Competition LawEmerging Technologies
The Digital Services Act Package: A Game Changer?
As Joseph P. Bradley, an American jurist, rightly stated, “Society cannot exist without law. Law is the bond of society; that which makes it; that which preserves it and keeps it together. It is, in fact, the essence of civil society.”[i] Just like society cannot exist without law, the law cannot exist without society. The purpose of the law, after all, is to govern the society; and to effectively govern the society, the law must be in sync with the society. Thus, law evolves with the change in society. For instance, with the onset of the First Industrial Revolution in Britain, the Britain government started passing various labour laws to regulate the working conditions and hours of industrial workers.[ii]
Currently, the world has entered what the World Economic Forum calls a “Fourth Industrial Revolution”[iii]. This Fourth Industrial Revolution is categorized by rapid technological changes that are influencing almost all industries all over the world.[iv] To effectively regulate the changes brought about due to this, the law requires to be evolved. Accordingly, law-makers around the globe have been legislating various legislations. For instance, India recently notified the Consumer Protection (E-Commerce) Rules, 2020[v] to regulate transactions of goods and services online. Similarly, on 15 December 2020, the European Commission published the Digital Services Act (“DSA”)[vi] and the Digital Markets Act (“DMA”)[vii], collectively called the DSA Package.
The DSA Package is a set of proposed regulations to update Europe’s legal framework vis-a-vis the rapid changes occurring due to the widespread development of digital markets and services.[viii] The purpose of the two proposed regulations is twofold: firstly, they seek to create a safer space in the digital world; and secondly, they seek to create a level playing field in the digital market, both nationally and internationally.[ix] Thus, this article seeks to critically analyze these newly proposed regulations.
The DSA Package: The Good, The Bad, The Ugly
While the DSA covers digital services and includes regulations for intermediary liability, illegal content, etc., the DMA covers digital markets and includes regulations for gatekeepers, etc. The package, introducing some long-awaited changes, builds on and complements existing regulations, such as the E-Commerce Directive, 2000 (“the Directive”)[x].
The Digital Services Act
Article 11[xi] mandates the intermediaries that offer services, but do not have an establishment, in the European Union (“EU”) to designate a legal representative in the location where the services are being provided. While this extra-territorial jurisdiction provision seeks to ensure effectiveness and compliance of the regulation as well as to provide a level playing field, it has raised speculations that an obligation to have a legal representative in the EU will disincentivize non-EU platforms from providing services in the EU.[xii]
The DSA has retains most of the key principles of the Directive and grants comprehensive exemptions to intermediaries from liability related to user content.[xiii] In addition, introduces a form of the Good Samaritan Policy, which grants protection to good faith measures taken by intermediaries to take down illegal content[xiv]. Article 6 of the DSA[xv] mandates that intermediaries will not be ineligible from liability exemptions solely because they voluntarily investigate, identify and remove illegal content.
The Good Samaritan Policy is also enshrined in American law, under Section 230 of USA’s Communications Decency Act[xvi], which grants immunity to an intermediary who, in good faith, takes down content that it considers is obscene, lewd, objectionable, etc., even if such content is constitutionally protected. While the motive of such a policy is to regulate harmful content online, this vaguely worded provision can be misused by intermediaries to regulate content on their whims and fancies, which can lead to a violation of the user’s fundamental right to freedom of speech. In stark contrast, India’ Information Technology Act[xvii] completely excludes such a policy. In this context, Article 6 of the DSA can be seen as a via media between the two extreme positions. By restricting the Good Samaritan Policy to “illegal content”, which is defined as information “not in compliance with Union law or the law of a Member State”[xviii], the DSA strikes a balance between the rights of the user and the intermediary.
Furthermore, the DSA mandates for every intermediary to provide accessible and user-friendly notice and action mechanisms under Article 14[xix]. This will allow users to notify the intermediary of any content that they consider illegal, and the intermediary is bound to process and publish a reasoned decision on the notice in a timely manner. The DSA further provides that notices submitted by certain trusted flaggers should be given priority.[xx] Furthermore, relevant judicial and administrative authorities can also issue orders to the intermediary to act against illegal content.[xxi] These are all welcome steps to regulate illegal content. However, while Article 14 mandates that the notice should have a confirmation of the user’s good faith belief that the information and allegations are “accurate and complete”[xxii], the DSA does not provide a penalty for a fraudulent notice. An effective safeguard against such fraudulent notices is required to protect the intermediary from the unnecessary burden of reviewing and deciding on such notices, which would render the notice and action mechanism inefficient.
The Approach of Proportionate Burdens
Micro, small, or medium-sized enterprises, as defined in the Recommendation 2003/361/EC[xxiii], are exempted from the additional obligations for online platforms laid down under Section 3, such as providing an internal complaint-handling system[xxiv] and traceability of traders[xxv]. Additionally, such enterprises are also exempted from the transparency reporting obligations under Article 13[xxvi] of the DSA. The purpose of such exemptions is to avoid disproportionate burdens.
The DSA also introduces targeted and asymmetric burdens for very large online platforms, i.e., platforms that have equal to or higher than 45 million provide average monthly active users in the EU[xxvii]. The rationale provided is that these platforms have a centric position in the public economic sphere, as they are capable of causing societal risk and of bearing the additional burden. Accordingly, Section 4 provides for additional obligations on very large online platforms, such as mandatory annual assessment[xxviii] and mitigation[xxix] of risk, annual audits at their own expense[xxx], additional transparency obligations for reporting[xxxi] and online advertising[xxxii], inter alia.
