The European Parliament Approves the Digital Services Act (DSA)

With a large majority (530 yeas, 78 nays, and 80 abstentions), the European Parliament voted to approve the initial draft of the Digital Services Act (DSA) on January 20th. The DSA, aims to regulate problems faced online such as illegal content, the spread of hate speech and disinformation, competition and market dominance, and, you guessed it, online advertising.

Modernizing the e-Commerce Directive

The current framework legislating digital services online is the e-Commerce Directive which was adopted in 2000. That’s right, the last legislation was adopted around Y2K. Its high time legislation caught up with technology. This DSA was submitted, along with the Digital Markets Act (DMA) to modernize the e-Commerce Directive and have legislation fit for the current and future use of the internet.

Who does the DSA Regulate?

The DSA aims to regulate digital service providers online, specifically, online intermediaries, such as internet service providers, cloud services, messaging services, marketplaces, social networks, content-sharing platforms, app stores, and online travel and accommodation platforms. A small subset of rules in the DSA focus on very large online platforms with at least 45 million users in the EU.

What does the DSA Regulate?

1. Online Advertising. The DSA will prevent platforms digital services platforms, with special attention to large platforms like GAMAM (Google, Amazon, Meta, Apple, and Microsoft), from using sensitive information such as sexual orientation, race, and religion for targeted ads. In addition, the DSA includes an all out ban on using a minor’s data for targeted advertising. The strength of the DSA doesn’t stop there. It also bans ‘dark patterns’ (a way of tricking users into sharing their data) by requiring digital service platforms to give users a way to easily opt out of tracking. Perhaps with the DSA, a governmental body will do more for online tracking than Apple with its AppTrackingTransparency.
2. Content Moderation. The Act also regulates speech and dissemination of misinformation. The DSA proposal maintains the current rule according to which companies that host other’s data are not liable for the content unless they actually know it is illegal, but adds the exception that once illegal content is flagged, companies are required to remove it.
3. Algorithm Transparency. The Act’s fight against content moderation continues with required algorithm transparency. Digital services providers will be required to perform risk assessments and provide more transparency in their algorithms in an aim to fight harmful content and disinformation.
4. Counterfeit Content. There are measures to combat counterfeit and illegal goods and services online along with procedures for removing them.

Fines for Violation of the DSA

The current draft of the DSA includes fines for violations of up to 6% of the company’s annual turnover. I expect these fines will be used considering the track record of the EU fining big tech (see The 7 biggest fines the EU have ever imposed against giant companies).

In addition to regulatory fines, the DSA gives recipients of digital services the right to seek compensation for damages, an ability that the U.S. struggles with in its section 230 jurisprudence.

Next Steps

So where does the DSA go from here? The next step is talks between the European Council and Commission. France, which currently holds the presidency of the European Council, hopes to finalize the DSA before July, an ambitious goal. After the talks are concluded, the European Parliament holds another vote on the final draft.