After intensive negotiations, the European Parliament approved a landmark legislative package on Tuesday, 05.07.2022, which creates significant new regulations for the digital space with the Digital Service Act (“DSA“) and the Digital Markets Act (“DMA“).
The DSA is primarily intended to strengthen the rights of users of digital platforms and to ensure that what is already prohibited in the analog world will no longer be permitted in the digital world in the future. This primarily involves issues such as hate speech, the presentation of illegal content or targeted misinformation. In order to better assess the risks associated with the use of online platforms, the platforms must also disclose the key parameters of their algorithms in the future.
The DMA, on the other hand, serves in the creation of fair competition in the digital world. It is aimed primarily at the Internet giants and is intended to prevent them from abusing their dominant market position. To this end, certain anti-competitive behaviors of these so-called “gatekeepers” are prohibited. They will also be required to open their services to the use of third-party applications.
Digital Services Act
The adoption of the legislative package is intended to set a legal framework that ensures that the legal regulations can keep pace with the advancing pace of innovation by technology corporations and that the largest and strongest corporations do not set their own rules. Thus, the responsible executive vice president Margrethe Vestager already stated that the law would “help create a safe and responsible online environment.” That’s why platforms should be transparent about content moderation and prevent dangerous disinformation from spreading virally.
The DSA contains binding obligations for all digital service providers that convey goods, services, or content to consumers, establishes new procedures for the rapid removal of illegal content, and also ensures the protection of users’ fundamental rights online.
The law covers so-called online intermediary services such as Internet access providers, hosting services, online platforms for buying and selling goods such as online marketplaces, app stores, and search engines. The strictest regulations affect platforms with more than 45 million users in the Union. These are referred to as “very large online platforms” (“VLOP“).
Strengthening user rights
In particular, obligated parties must take measures to combat illegal goods, services or content on the Internet. Among other things, a mechanism with so-called “trusted whistleblowers” and an obligation to trace commercial users on online marketplaces are to be established.
The rights of users are to be strengthened by the fact that it will be possible in future to appeal against moderation decisions made by the platforms. In addition, the use of so-called dark patterns, i.e. interface designs that are intended to induce users to behave in a certain way unnoticed, such as giving consent, will be prohibited. VLOPs must also allow accredited researchers and nongovernmental organizations access to their data and provide insight into their algorithms in the future.
Strict rules for VLOPs, search engines and co.
VLOPs and search engines will be required to take risk-based measures to prevent misuse of their systems in the future. For example, minors are to be excluded from the use of their personal data to create personalized advertising.
Member states must appoint their own authorities as coordinators for digital services, which are responsible for monitoring and enforcing the regulation. In the future, these will join forces in the “European Panel for Digital Services” as an independent advisory group. In the case of VLOPs, the Commission itself also has the authority to initiate proceedings under certain circumstances.
Avoiding manipulation on the Internet
In response to Russia’s war in Ukraine, a crisis mechanism was also added, which should make it possible to limit the spread of manipulative content on the network in the event of an emergency, such as a war or pandemic.
Interoperability and data access
In addition to enhanced user rights and stronger consumer protections, users will also benefit from the DMA’s new interoperability regulations. In the future, for example, operators of large messaging services such as WhatsApp will have to allow users to receive messages from other applications as well. In the future, users must also be able to access their own data on the platform and transfer it to other platforms. This is intended to strengthen competition between the platforms and weaken lock-in effects in favor of the existing market leaders.
Digital Markets Act: Strengthening competition in favor of smaller companies
The DMA is intended to strengthen competition in particular by ensuring that especially large corporations are no longer allowed to give preferential treatment to their products over those of their competitors. Also, in the future, gatekeepers will no longer be allowed to combine data from different sources into data sets without the explicit consent of users, or to encourage users to share data from other platforms with them. It will also no longer be possible for them to prevent users from uninstalling pre-installed applications. It is also noteworthy that the burden of proof for compliance with the requirements of the DMA is placed on the obligated companies. The new compliance obligations for gatekeepers are expected to benefit smaller companies in the largely midsize data economy in particular. This should strengthen the innovative power of the entire industry.
Sanctions
Violations of the DSA are subject to fines of up to 6% of annual global sales and penalty payments of 5% of daily sales. For this purpose, there is the possibility of a prohibition to operate commercially in the EU.
Violations of the DMA can even be punished with a fine of a maximum of 10% of the total turnover of the last fiscal year. In the event of non-compliance, there is also the possibility here of imposing daily penalty payments up to a maximum amount of 5% of the average daily turnover in the last financial year.
Outlook
Now the DMA and DSA still have to be formally adopted by the EU Council. Thereafter, they are published in the Official Journal of the EU and enter into force 20 days thereafter. According to current information, the DSA will apply 15 months after its entry into force, starting 01.01.2024 at the earliest. For very large online platforms and search engines, it is to apply as early as four months after they have been classified as gatekeepers by the Commission. The DMA is expected to become effective six months after its enactment. Gatekeepers will not have to comply with the new obligations until six months after they are classified as such.
Since DSA and DMA are regulations, they have direct effect in the EU member states.
Partner
Head of Technology Law
THE SQUAIRE Am Flughafen
60549 Frankfurt am Main
tel: +49-69-951195770
fheynike@kpmg-law.com
© 2024 KPMG Law Rechtsanwaltsgesellschaft mbH, associated with KPMG AG Wirtschaftsprüfungsgesellschaft, a public limited company under German law and a member of the global KPMG organisation of independent member firms affiliated with KPMG International Limited, a Private English Company Limited by Guarantee. All rights reserved. For more details on the structure of KPMG’s global organisation, please visit https://home.kpmg/governance.
KPMG International does not provide services to clients. No member firm is authorised to bind or contract KPMG International or any other member firm to any third party, just as KPMG International is not authorised to bind or contract any other member firm.