The Digital Services Act (DSA)
Read Time 8 mins | 2023/8/11 | Written by: Liza Kruse
Digital Services Act: What You Need to Know About This Pioneering Legislation
With the advent of the internet and the subsequent creation of digital platforms such as Google, Amazon, Facebook, and others, the experience of internet users has been significantly shaped by these entities. Today, it is almost inconceivable to use the internet without these search engines and platforms. For over 20 years, the "E-Commerce Directive" governed digital services. This is now set to be expanded and updated by the Digital Services Act, as the tech giants' monopoly position leads to unfair competitive conditions and simultaneously massive influence on society and the economy.
What is the Digital Services Act?
The Digital Services Act (DSA) is a new piece of legislation from the European Commission that impacts online platforms and businesses. The DSA aims to establish rules for digital services and content to regulate European markets and ensure the protection of information.
The legislative proposal suggests that online services should be liable for content that is shared on their platforms. This is intended to help combat the spread of illegal content such as hate speech and terrorist propaganda. Additionally, online services would be required to be more transparent about their content moderation decisions. Furthermore, the Digital Services Act is intended to strengthen users' rights within the EU. Platforms would also be mandated to take action against fake reviews and fake news. Overall, the Digital Services Act is expected to bolster trust in online services and ensure fair competition in the European market.
What does the Digital Services Act regulate?
The Digital Services Act (DSA) is a European Regulation aimed at improving the regulation of online platforms and establishing uniform rules for digital services within the European Union (EU).
The main objectives of the DSA are to strengthen consumer protection in the digital space and to create fairer competition among various providers of digital services. Specifically, platforms such as Google, Facebook, and Amazon are to be more strictly regulated to ensure that they take better responsibility towards users and other businesses.
A key component of the DSA is the introduction of a new liability regime for digital services. This is intended to ensure that platforms can be held accountable for illegal content or products on their sites. The goal is to ensure that online platforms better protect their users and take responsibility for the content on their platforms. It will oblige platforms to take measures to combat illegal content such as hate speech, disinformation, and copyright infringement.
Overall, the Digital Services Act aims to strengthen consumer trust in digital services and at the same time create fair conditions for all providers. Moreover, the regulation will also set requirements for the interoperability of online services. This means that users should be able to transfer their data more easily between different services.
Additionally, the DSA will introduce transparency rules for digital advertising. Platform operators must provide users with clear information about who is behind an advertisement and how it was financed. In total, the Digital Services Act aims to bolster user trust in digital services and promote a safe and open internet in Europe.
When does the Digital Services Act come into effect?
The Act was adopted by the European Parliament and the Council on April 23, 2022. It was published in the Official Journal on October 27, 2022. It can be viewed via the link from the German Federal Government. The Act comes into force on November 16, 2022, and applies from February 17, 2024, in all EU Member States.
Who does the Digital Services Act apply to?
The Digital Services Act applies to all companies that offer their services online, regardless of whether they are headquartered inside or outside the EU. Consequently, online providers include, in particular, internet service providers, e-commerce stores, app stores, hosting services such as cloud and web hosting services, as well as collaborative economy platforms and social media platforms. Special provisions apply to huge online platforms and search engines, which can be read about here.
"Consequently, the online providers include, in particular, internet service providers, e-commerce stores, app stores, hosting services such as cloud and web hosting services, as well as collaborative economy platforms and social media platforms"
How does the Digital Services Act affect online platforms?
Companies that operate online and fall within the scope of the European Union's Digital Services Act (DSA) must consider various aspects:
Responsibility for content: Under the DSA, online platforms must take greater responsibility for the content hosted on their platforms. This may involve enhanced content moderation processes and improved systems for reporting and removal of illegal content.
Transparency: Companies must inform their users clearly and transparently about their methods, especially about advertising, content moderation, and the processing of user data. They must also publish transparency reports on their moderation practices.
Complaint mechanisms: Companies must provide clear and effective mechanisms for user complaints and appeals, both through internal procedures and access to independent dispute resolution bodies.
Data protection: The DSA requires that companies ensure a high level of data protection and data security, particularly to minor users and the use of profiling and personalized advertising.
Compliance and sanctions: Companies must ensure that they meet all the requirements of the DSA. Non-compliance can result in significant sanctions and fines.
