Search
Contact
21.02.2024 | KPMG Law Insights

The Digital Services Act – new rules for online services

The Digital Service Act (DSA) will apply to all providers of intermediary services in Germany from February 17, 2024 and largely replaces the E-Commerce Directive. It is another milestone on the road to greater security in an increasingly networked and digitalized world. The DSA is part of the EU digital strategy and came into force on November 16, 2022.

The background: Digital services are developing rapidly and bring with them numerous challenges: illegal content that is sometimes difficult to combat, trade in illegal goods, unlawful influence on elections, hate speech and much more.

With the Digital Services Act, the EU is pursuing the goal of modernizing the regulation of online services, protecting users and ensuring fair competition.

However, this groundbreaking legislation also raises important questions: How will tiered regulation be implemented? What impact will the DSA have on companies, start-ups and legal practice?

The obligations for companies arising from the DSA depend on the respective classification of the provider

The Digital Services Act divides the central provisions into four successive regulatory levels. The classification is based on the type of activity of the company and its size. Depending on the regulatory level, the DSA provides for different requirements and obligations. Some basic rules apply to all types of providers of intermediary services. These include obligations to set up contact points, adapt general terms and conditions and transparency. Hosting service providers, including online platforms, must already take measures against illegal content and implement effective complaints procedures. Very large platforms are subject to additional obligations.

Obligations for providers of intermediary services (level 1)

A provider of intermediary services (level 1) is any company that offers information society services, such as pure transmission, caching or hosting. In principle, this covers any provider that provides electronic services on the Internet for a fee on the individual request of a recipient; the scope of application of the DSA is therefore very broad. Level 1 providers are subject in particular to new information and transparency obligations.

Obligations for hosting providers (level 2)

Hosting providers (Level 2), for example cloud computing services or web hosting services, must establish procedures for reporting and remedying infringements, including copyright or trademark infringements, in addition to Level 1 obligations in the future.

Obligations for online platforms (level 3)

In addition to the obligations of levels 1 and 2, online platforms (level 3) will in future be subject to bans on “dark patterns” and other manipulative practices to influence user behavior. For example, the design of the termination process must not make it more difficult to terminate a service than the process of signing up for that service. Furthermore, the Commission may in the future issue guidelines in dealing with identified “dark patterns.” Furthermore, additional measures must be taken to protect minors.

Obligations for VLOPs and VLOSEs (level 4)

By far the most intensive regulation in level 4 concerns the “Very Large Online Platform” (VLOP) and “Very Large Online Search Engines” (VLOSE). These are online platforms and online search engines with an average of more than 45 million users per month. The classification as VLOP or VLOSE is made by decision of the EU Commission. Currently, 17 online platforms are among the VLOPs and two search engines are among the VLOSEs. Among other things, these are subject to stricter transparency requirements. For example, personnel resources used for content moderation and the average monthly number of users must be published. In addition, increased requirements apply to risk and crisis management. In particular, providers will be required to conduct risk assessments regarding the dissemination of illegal content or, for example, adverse effects on social debate, electoral processes, or public safety before introducing new features. They are also obliged to undergo an independent audit once a year. Several companies recently filed a complaint against the classification as a VLOP.

Violations of the DSA can result in considerable fines

The national authorities in the EU Member States are responsible for enforcing the Digital Services Act. Greater cooperation and coordination between the Member States is being sought in order to effectively tackle cross-border challenges.

The DSA provides for sanctions and fines to punish violations of the provisions. It provides for fines of up to 6 percent of the worldwide annual turnover of the previous financial year (Art. 52 III DSA, Art. 74 I DSA) and periodic penalty payments of up to 5 percent of the worldwide daily average revenue or annual turnover (Art. 52 IV DSA, Art. 76 I DSA).

“Unlawful content”: Protecting brands in the digital age

The term “illegal content” is defined in Art. 3 (h) DSA as all information that does not comply with Union law or the national law of a Member State. In addition to hate speech and disinformation, this also includes the offer and sale of products that violate applicable law, for example trademark law.

Through the broad definition of illegal content, the DSA also strengthens the protection of brands and counterfeit products. This is because the offer and sale of counterfeits that infringe trademarks and content that advertises counterfeit products constitutes illegal content within the meaning of the DSA. Platforms must take measures to prevent the trade in counterfeit goods from the outset.

In concrete terms, this means that online marketplaces must identify their merchants, in particular request and verify their name, address, telephone number and email address. This data must be made available to users. If the information is incorrect or incomplete, online marketplaces must block traders from their services.

In addition, a new whistleblower system will be introduced under the DSA. Trusted whistleblowers are to take action against counterfeit goods, which should speed up and simplify the reporting and removal of counterfeit goods.

