Digital Services Act: the political agreement reached between the European Parliament and the Council of the European Union

On the 23 of April 2022, the European Parliament and the Council of the European Union has announced the political agreement reached on the Digital Services Act proposal (the “DSA”, the original proposal is available here).

On this regard, the President of the European Commission, Ursula von der Leyen, declared, among others, that the DSA “will upgrade the ground-rules for all online services in the EU. It will ensure that the online environment remains a safe space, safeguarding freedom of expression and opportunities for digital businesses. It gives practical effect to the principle that what is illegal offline, should be illegal online. The greater the size, the greater the responsibilities of online platforms”.

The DSA and its provisions

The DSA is one of the two legislative initiatives proposed by the Commission on the 15 of December 2020 (the Digital Markets Act is the other one; an earlier contribution was published on our TMT Data Protection Observatory and is available here), aimed at strengthening the rules provided for digital services – that include a large category of online services, such as websites, online platforms and internet infrastructure – and increasing the protection of internet users. The DSA will apply to all online intermediaries providing services in the EU.

In January 2022, the European Parliament has approved an amended text of the DSA, which contains a new set of rules that would be applicable across the whole EU in order to create a safer digital space in which the fundamental rights of all users of digital services are protected and, specifically, set out a new standard for the accountability of online platforms regarding illegal and harmful content.

As mentioned by the President of the European Commission, the text of the DSA pays attention to the Big Tech, subjecting them to further specific obligations due to the particular risks which they could pose in the dissemination of illegal and harmful content online. Specifically, very large platforms shall, for example, take risk-based action in order to prevent the misuse of their systems and shall undergo independent audits of their risk management systems.

Beyond them, the DSA considers also others online intermediary services, such as but not limited to the very large online search engines with more than 10% of the 450 million consumers in the EU, internet access providers, online marketplaces and so on. Considering this, according to the DSA provisions, the obligations of online intermediary services depend on their role, size, and impact on the online ecosystem.

At this stage, as reported in the European Commission press release, the DSA contains, inter alia:

• measures to counter illegal goods, services or content online, such as:
• a mechanism for users to easily flag such content and for platforms to cooperate with so-called “trusted flaggers”;
• new obligations on traceability of business users in online market places, to help identify sellers of illegal goods or reasonable efforts by online market places to randomly check whether products or services have been identified as being illegal in any official database and, then, the obligation to remove the illegal product or service from its interface expeditiously and, where appropriate, inform the relevant authorities, such as the market surveillance authority or the custom authority of the decision taken;
• new measures to empower users and civil society such as:
• the possibility to easily and effectively challenge platforms' content moderation decisions and seek redress, either via an out-of-court dispute mechanism or judicial redress in accordance with the laws of the Member State concerned;
• provision of access to vetted researchers to the key data of the largest platforms and provision of access to NGOs as regards access to public data, to provide more insight into how online risks evolve;
• transparency measures for online platforms on a variety of issues, including on the algorithms used for recommending content or products to users;
• measures to assess and mitigate risks, such as:
• obligations for very large platforms and very large online search engines to take risk-based action to prevent the misuse of their systems such as the obligation to conduct, where appropriate, a risk assessment and to design risk mitigation measures with the involvement of representatives of the users, independent experts and civil society organizations, and undergo independent audits of their risk management systems;
• mechanisms to adapt swiftly and efficiently in reaction to crisis affecting public security or public health; very large online platforms should ensure public access to repositories of advertisements displayed on their online interfaces to facilitate supervision and research into emerging risks brought about by the distribution of advertising online, for example in relation to illegal advertisements or manipulative techniques and disinformation with a real and foreseeable negative impact on public health, public security, civil discourse, political participation and equality;
• new safeguards for the protection of minors such as the prohibition of using a minor’s personal data for commercial purposes related to direct marketing, profiling and behaviorally targeted advertising, and limits or bans on the use of sensitive personal data (such as ethnicity, political views, sexual orientation) for targeted advertising.

Moreover, in order to ensure the supervision and enforcement of requirements under the DSA, the European Parliament and the Council of the European Union have decided to confer on the EU Commission the exclusive power to supervise very large online platforms and very large online search engines for the obligations provided to them.

However, in order to maintain the country-of-origin principle, which will continue to apply to other actors and requirements covered by the DSA, the above mentioned two types of online intermediary services shall be supervised in cooperation with the Member States.

And now?

After the achievement of this political agreement, the text is now subject to formal approval by the European Parliament and the Council of the European Union. Once the DSA will be formally adopted by the EU co-legislators, the legislative text will be published in the Official Journal of the European Union and shall enter into force twenty days after its publication.