The Digital Services Act

What is the Digital Services Act (DSA)?

The DSA is only one piece of the European digital strategy puzzle known as “A Europe fit for the Digital Age”. Among digital legislative proposals such as the Digital Markets Act or the Data Governance Act, the DSA is expected to bring forward new consumer protection rules in the online environment and provide opportunities for digital businesses. Under the principle of "what is illegal offline should be illegal online", the new rules include a structure of accountability, ensuring that online service providers will be held responsible for their content moderation practices in the digital space.

What's new?

Regulation of digital services was overdue as the last effort of the European Union at managing e-commerce was approximately 20 years ago. New rules are crucial for setting clear and fair standards for all players. At the forefront of the regulation, illegal content, such as counterfeited and hazardous products, will have to be removed in a timely manner by online platforms upon notice from a trusted flagger. Online marketplaces can be required to trace their traders under the “know your business customer” principle and any dark patterns meant to manipulate users and their online behavior are strictly prohibited. These are just a few of the new obligations expected to affect businesses and their accountability within the online sphere. For a more detailed overview, see this website of the European Commission.

How to approach DSA adherence

Navigating the new rules of the DSA and analyzing their future impact on digital businesses might seems like an intimidating task. However based on experience of recent years in dealing with the GDPR, much can be said about how to best approach dealing with the DSA and, frankly, with all upcoming legislation on digital technologies.

From all lessons learned, let’s first pay attention to actions you should steer clear of. For instance, make sure you don't miss the head start. One lesson learned since GDPR’s adoption in 2016 is that it’s never too early to consider the implication of upcoming legislation on your business. Moreover, do not be tempted to start everything from scratch. Upcoming regulations are designed to interlink harmoniously with already-in-place tech laws. That means that previous efforts to adjust to current data protection regulations or cybersecurity standards will not be in vain.

Furthermore, don't shy away from opportunities. Just because (new) regulations come with obligations and sometimes prohibitions, we are not saying "no" to digital innovation. It does not mean that we should be hesitant to develop and use new digital technologies. If anything, building and implementing innovative technologies – while taking into consideration legislative requirements – allows for the opportunity to offer your clients and customers a safe and trusted digital environment.

In order to prevent falling into the previously mentioned pitfalls, you can make an effort to prevent adopting an unfit approach and explore strategies in line with the upcoming innovative digital regulatory framework. Here are our thoughts on what is the best approach for the DSA.

Practices to consider

Understand the true scope of the regulations and expect shifts in digital strategies. The aim is not to strictly control new types of technologies but to adjust the digital ecosystem to better fit the expectations of European users. Despite changes that might affect the strategic direction of your business, the best way to be prepared is to stay flexible and analyze the next steps in accordance with the new initiatives. Adopt a multidisciplinary approach and collaborate with people with different skills and backgrounds. Legal, IT, operations, and other departments can work together and supply valuable and better represented insights. Think about the bigger picture and not only about meeting the minimum requirements for being compliant. New pieces of legislation should not be managed as independent silos but integrated into a more responsible, safe, and innovative management of technology.

What's next?

The final text is pending the formal approval of the European Parliament and Council. After its adoption, the DSA will apply 15 months or from 1 January 2024, whichever is later, after entry into force. For very large online platforms, the rules will apply earlier, 4 months after designation.

The level of obligations imposed and the type of enforcement will depend on the role, size, and impact on the online ecosystem of the online service provider. The European Commission will be directly involved with the supervision and enforcement of obligations for very large platforms reaching more than 10% of consumers in Europe. Fines can reach up to 6% of the global turnover of a service provider.

It is important to note that the Digital Services Act is part of a comprehensive package put forward under “A Europe fit for the Digital Age” digital strategy. Legislation regulating digital technologies is expected to emerge gradually over the next decade with an impact on various digital sectors, such as artificial intelligence, cybersecurity, and digital finance. Be ready to experience the new look of our digital age!