The introduction of the DSA thus represents a further instrument for the protection of intellectual property in the digital space, particularly in the area of trademark protection and counterfeiting.

Challenges and opportunities of the Digital Services Act

The DSA not only represents a regulatory change, but also offers opportunities and challenges that will shape the digital landscape in the coming years.

Overall, the Digital Services Act marks an important step in the effort to make the online world safer and fairer. Companies should therefore rethink their strategies and ensure that they meet the new requirements of the DSA.

The definition of “illegal content” can be challenging due to international differences in laws and the complexity of automated detection. Nevertheless, the DSA offers the opportunity to create a common framework and hold platforms accountable in order to strengthen the protection of trademarks and other intellectual property, among other things.

 

Explore #more

15.07.2026 | In the media

KPMG Law Guest Post on the DVNW Procurement Blog: Section 97a of the German Act Against Restraints of Competition (GWB): Slight Relief for Lump-Sum Contracts

On July 1, 2026, the Act on Accelerating the Award of Public Contracts—the Public Procurement Acceleration Act, for short—entered into force. A key change is…

15.07.2026 | In the media

KPMG Law Statement on “tagesschau”: Recycled Building Materials Rarely Used Despite Shortages

Gravel, sand, and crushed stone are becoming scarce and more expensive. Recycled construction materials could help. But despite advanced technology, there are major hurdles, especially…

15.07.2026 | In the media

KPMG Law Statement in *Private Banking* Magazine: How the ECB Plans to Launch the Digital Euro

The banking industry is awaiting the ECB’s decision on which institutions will be selected for the digital euro pilot project. From Germany, Deutsche Bank, Helaba,…

10.07.2026 | KPMG Law Insights

New Packaging Implementation Act tightens obligations for companies

  Co-author: Séverine Sieprath, Director of Audit, KPMG AG Wirtschaftsprüfungsgesellschaft   The Packaging Implementation Act (VerpackDG),…

09.07.2026 | In the media

Op-Ed in *Versicherungsmagazin*: D&O Insurance—A Legal Safety Net in Turbulent Times

Liability risks for executives are increasing significantly: New regulatory requirements such as NIS-2, CSRD, and the Supply Chain Act are expanding the responsibilities of managing

02.07.2026 | KPMG Law Insights

Registered mail with return receipt no longer provides proof of delivery—here are some alternatives

Registered mail with return receipt, when used as part of electronic documentation, no longer constitutes prima facie evidence of a…

02.07.2026 | Deal Notifications

KPMG Law advises the Prinzhorn Group on the acquisition of Stora Enso’s German facilities

KPMG Law has advised Mosburger GmbH, a subsidiary of Dunapack Packaging and part of the Austrian Prinzhorn Group, on the acquisition of Stora Enso’s German…

02.07.2026 | In the media

KPMG Law Interview in Focus Business: EmpCo Is Coming: Sustainability Marketing Becomes a Top Priority

Stricter EU rules set clearer boundaries for climate pledges and social claims. KPMG Law expert Manuela Meyer explains which claims must be verified and how…

29.06.2026 | KPMG Law Insights

Embedding Digital Sovereignty in the Enterprise – Legal Requirements for IT Systems

Digital sovereignty is an important strategic success factor, and many measures are also required by law. Through legislation such as the Data Act, NIS-2, the…

25.06.2026 | In the media

KPMG Law Interview in fvw I Traveltalk: Upcoming EU Package Travel Directive — “For the industry, the real work is just beginning”

After more than two and a half years, the legislative process, including publication, was recently completed. Now the deadline for tour operators and travel agencies…

Contact

Francois Heynike, LL.M. (Stellenbosch)

Partner
Head of Technology Law

THE SQUAIRE Am Flughafen
60549 Frankfurt am Main

Tel.: +49-69-951195770
fheynike@kpmg-law.com

Dr. Anna-Kristine Wipper

Partner
Head of Technology Law

Heidestraße 58
10557 Berlin

Tel.: +49 30 530199731
awipper@kpmg-law.com

© 2026 KPMG Law Rechtsanwaltsgesellschaft mbH, associated with KPMG AG Wirtschaftsprüfungsgesellschaft, a public limited company under German law and a member of the global KPMG organisation of independent member firms affiliated with KPMG International Limited, a Private English Company Limited by Guarantee. All rights reserved. For more details on the structure of KPMG’s global organisation, please visit https://home.kpmg/governance.

KPMG International does not provide services to clients. No member firm is authorised to bind or contract KPMG International or any other member firm to any third party, just as KPMG International is not authorised to bind or contract any other member firm.

Scroll