To be prepared for these requirements, companies should review and update their existing practices and policies, implement a robust data protection management system, and provide appropriate resources to comply with these new regulations. It's also advisable to seek legal counsel to ensure all the requirements of the DSA are met.
Act Now: Protect Your Company from Legal Risks Associated with the Digital Services Act (DSA)
How do you protect yourself from legal risks?
If your company operates in the digital world and is active in the EU, you probably need to enhance your data protection measures and improve your consent management. Whether your company is classified as a huge online platform (VLOP) or considered a gatekeeper, the Digital Services Act will likely ultimately affect your business processes. By taking a proactive approach, you can prepare for the upcoming requirements and changes.
"Regardless of whether your company is classified as a huge online platform (VLOP) or considered a gatekeeper, the Digital Services Act will likely ultimately affect your business processes."
What should you look out for?
Here are a few general aspects you should become familiar with:
Handling Customer Data:
- How do you collect customer data, and what further use of the data is made?
- Review your policies regarding obtaining user consent, for instance, when using a cookie banner.
- Do you have agreements with third parties about the sharing of customer data?
Data Protection on Your Website or App:
- Have you implemented appropriate data protection measures on your website or app to ensure that user consent is obtained in a permissible way?
How can a CMP help you implement and comply with the requirements?
A Consent Management Platform (CMP) assists you reliably and transparently in the data collection and processing of user data. At the same time, a well-configured CMP ensures compliance with various data protection laws.
"Users are more willing to share their data if they are informed about the purpose of processing and utilization."
This protection is continuously ensured through regular updates so that new laws such as the Digital Services Act are considered. In this context, a good CMP informs you about changes in data protection laws and about compliance with them. Thus, you create transparency for your users, which significantly impacts the customer relationship. Users are more willing to share their data if they are informed about the purpose of processing and utilization. Read a Harvard study on this. Consequently, an effective CMP protects you from legal risks and safeguards your users, and improves your data quality.
Strengthening Data Protection Compliance with Usercentrics' CMP
Usercentrics dominates as the global market leader in the field of Consent Management Platforms (CMP). The innovative software solution offers businesses the capability to efficiently capture, manage, and document user consent on websites and in apps. The primary goal of Usercentrics is to assist companies in complying with global data protection regulations not only to achieve but also to optimize and simplify it. By integrating Usercentrics, businesses can effectively enhance data protection and earn their users' trust.
Vorteile bei der Verwendung der CMP von Usercentrics:
Benefits of using Usercentrics' CMP:
- Enables the secure collection of user consent
- Protects user privacy, thereby creating transparency
- Transparent in handling personal data, allowing users to always gain insights into how their data is collected and for what purpose it is further processed
- Provides analyses of consent preferences for the optimization of consent rates
- Complies with relevant data protection regulations (GDPR, CCPA, LGPD, POPIA, DSA, DMA)
- Continuously updated and automated to comply with new data protection laws
Successful implementation of your CMP with dwc
DWC stands by you as a reliable partner in the implementation of your CMP. As a Premium Expert Partner of Usercentrics, dwc signifies a close collaboration with Usercentrics. We have been working with Usercentrics for over 5 years as a premium implementation and service partner, and have successfully implemented and configured a CMP for various clients worldwide more than 200 times; thus we have experience in more than 25 different industries.
In the process, we make sure to configure your CMP to match your requirements. DWC checks which data protection laws are relevant for you and whether all necessary measures have been implemented so that there are no longer any data protection vulnerabilities. Furthermore, we are always available to answer questions or to expand your service offering, such as in the area of optimizing your consent rate.
Advantages of working with dwc:
- During implementation, we create custom solutions tailored to your specific requirements, instead of implementing a standardized and thus incorrectly configured CMP
- DWC ensures to consider new requirements from data protection laws in the configuration and adjusts them if necessary so that you are continuously protected against legal risks
- For your customers, we create transparency in the handling and use of their data, improving your data quality so you can get more out of your customer data
- With dwc, you gain a long-term partner, as we maintain close contact with our clients and support them to the best of our ability
Further services from dwc that you can benefit from:
- Server-side tracking: in addition to implementing and configuring your CMP, we optimize your tracking upon request, so you can process the largest and most accurate amount of behavioral data in a privacy-compliant manner
- Strategic Consulting: alongside your CMP, we advise you on your data strategy to fully exploit the potential of your processing and analytical processes. As a result, you benefit from automated processes and can focus on what you do best
Further relevant references: