The European Commission has recently published two much anticipated legislative proposals. The Digital Services Act (‘DSA’) and the Digital Markets Act (‘DMA’) are poised to considerably increase the European Commission’s regulatory competence over online platform companies.

Digital Services Act

The DSA seeks to establish the most optimal conditions for the provision of innovative services in the internal market, and would further update the EU’s online trade laws to respond to innovations in digital and online services over the past few years.  The DSA will apply to all those digital services that link consumers to goods, services or content. The Commission, by means of the DSA, shall be contributing to a consumer’s safety online as well as protect consumers’ fundamental human rights.

Providers of intermediary services, and particularly online platforms, shall be subject to stricter rules on responsibility towards their users, as well as rules on accountability for their activities. While the DSA maintains the liability rules for providers of intermediary services set out in the e-Commerce Directive, the proposal launches innovative and comprehensive due-diligence obligations. Notable innovations include notice-and-action procedures for illegal content online and the option to challenge a platform’s content moderation decisions.

The DSA imposes higher standards for transparency and accountability by fashioning new obligations on how providers of such platforms moderate content on advertising and algorithmic processes. Online platforms shall be required to create an internal complaint-handling system regarding decisions relating to illegal content, or information which is incompatible with their terms and conditions. Platforms will moreover have to publish reports on activities relating to the removal and the disabling of information with regards to such content. 

Providers of hosting services will be obliged to implement mechanisms which allow third parties to notify the presence of alleged illegal content. If a provider decides to remove or disable access to specific information provided by a recipient of service, the recipient is entitled to receive a statement of reasons.

The DSA particularly benefits SMEs. There will be  substantial cost-savings for those SMEs who deal with illegal content, as micro and small enterprises do not fall within the scope of obligations imposed on online platforms. They would, in turn, be exempted from extensive reporting obligations. Only ‘very large online platforms’ are set to incur significant costs.

‘Very large online platforms’ will further be required to adopt a risk-based approach to prevent abuse to their systems and to protect the integrity of their services. Where a risk is identified, such a platform is to employ reasonable and effective mechanisms to mitigate those risks. The DSA also imposes transparency standards on those ‘very large online platforms’ using recommender systems and displaying advertisements on their site.

The DSA will also benefit public authorities, as the costs brought on by the inefficiencies and repetitions in the existing set-up for the cooperation of authorities will decrease. Even though it is the Member States who must incur the costs of appointing a competent authority, other additional costs of the enhanced cooperation mechanism would be born at an EU level.

Moreover, the DSA delegates a substantial part of the enforcement powers to competent Member State authorities. A Member State must establish a Digital Services Coordinator (‘DSC’), to oversee the compliance of the services established on their territory with the new DSA rules. DSCs are also to be involved in the EU cooperation mechanism of the proposed DSA.

Digital Markets Act

The DMA establishes rules for platforms that act as ‘gatekeepers’ in the digital sector. ‘Gatekeepers’ are platforms that have a large impact on the internal market and grant better access to businesses to reach their customers, and enjoy a deep-rooted and durable position. The DMA aims to prevent potential abuses of power  by such ‘gatekeepers’ and thus, the DMA notably complements the enforcement of competition law at EU and national level, without prejudicing Articles 101 and 102 of the TFEU.

Summarily, there are three principle cumulative criteria that determine whether a company falls under the DMA’s scope:

1. A size that impacts the market;
2. The control of an important gateway for business users towards consumers; and
3. An (expected) entrenched and durable position.

The title of ‘gatekeeper’ will inevitably trigger a set of regulations and non-adherence poses hefty fines. The DMA implements a number of obligations that gatekeepers have to perform in order to ensure fairness and openness in digital markets. ‘Gatekeepers’ will thus carry an extra responsibility and are to conduct themselves in a manner which ensures an open online environment that is fair to businesses and consumers.

Gatekeepers, under the DMA, will remarkably be under the obligation to grant smaller rivals access to and interoperability with hardware and software needed to offer their service. The EC will also need to be informed of any planned acquisitions by the ‘gatekeeper’ in the digital sector. The DMA also inhibits so-called ‘gatekeepers’ from practicing certain business conduct that was or is the subject of Commission or Member State investigations. While such investigations remain a point of contention, ‘gatekeeper’ online platforms will nonetheless  be prohibited from;

1. Merging personal data across services without end users’ prior consent;
2. Favouring the gatekeepers’ own products or services over the products or services of competing businesses that also use the platform;
3. Inserting most-favored-nation (‘MFN’) clauses that impede business users from offering the same products at different prices or conditions through third-party online intermediation services;
4. Making use of non-public data collected from the platform’s business users to compete against those business users; and
5. Requiring business users to use the gatekeeper’s identification service.

In practice, the Commission will determine whether a company is to be considered as a ‘gatekeeper’. The DMA also confers discretion to the Commission to determine which companies may be classified as gatekeepers, to investigate and sanction violations, as well as to create rules which clarify the manner of compliance with certain DMA obligations. 

Companies who do not adhere to the DMA may face fines of up to 10% of their global annual revenue. The Commission may also levy behavioural and structural remedies in instances of ‘systematic infringements’ and may, for example, divest a whole or part of a business.

Next Steps

The European Parliament and the Council are now to assess and discuss the Commission’s proposal Both institutions need to agree on the final text under a qualified majority at the Council, before both pieces of proposed legislation take effect. The DSA and DMA, if adopted, are to become applicable in all Member States.

Key Points

1. The DSA promulgates new obligations on online platform companies to regulate or eliminate illegal content posted by users of their services, through mechanisms such as ‘the notice and action’ procedure, to enhance transparency and safety online. Moreover, ‘very large online platforms’ will also be subject to a stricter level of scrutiny and shall have to implement a risk-based approach to ensure the integrity of their platform. 
2. The DSA ensures that Member States are afforded a degree of control. The DSA implements an EU governance system with improved oversight and enforcement powers, which would lead to better cooperation between both Member States and the EU.
3. The DMA shall apply new conduct regulations on ‘gatekeeper’ companies. ‘Gatekeepers’ would need to adhere to access and interoperability obligations and will need to notify the Commission of any acquisitions that do not meet EU merger thresholds.
4. The DMA inhibits a ‘gatekeeper’ online platform from implementing MFN clauses, favouring their own products, merging user data across services without prior consent and making use of data on the platform to compete against those businesses.

This article was written by Legal Trainee Ms Emma-Marie Sammut.

For more information on digital services, information society and related areas please contact Dr Ian Gauci.

Disclaimer: This article is not intended to impart legal advice and readers are asked to seek verification of statements made before acting on them.