,
- the identity of the advertiser who has paid for the advertisement, as well as
- the parameters used to determine the recipient of the advertising, and
- how they can be changed.
There is also a prohibition on advertising based on profiling by using personal data.
The General Terms and Conditions shall clearly and comprehensibly state which parameters are used to determine the information.
The User shall have a function to change the parameters.
3.4. Traceability of companies
Providers of online platforms that enable consumers to conclude remote sales contracts with companies must ensure the traceability of the company in accordance with Art. 30.
I. e. before the trader is allowed to market his products on the respective online platform, the operator of the online platform has to obtain the name, address, telephone number and e-mail address of the trader as well as a copy of the trader's identity document or another electronic identification.
3.5 Additional information and transparency for very large online platforms
As very large online platforms (=more than 45 million users in the EU) pose particular risks for the dissemination of illegal content and for damage to society, they are subject to additional information and transparency obligations, e.g:
- the obligation to report the number of monthly active users (from February 17, 2023 and at least every six months thereafter) (Art 24 DSA),
- the obligation to conduct a risk assessment (Art. 34 DSA)
- the annual obligation to verify compliance with the DSA through an independent audit at its own expense (Art 37 DSA).
4. Strict sanctions
Failure to comply with the obligations can amount to a fine of up to 6% of the global annual turnover achieved by the intermediary in the previous fiscal year.
This means that fines are even higher than under the GDPR (4% of worldwide turnover).
5. Compensation for users
Art 54 DSA provides a right to compensation for damages suffered by users due to breaches of obligations by providers.
6. Tight schedule
The DAS entered into force on November 16th 2022 and will become effective 15 months later, on 17.02.2024. Certain obligations for very large on-line platforms, such as the reporting requirement for the number of monthly users, will already apply from November 16th.2022.
Providers of online platforms are encouraged to lose no time and to create the necessary conditions to comply with the DSA quickly as possible in order to avoid sanctions.