Proposed Digital Services Act: A Changing Liability Regime for Service Providers
Update: EU Digital Services Act Now Published
The European Commission published the draft text of the Digital Services Act (DSA) in December 2020. It is intended to reflect the significantly changed landscape since the E-Commerce Directive 2000/31/EC (E-Commerce Directive) was enacted 20 years ago. The Council of the European Union reached agreement on the draft DSA in November last year and the European Parliament agreed amendments to the draft text of the DSA in January 2022. The DSA will be implemented as an EU Regulation and will largely uphold the current liability regime under the E-Commerce Directive. Like many other key legislative reforms in the Digital Single Economy, the DSA will apply where recipients of services are based in the EU, regardless of the service provider’s place of establishment. It contains new obligations in relation to digital services that connect consumers to goods, services and content as well as new procedures for faster removal of illegal content and measures for protecting users’ fundamental rights online.
Specific measures for intermediary services
There are provisions set out for intermediary service providers of:
- A mere conduit service
- A caching service, or
- A hosting service in order to avoid liability for illegal content where certain specified conditions are met
Providers of intermediary services based outside of the EU will be required to designate a single point of contact to communicate with Member State authorities. There will also be reporting obligations for removing and disabling information which is illegal or contrary to providers’ terms and conditions as well as mechanisms to allow third parties to notify of the presence of illegal content.
Additional provisions for providers of hosting services
Content moderation also comes in for focus. Notice and action mechanisms and a statement of reasons will need to be issued to recipients where a service provider removes or disables access to items.
Additional provisions which apply to all online platforms
There is a carve-out exception for micro or small enterprises that employ fewer than 50 persons and whose annual turnover does not exceed €10 million.
All other online platforms will be required to have an internal complaint-handling system to make decisions about illegal content or information violating the provider’s terms and conditions. In the event of a dispute, online platforms are required to engage in and inform complainants of the possibility of using an out-of-court settlement process. This will involve independent bodies in the relevant Member State reviewing the decisions of online platforms to take down content. Trusted flaggers, which are expert entities in reporting illegal content, may submit notices of illegal content as part of a notice and action procedure and the platform must process and decide upon it with priority and without delay.
In order to be awarded trusted flagger status by the Digital Services Coordinator of a Member State, the applicant will need to meet the following conditions:
- It has particular expertise and competence for the purposes of detecting, identifying and notifying illegal content
- It represents collective interests and is independent from any online platform, and
- It carries out its activities for the purposes of submitting notices in a timely, diligent and objective manner
The Digital Services Coordinator will revoke the status of the trusted flagger if it determines, following an investigation, that the entity no longer meets the criteria set out above.
Specific ‘know your business customer’ obligations will apply to online platforms regarding the traders on their platform. The aim is to ensure a safe, transparent and trustworthy environment for consumers and to discourage traders who sell unsafe or counterfeit goods. Traders will be required to submit proof of identification and self-certify to only offer products and services that comply with applicable EU laws. Online platforms will be required to keep information about the traders to help trace sellers of illegal goods or services.
Online platforms will also have to:
- Establish a single point of contact in the EU
- Appoint a legal representative in the EU if they are not established but offer services in the EU
- Include information on any restrictions on use of the services in terms and conditions, and
- Submit at least once a year a detailed report on content moderation
In addition, the DSA also requires online advertising transparency. Online platforms must give users immediate information on the sources of the advertisements they see online, including information on why an individual has been targeted with a specific advertisement. The liability safe harbour provisions are expressly excluded for online platforms where illegal content is presented in a way that creates the impression that such content is provided by the platform itself or under its control.
Online platforms are required to notify an enforcement authority on suspicion that serious criminal activity involving a threat to the life or safety of persons has taken place, is taking place, or is likely to take place.
Very large online platforms
Very large online platforms, which are those which reach 45 million users or more, will be required to:
- Carry out risk assessments on the use and functioning of their services, and
- Put mitigating measures in place to protect users from illegal content, goods and services
When these platforms recommend content, users will be able to modify the criteria used and choose not to receive personalised recommendations. Very large platforms will need to make information publicly available on:
- The content of the advertisement
- The natural or legal person on whose behalf the advertisement is displayed, and
- The period during which the advertisement was displayed, and this information must be retained for a year after the advertisement was last displayed on the platform
What happens next?
The amendments approved by the European Parliament introduced several changes to the Commission’s proposal, including:
- Targeted advertising: recipients of digital services will be able to make an informed choice on whether to consent to the processing of their personal data for advertising purposes. If consent is refused or withdrawn, recipients will be given other options to access the online platform, including “options based on tracking-free advertising”;
- Targeting or amplification techniques involving the data of minors for the purpose of displaying ads will be prohibited, as well as targeting individuals on the basis of special categories of data which allow for targeting vulnerable groups;
- Compensation: recipients of digital services will be able to seek compensation for any damages resulting from platforms not respecting their obligations under the DSA;
- Online platforms will be prohibited from using deceiving or nudging techniques to influence users’ behaviour through “dark patterns”.
As a next step the European Parliament will discuss these amendments with the European Council to finalise the text. While the key protections afforded by the e-commerce directive are maintained by the DSA, many organisations will no doubt be concerned around the increased reporting obligations which the DSA may introduce.
For more information, please contact a member of our Technology team.
The content of this article is provided for information purposes only and does not constitute legal or other advice.
Share this: