On 05.07.2022, two legislative instruments of the new Digital Services Package, namely the Digital Services Act (“DSA”) and the Digital Markets Act (“DMA”), were adopted by the European Parliament. The new Regulations are going to have a great impact on the tech industry by setting clear standards for how tech companies operate and provide services in the European Union.
I. The Digital Services Act (“DSA”)
In an effort to minimise the risks of spread of illegal content and online disinformation, the Digital Services Act (DSA) sets clear obligations for digital service providers, such as social media platforms or marketplaces.
For the purposes of the Act, online platforms are defined as the providers of hosting services which, at the request of users, store and disseminate to the public information, unless such activities are minor and purely ancillary of another service and, for objective and technical reasons cannot be used without that other service.
The measures adopted by virtue of the DSA include indicatively:
- new obligations for platforms to react quickly in case of uploaded online illegal content by their users;
- traceability and audits on online marketplaces’ sellers in order to safeguard consumers from illegal content as well as from the provision of unsafe products and services;
- increased transparency and accountability of platforms. A significant example is the platforms’ obligation to provide clear information on content moderation or the use of algorithms for recommending content;
- prohibition on misleading practices and certain types of targeted advertising, including advertisements addressed to children or based on sensitive data;
- stricter measures imposed to very large online platforms and search engines (i.e., those which accommodate 45 million or more monthly users). Such measures include preventing systemic risks (such us the dissemination of illegal content, adverse effects on fundamental rights, gender-based violence or mental health) and being subject to independent audits. Furthermore, in the aforementioned platforms and search engines, users must have the choice not to receive recommendation based on profiling, while also such platforms will be obliged to facilitate access to their data and algorithms to authorities and authorised researchers.
II. The Digital Markets Act (“DMA”)
The Digital Markets Act (DMA) sets obligations for very large online platforms acting as “gatekeepers”. The “gatekeeper” designation is reserved for those platforms that provide a “core platform service” serving as an important gateway between businesses and consumers, have a significant impact on the internal market, and hold (or are expected to hold in the near future) an “entrenched and durable position” in the market(s) in which they operate.
The DMA’s purported main objective is to maintain a fair, non-discriminatory, transparent and competitive online environment. To that end, platforms falling within the notion of “gatekeepers” are subject to a list of “do’s” and “don’ts”, which includes indicatively the following:
- Wide-ranging interoperability obligations, mandating that gatekeepers should allow third parties to interoperate with the gatekeepers’ services. For instance, communication platforms with a strong market position (such as Meta’s Facebook Messenger) will be required to enable their users to exchange content across messaging applications.
- An obligation to allow business users to access the data they generate in the gatekeeper’s platform, as well as to promote their own offers and conclude contracts with consumers outside the gatekeeper’s platforms.
- An obligation to allow business users access to the gatekeeper’s services (app stores, search engines, social networks etc.) on fair, reasonable and non-discriminatory terms.
- A prohibition on using more favorable ranking on their own services or products (a form of so-called “self-preferencing”). In that way, gatekeeper platforms such as Google (through e.g., its dominant market position in online general search services) will not be able to rank their products more favourably than other third parties on their platforms.
- A prohibition on preventing end users from easily un-installing any pre-loaded software or apps, or from easily accessing third-party app stores and installing third-party applications.
- A prohibition on processing users’ data for targeted advertising without users’ explicit consent.
- A prohibition on preventing business users from offering the same products or services to end users through third-party platforms or through their own website at different (including better) terms and conditions (including prices).
In case of non-compliance with the DMA’s measures and obligations, significant sanctions are imposed by the European Commission. In particular, the Commission can impose fines of up to 10% of the gatekeeper’s total worldwide turnover in the preceding financial year, or up to 20% in case of repeated non-compliance.
III. Entry into force
Once formally adopted by the European Council in July (DMA) and September (DSA), both acts will be published in the EU Official Journal and will enter into force twenty days after such publication.
Upon such adoption by the European Council, the DSA will be directly applicable across the EU within fifteen months from its adoption or from the 1st of January 2024 (whichever comes later) after the entry into force. Specifically with regard to the measures adopted for very large online platforms and search engines, the DSA will apply four months after their designation as such.
The DMA will be applicable six months following its entry into force. Following the designation decision by the European Commission, the gatekeepers will have a maximum of six months to comply with the new obligations
