The Digital Services Act – new rules for online services

The Digital Service Act (DSA) will apply to all providers of intermediary services in Germany from February 17, 2024 and largely replaces the E-Commerce Directive. It is another milestone on the road to greater security in an increasingly networked and digitalized world. The DSA is part of the EU digital strategy and came into force on November 16, 2022.

The background: Digital services are developing rapidly and bring with them numerous challenges: illegal content that is sometimes difficult to combat, trade in illegal goods, unlawful influence on elections, hate speech and much more.

With the Digital Services Act, the EU is pursuing the goal of modernizing the regulation of online services, protecting users and ensuring fair competition.

However, this groundbreaking legislation also raises important questions: How will tiered regulation be implemented? What impact will the DSA have on companies, start-ups and legal practice?

The obligations for companies arising from the DSA depend on the respective classification of the provider

The Digital Services Act divides the central provisions into four successive regulatory levels. The classification is based on the type of activity of the company and its size. Depending on the regulatory level, the DSA provides for different requirements and obligations. Some basic rules apply to all types of providers of intermediary services. These include obligations to set up contact points, adapt general terms and conditions and transparency. Hosting service providers, including online platforms, must already take measures against illegal content and implement effective complaints procedures. Very large platforms are subject to additional obligations.

Obligations for providers of intermediary services (level 1)

A provider of intermediary services (level 1) is any company that offers information society services, such as pure transmission, caching or hosting. In principle, this covers any provider that provides electronic services on the Internet for a fee on the individual request of a recipient; the scope of application of the DSA is therefore very broad. Level 1 providers are subject in particular to new information and transparency obligations.

Obligations for hosting providers (level 2)

Hosting providers (Level 2), for example cloud computing services or web hosting services, must establish procedures for reporting and remedying infringements, including copyright or trademark infringements, in addition to Level 1 obligations in the future.

Obligations for online platforms (level 3)

In addition to the obligations of levels 1 and 2, online platforms (level 3) will in future be subject to bans on “dark patterns” and other manipulative practices to influence user behavior. For example, the design of the termination process must not make it more difficult to terminate a service than the process of signing up for that service. Furthermore, the Commission may in the future issue guidelines in dealing with identified “dark patterns.” Furthermore, additional measures must be taken to protect minors.

Obligations for VLOPs and VLOSEs (level 4)

By far the most intensive regulation in level 4 concerns the “Very Large Online Platform” (VLOP) and “Very Large Online Search Engines” (VLOSE). These are online platforms and online search engines with an average of more than 45 million users per month. The classification as VLOP or VLOSE is made by decision of the EU Commission. Currently, 17 online platforms are among the VLOPs and two search engines are among the VLOSEs. Among other things, these are subject to stricter transparency requirements. For example, personnel resources used for content moderation and the average monthly number of users must be published. In addition, increased requirements apply to risk and crisis management. In particular, providers will be required to conduct risk assessments regarding the dissemination of illegal content or, for example, adverse effects on social debate, electoral processes, or public safety before introducing new features. They are also obliged to undergo an independent audit once a year. Several companies recently filed a complaint against the classification as a VLOP.

Violations of the DSA can result in considerable fines

The national authorities in the EU Member States are responsible for enforcing the Digital Services Act. Greater cooperation and coordination between the Member States is being sought in order to effectively tackle cross-border challenges.

The DSA provides for sanctions and fines to punish violations of the provisions. It provides for fines of up to 6 percent of the worldwide annual turnover of the previous financial year (Art. 52 III DSA, Art. 74 I DSA) and periodic penalty payments of up to 5 percent of the worldwide daily average revenue or annual turnover (Art. 52 IV DSA, Art. 76 I DSA).

“Unlawful content”: Protecting brands in the digital age

The term “illegal content” is defined in Art. 3 (h) DSA as all information that does not comply with Union law or the national law of a Member State. In addition to hate speech and disinformation, this also includes the offer and sale of products that violate applicable law, for example trademark law.

Through the broad definition of illegal content, the DSA also strengthens the protection of brands and counterfeit products. This is because the offer and sale of counterfeits that infringe trademarks and content that advertises counterfeit products constitutes illegal content within the meaning of the DSA. Platforms must take measures to prevent the trade in counterfeit goods from the outset.

In concrete terms, this means that online marketplaces must identify their merchants, in particular request and verify their name, address, telephone number and email address. This data must be made available to users. If the information is incorrect or incomplete, online marketplaces must block traders from their services.

In addition, a new whistleblower system will be introduced under the DSA. Trusted whistleblowers are to take action against counterfeit goods, which should speed up and simplify the reporting and removal of counterfeit goods.

The introduction of the DSA thus represents a further instrument for the protection of intellectual property in the digital space, particularly in the area of trademark protection and counterfeiting.

Challenges and opportunities of the Digital Services Act

The DSA not only represents a regulatory change, but also offers opportunities and challenges that will shape the digital landscape in the coming years.

Overall, the Digital Services Act marks an important step in the effort to make the online world safer and fairer. Companies should therefore rethink their strategies and ensure that they meet the new requirements of the DSA.

The definition of “illegal content” can be challenging due to international differences in laws and the complexity of automated detection. Nevertheless, the DSA offers the opportunity to create a common framework and hold platforms accountable in order to strengthen the protection of trademarks and other intellectual property, among other things.