The Digital Services Act | Deloitte Netherlands


The Digital Services Act

What to expect?

The European Parliament and EU Member States recently reached a political agreement on the Digital Services Act (DSA), legislation that sets standards for accountability across online platforms and better protects users online. Read on to find out what the DSA entails and how to best approach it!

What is the Digital Services Act (DSA)?

The DSA is only one piece of the European digital strategy puzzle known as “A Europe fit for the Digital Age”. Among digital legislative proposals such as the Digital Markets Act or the Data Governance Act, the DSA is expected to bring forward new consumer protection rules in the online environment and provide opportunities for digital businesses. Under the principle of "what is illegal offline should be illegal online", the new rules include a structure of accountability, ensuring that online service providers will be held responsible for their content moderation practices in the digital space.

What's new?

Regulation of digital services was overdue as the last effort of the European Union at managing e-commerce was approximately 20 years ago. New rules are crucial for setting clear and fair standards for all players. At the forefront of the regulation, illegal content, such as counterfeited and hazardous products, will have to be removed in a timely manner by online platforms upon notice from a trusted flagger. Online marketplaces can be required to trace their traders under the “know your business customer” principle and any dark patterns meant to manipulate users and their online behavior are strictly prohibited. These are just a few of the new obligations expected to affect businesses and their accountability within the online sphere. For a more detailed overview, see this website of the European Commission.

How to approach DSA adherence

Navigating the new rules of the DSA and analyzing their future impact on digital businesses might seems like an intimidating task. However based on experience of recent years in dealing with the GDPR, much can be said about how to best approach dealing with the DSA and, frankly, with all upcoming legislation on digital technologies.

From all lessons learned, let’s first pay attention to actions you should steer clear of. For instance, make sure you don't miss the head start. One lesson learned since GDPR’s adoption in 2016 is that it’s never too early to consider the implication of upcoming legislation on your business. Moreover, do not be tempted to start everything from scratch. Upcoming regulations are designed to interlink harmoniously with already-in-place tech laws. That means that previous efforts to adjust to current data protection regulations or cybersecurity standards will not be in vain.

Furthermore, don't shy away from opportunities. Just because (new) regulations come with obligations and sometimes prohibitions, we are not saying "no" to digital innovation. It does not mean that we should be hesitant to develop and use new digital technologies. If anything, building and implementing innovative technologies – while taking into consideration legislative requirements – allows for the opportunity to offer your clients and customers a safe and trusted digital environment.

In order to prevent falling into the previously mentioned pitfalls, you can make an effort to prevent adopting an unfit approach and explore strategies in line with the upcoming innovative digital regulatory framework. Here are our thoughts on what is the best approach for the DSA.

Practices to consider

Understand the true scope of the regulations and expect shifts in digital strategies. The aim is not to strictly control new types of technologies but to adjust the digital ecosystem to better fit the expectations of European users. Despite changes that might affect the strategic direction of your business, the best way to be prepared is to stay flexible and analyze the next steps in accordance with the new initiatives. Adopt a multidisciplinary approach and collaborate with people with different skills and backgrounds. Legal, IT, operations, and other departments can work together and supply valuable and better represented insights. Think about the bigger picture and not only about meeting the minimum requirements for being compliant. New pieces of legislation should not be managed as independent silos but integrated into a more responsible, safe, and innovative management of technology.

Did you find this useful?