Insights into the Digital Services Act (1/3): regulating digital intermediaries

In the first installment of a three-part series, the IP/IT division of Cloix Mendès-Gil law firm will dissect the Digital Services Act (DSA), delineating its objectives, stakeholders, and the ensuing responsibilities.

1 - Addressing key concerns with the DSA

The Council of Europe has set forth a clear edict for the digital realm: "What is illegal offline should also be illegal online." This dictum serves as the cornerstone for the novel regulation.

Despite existing regulations for internet entities, most notably the European Directive on electronic commerce (Directive 2000/31/EC of June 8, 2000), the digital landscape has undergone significant transformations, necessitating an update to reflect contemporary practices.

The DSA's goals include:

  • Enhancing protection of European digital users' fundamental rights by regulating unlawful content and misinformation, safeguarding consumers, and ensuring freedom of expression and non-discrimination.
  • Bolstering the growth of EU digital enterprises.
  • Intensifying oversight of major platforms to mitigate democratic risks and information manipulation.

2 - Framework for Implementation

As a European regulation, the DSA is immediately enforceable across the EU, negating the need for transposition into national legislation. This ensures immediate and consistent application in all member states.

The enactment is phased: Major platforms serving over 45 million monthly users must comply by April 25, 2023, as stipulated by the European Commission.

The majority of other relevant entities have a compliance deadline of February 17, 2024.

Notably, businesses with fewer than 50 employees and less than 10 million in annual turnover will enjoy certain dispensations.

3 - The Scope of Influence

The DSA encompasses online intermediaries providing content, goods, and services within the EU. It applies irrespective of establishment within the EU, thus extending its reach to international firms.

The affected sectors include:

  • Internet Service Providers (ISPs)
  • Cloud computing service vendors offering data hosting or SaaS solutions.
  • Operators of online platforms such as marketplaces, app stores, social networks, and content-sharing services.

4 - Sanction Mechanisms

The DSA introduces a regulatory and punitive framework reminiscent of the 2016 GDPR protocols for personal data protection.

Each EU member state will designate an independent digital services coordinator. In France, this role is assigned to ARCOM under the legislation passed on October 17.

Per Articles 51 et seq. of the Regulation, ARCOM holds the authority to process user complaints, conduct audits for non-compliance, and levy penalties up to 6% of the annual global turnover.

Subsequent articles will delve into the specific duties and obligations of intermediary service providers and the distinct responsibilities of web hosts, marketplaces, and online platforms.

The IT Contracts, Data & Compliance department remains at your disposal to facilitate adherence to digital legislation.

For further inquiries, we invite you to engage with our experts.