The EU Digital Services Act- What do you need to know?
04 December 2023
The Ashurst Emerging Tech Series is a collection of briefings compiled by our UK and European Digital Economy Transactions team, designed to help businesses understand and prepare for the impacts of new and incoming digital services and emerging tech legislation.
In our second briefing, we consider the EU Digital Services Act (DSA).
The DSA sits alongside the EU Digital Markets Act (DMA) to form a single set of rules that apply across the EU. The DSA and the DMA have the dual goal of:
We have published an article on the DMA which you can read more about here.
What does the DSA do? | When does the DSA take effect? | Who does the DSA apply to? |
The DSA imposes rules on intermediary service providers i.e. companies that connect EU consumers with goods, services and content at a distance by electronic means. There are five sets of rules under the DSA: 1. rules for all intermediary service providers; 2. rules for hosting intermediary service providers; 3. rules for online platforms; 4. rules for online platforms that facilitate distance selling; and 5. rules for very large online platforms (VLOPs) and very large online search engines (VLOSEs). These rules are intended to increase transparency and help to prevent illegal or harmful online content, including online scamming activity. |
The DSA entered into force in November 2022 and becomes fully applicable in February 2024 (although some rules applicable to online platforms and online search engines have applied since February 2023). |
The DSA applies to intermediary service providers that provide services in the EU, regardless of where such companies are based - like the GDPR, the DSA has extra-territorial effect. |
While the DSA and UK Online Safety Act (OSA) broadly have the same core aim of making online activity safer for users, each of these Acts seeks to do this in materially different ways. This means that businesses providing digital services will have to consider their obligations under both the DSA and the OSA if they provide digital services in the EU and the UK. You can read our article on the OSA here.
Intermediary services are one of the following services when provided at a distance, by electronic means:
General obligations
All providers of intermediary services have certain obligations under the DSA, regardless of the size of their operations in the EU. Such obligations include:
Liability safe harbours
While providers of intermediary services are subject to the DSA generally, there are various safe harbours which protect them from liability for information they transmit, give access to or store, where certain conditions are met.
The conditions are broadly similar to those set out in the E-commerce Directive, such as whether the service provider has modified the information, has some other active role in terms of the transmission or conditions for access of the information or has actual knowledge of the illegal activity or illegal content.
While the DSA is clear that companies that provide intermediary services do not have general monitoring or active fact-find obligations, hosting service providers may have certain due diligence obligations, including:
The DSA also requires a hosting service provider that removes or restricts a user's access to content to give its reasons for doing so. These content moderation decisions must be submitted to the DSA Transparency Database, which was launched in September 2023.
Online platform providers are subject to additional obligations which are centred around protecting against misuse of their services. Online platform providers must (amongst other obligations):
These obligations broadly do not apply to 'micro' and 'small' business enterprises (as defined in the DSA).
Online platforms which operate as online consumer marketplaces have additional rules to comply with, including:
'Micro' and 'small' business enterprises (as defined in the DSA) are excluded from the specific additional distance selling obligations in certain circumstances.
VLOPs and VLOSEs are designated by the EU Commission. Currently 17 platforms have been designated as VLOPs and two search engines as VLOSEs (details of such designations are below).
Where a designated VLOP or VLOSE has an average of 45 million or more active users in a month, it will be subject to certain additional obligations and separate rules on supervision, investigation or enforcement.
These additional obligations and restrictions, broadly fall within the following categories:
Managing and auditing risk/compliance |
Advertising transparency and fairness |
Data use and access |
|
|
|
Companies Designated as VLOPs and VLOSEs by the EU Commission on 25 April 2023
Very Large Online Platforms (VLOPs)
Very Large Online Search Engines (VLOSEs)
01 |
02 |
03 |
A VLOP or a VLOSE that intentionally or negligently infringes the DSA or fails to comply with a decision or commitment made under the DSA may be subject to fines of up to 6% of its total worldwide annual turnover in the preceding financial year. |
Periodic penalty payments of up to 5% of the average daily income or worldwide annual turnover in the preceding financial year per day may be levied on a VLOP or a VLOSE where it fails to comply with its obligations to supply information, allow for an inspection or otherwise comply with an obligation placed on it, or a commitment it has made under the DSA. |
The EU Commission may undertake enhanced supervision of VLOPs and VLOSEs, requiring them to draft an action plan to remedy any DSA infringements. |
Member States are required to designate one or more competent authorities (known as Digital Services Coordinators) to be responsible for the supervision of providers of intermediary services and enforcement of the DSA.
The DSA establishes an independent advisory group of Digital Services Coordinators to supervise providers of intermediary services. This group advises the Digital Services Coordinators to assist with certain objectives, such as consistent application of the DSA.
Companies which provide services over the internet to EU consumers should consider the following steps to help prepare for the DSA:
Authors: David Futter, Partner; Aimi Gold, Senior Associate; Siân Deighan, Associate; Hana Byrne, Trainee Solicitor
The information provided is not intended to be a comprehensive review of all developments in the law and practice, or to cover all aspects of those referred to.
Readers should take legal advice before applying it to specific issues or transactions.