On 15 December 2020, the European Commission (the Commission) published its much-awaited digital regulation proposals, the Digital Services Act (DSA) and the Digital Markets Act (DMA). The new draft rules represent a significant overhaul of the European digital space and lie at the core of the Commission’s digital transformation ambitions. These new rules will impact the legal framework for all digital services, including social media, online market places, and other online platforms.

DSA

The DSA updates the obligations of digital service providers, which are currently based on the European Union’s (EU) 20-year old e-commerce directive. In general, the DSA clarifies the liability regime for digital intermediaries and reinforces the oversight and enforcement of the rules. 

With respect to the liability regime, the DSA aims to ensure that platforms, especially those qualified as “very large platforms,” are more accountable and responsible for their actions and the systemic risks they pose. Chapter II of the DSA contains provisions on the exemption of liability of online intermediaries, such as conditions under which providers of mere conduit (i.e., providing network access or transmission services), caching (i.e., storing data to make transmission more efficient), and hosting services (i.e., storing data provided by users) are exempt from liability for the third-party information they transmit and store. 

The DSA sets out due diligence obligations for a transparent and safe online environment, such as new rules on traceability of business users in online marketplaces. Other obligations include a duty to establish a single point of contact to facilitate direct communication with authorities, as well as reporting obligations on the removal of information considered to be illegal content or contrary to the providers’ terms and conditions. 

Furthermore, the DSA lays down additional obligations for very large online platforms (those that reach 45 million users in the EU, which represents around 10 percent of the EU population) to manage systemic risks. For example, very large online platforms will be obliged to conduct risk assessments on the systemic risks brought about by or relating to the functioning and use of their services, and they will have specific obligations in case they use recommender systems or display online advertising on their online interface.

Member States will have the primary role in the enforcement of the new rules, supported by a newly proposed European Board for Digital Services (i.e., an independent advisory group of national authorities designated by the Member States for the consistent application of the DSA). Very large online platforms will be subject to enhanced supervision and potential enforcement by the Commission. In case of breach, the Commission can adopt non-compliance decisions, as well as fines (up to 6 percent of the company’s total turnover in the preceding financial year) and periodic penalty payments for breaches of the DSA.

DMA

As the second part of the Commission’s digital platforms package, the DMA builds upon Regulation 2019/1150 (P2B Regulation) and aims to restrain the power of large digital platforms that serve as an important gateway for business users to reach their customers (gatekeepers). The DMA includes rules defining and prohibiting unfair practices by gatekeepers and gives the Commission market investigation powers aimed to address structural problems. 

The DMA, contrary to the DSA, applies only to gatekeepers. To qualify as a gatekeeper, an online platform will have to fulfill three sets of criteria: (a) size (based on turnover or average market capitalization and activity in at least three Member States), (b) gatekeeping role (the platform needs to have a gateway role, and it needs to be necessary for businesses to reach their consumers), and (c) an entrenched and durable position of market power (this condition is presumed to be met if the company met the other two criteria in each of the last three financial years). Apart from these criteria, the Commission will also have powers to designate companies as gatekeepers following a market investigation. 

The proposal contains a “do’s and don’ts” list for gatekeepers. In particular, the DMA prohibits a number of practices, which are considered unfair, such as blocking users from uninstalling any pre-installed software or apps, and requires gatekeepers to proactively put in place certain measures, such as targeted actions allowing the software of third parties to properly function and interoperate with their own services.

In case of non-compliance, sanctions include fines of up to 10 percent of the gatekeeper’s worldwide annual turnover. For systematic infringements (i.e., when a gatekeeper has systematically infringed its obligations and has further strengthened or extended its gatekeeper position), sanctions may include structural measures (remedies), potentially extending to the divestiture of a business (or parts of it), where no other equally effective alternative measures are available to ensure compliance.

Finally, the DMA will allow the Commission to carry out targeted market investigations to assess whether new gatekeeper practices and services need to be added to the list of do’s and don’ts.

*          *          *

On 16 December, the Commission invited any interested parties to provide their feedback on both the Digital Services Act and the Digital Markets Act, before 15 February 2021. The Commission will summarize all feedback received and present it to the European Parliament and European Council with the aim of feeding into the legislative debate. 

In the upcoming months, the European Parliament and the EU Member States will discuss both of the Commission’s proposals under the ordinary legislative procedure. Once adopted, the new rules will be directly applicable across the EU.

Giulia Marino & Petr Bartoš co-authored this piece