DSA: do you have to comply?

avocat nouvelles technologies e-commerce

DSA: Do you have to comply and what should you do?

The Digital Services Act (DSA) is a regulation introduced by the European Union to hold online platforms accountable for content moderation and the protection of user rights. Are you affected by these new rules? What specific obligations do you have as a platform? Find out in this article.

What Are the Differences between DMA and DSA?

The Digital Services Act (DSA) and the Digital Markets Act (DMA) are two complementary regulations adopted by the European Union to regulate the digital ecosystem, but they serve distinct purposes:

  • The DSA focuses on ensuring safe online content and holding platforms accountable for moderation, transparency, and user protection.
  • The DMA, on the other hand, specifically targets anti-competitive practices by large platforms designated as “gatekeepers”. Its purpose is to ensure fair competition by preventing abuses of market power, such as favoring a platform’s own products over those of third-party competitors.

In summary, the DSA protects users and businesses using digital platforms, whereas the DMA aims to ensure a fair digital market by preventing economic power abuses by gatekeepers.

For more information on both regulations, you can consult the official European Commission webpage on the digital services act package.

Do you need to comply with the DSA?

The DSA applies to :

  • Digital platforms operating in the European Union that provide intermediary services to EU users: internet access providers, cloud services (SaaS, IaaS, PaaS, etc.), marketplaces, and social networks. Emails and private messaging services are not included.
  • Very Large Online Platforms (VLOP), which have over 45 million active users per month within the EU (for instance, Amazon Store, Facebook, TikTok, and YouTube), are subject to increased obligations.
  • Very Large Online Search Engines (VLOSE), such as Google Search and Bing, which also have over 45 million active users, have specific obligations under the DSA.
  • Small enterprises with fewer than 50 employees and an annual turnover below 10 million euros or microenterprises (fewer than 10 employees and less than 2 million euros in turnover) may also be subject to the DSA, though they benefit from specific exemptions.

To view the complete list of designated VLOP and VLOSE entities, please visit the official European Commission page.

Your Obligations as a Platform

If you have to comply with the DSA, here are the key obligations you must meet to ensure compliance and transparency towards your users:

1.Moderation of illicit content

You shall:

  • Implement effective mechanisms to report illegal content published on your platforms
  • Cooperate with “trusted flaggers
  • Establish procedures to temporarily suspend the provision of your services to users who recurrently disseminate manifestly illegal content, after providing them with prior notice. This measure aims to ensure that malicious users cannot continue to violate the rules without consequence

2.Transparency

You must, in particular:

  • Designate contact points for national authorities in the event of an injunction
  • Inform your users of any significant modifications to your terms of service (ToS). This implies clear and timely communication so that users are aware of the new rules that affect them. For example, any modification impacting the content moderation policy or users’ rights must be specifically notified. The objective is to ensure that users understand the rules and conditions, including the available redress and remedy mechanisms in case of an issue. Wording that is opaque or overly technical does not meet the requirements of the Digital Services Act (DSA).
  • Produce regular transparency reports on your internal complaint-handling systems and content moderation activities. These reports must be public and accessible, demonstrating the efforts undertaken by your platform to ensure fair and effective moderation. Small businesses with fewer than 50 employees and micro-enterprises are exempt from the obligation to produce regular transparency reports on their internal complaint-handling systems and content moderation activities.

3. Protection of privacy, safety of minors, and fight against dark patterns

The DSA imposes appropriate measures to ensure a high level of privacy protection and safety for minors. If minors use your platform, you must take specific precautions, such as restricting certain content and ensuring appropriate processing of personal data.

Additionally, the DSA sets obligations concerning the fight against dark patterns, which are manipulative techniques designed to influence users’ choices in an abusive way. For example, dark patterns can include misleading designs that trick users into subscribing to services or making it difficult for them to delete their accounts. The DSA bans such practices, and platforms must ensure that their interfaces are transparent and fair to prevent manipulative practices.

Sanctions for non-compliance with the DSA

Non-compliance with the DSA can result in severe financial penalties. Platforms violating these regulations can face fines of up to 6% of their global annual revenue. For large companies, this could represent billions of euros. In cases of serious and repeated breaches, temporary restrictions on access to the service may also be imposed.

Conclusion: what should you do after reading this article?

If your platform is covered by the DSA, it is essential to implement internal processes that comply with the new rules, particularly regarding transparency and user protection. To ensure compliance and avoid costly sanctions, you should seek guidance from legal experts.

At Slash Avocats, we leverage our expertise in digital law to help you comply with the DSA, prepare clear transparency reports, and avoid non-compliance risks. Contact us for a free online consultation regarding a compliance audit or a tailored legal strategy to help you navigate this new regulatory framework smoothly.