This approach of proportionate burdens is similar to the system of proportional taxation. Such an approach enshrines the principle of ability to pay, which states that those who have a greater ability to pay taxes, should pay more taxes so as to protect the lower-income groups and balance the system.[xxxiii] While the imposition of imposing additional obligations on very large online platforms will not result in the protection of the micro and small enterprises, the approach of proportionate burdens does create a balance in the system by imposing burdens that each type of enterprise can bear. Such a policy will encourage startups and innovation while maintaining a check on the large platforms that can cause greater harm in society.
The Digital Markets Act
The DMA has been made applicable to all the ‘gatekeepers’[xxxiv] providing or offering ‘core platform services’[xxxv] in the EU, irrespective of their place of establishment or residence.[xxxvi] Thus, this gives an extra-territorial effect and increases its reach and scope for the regulation of such gatekeepers.
The DMA defines gatekeepers as the providers of core platform services that have a “significant impact on the internal market”, are an “important gateway for business users to reach end-users” where services are offered to more than 45 million monthly active users and 10,000 yearly active users and enjoy or will enjoy a durable position in the EU.[xxxvii] Core Platform Services has been explained under Article 2(2) as including, inter alia, online intermediation services, online search engines, cloud computing services. The extra-territoriality provision and the expansive interpretation of the term core platform services will, if implemented, have a far-reaching implication on a number of gatekeepers and the different types of services so provided.
Unfair Trade Practices
Articles 5[xxxviii] and 6[xxxix] of the DMA provide a list of obligations and blacklisted actions, which if violated or acted upon respectively, might lead tan in unfair trade practice. Such obligations include allowing business users to offer different prices than the ones set by the gatekeepers, allowing the uninstallation of certain pre-installed applications, and installation of third-party software applications by the end-user, etc. Certain black-listed actions include preferential treatment to the services offered by the gatekeeper or restraining the ability of the end-users to switch between different applications, inter alia.
Interestingly, Articles 8[xl] and 9[xli] provide a provision for exemption from these obligations and blacklisted actions on the grounds of economic viability or public health, morality, or security. Though these grounds have reasonably couched with safeguards, however, the inherent nature of the words ‘economic viability’ and ‘public health’ or ‘public security’ as being ambiguous and wide in its interpretation gives a lot of leeway to the gatekeepers to circumvent these obligations. Effective implementation of the regulations, which has always been an issue for the EU, will further be put to test when these regulations are enforced.
Ban on National Regulation
The DMA has put a restriction on the member states from imposing any further obligations on the gatekeeper.[xlii] This provision shall give complete control of regulation to the European Commission and take away any regulatory control from the Member States. Though it has introduced dynamism through regular updating of the obligations of the gatekeepers[xliii], anti-circumvention provisions[xliv] and market investigation mechanisms[xlv], the regulatory restriction on the Member States impinges, rather disproportionately, on their authority over these gatekeepers.[xlvi]
Expected Implications and Responses
The initial response of the industry holders to the proposed DSA Package has been mixed.[xlvii] While some provisions like retention of the liability exemptions under the Directives have received a positive response, other provisions like the hefty fines introduced by both the Acts have not. The DSA allows fines up to 6% of the total turnover of the concerned very large online platform[xlviii]. Similarly, the DMA allows fines up to 10% of the total turnover of the concerned gatekeeper[xlix]. The extent of these fines has raised concerns amongst the stakeholders. For instance, intermediaries may start excessively restricting access to online content in order to avoid being fined under the DSA.[l]
Some countries like France and Romania have given a nod to the proposed regulations, while some others have been less enthusiastic. The Irish Government has questioned the need and viability of ex-ante regulations that the DMA imposes on gatekeepers.[li] The Czech Republic and Estonia have warned against over-regulation.[lii] Over-regulation can disincentivize enterprises from providing services in the EU, especially if they feel that the compliance and administrative hurdles outweigh economic benefits.
Questions have also been raised regarding the scope of the DSA and the DMA. The German Government, for example, has stated that DSA should regulate not just illegal content, but also content that is not yet illegal and that the DMA may be extended to platforms that have significant intermediary powers, but are not gatekeepers.[liii] Similarly, the Austrian Government observed that the DSA should regulate additional aspects like hate speech and disinformation.[liv]
Concluding Remarks Despite the mixed response, there exists a general consensus that there existed a pressing need to update exiting regulations and to strengthen enforcement.[lv] The DSA Package will now be subject to scrutiny by the European Parliament and the member states and is likely to be amended keeping in view the initial responses gauged. As the European Commission’s executive vice president stated, “…we need to make rules that put order into chaos”[lvi]. Thus, the DSA Package is a step in the right direction, and if refined and implemented correctly, will serve as a game-changer.
This article can be cited as:
Kavya Jha, The Digital Services Act Package: A Game Changer?, Metacept- InfoTech and IPR, accessible at https://metacept.com/the-digital-services-act-package:-a-game-changer?.
[i] Joseph P. Bradley, Justice of the Supreme Court of United States, Lecture at the University of Pennsylvania: Law, its Nature and Office as the Bond and Basis of Civil Society 229 (Oct. 1, 1884).
[ii] 1833 Factory Act, The National Archives, https://www.nationalarchives.gov.uk/education/resources/1833-factory-act/.
[iii] Klaus Schwab, The Fourth Industrial Revolution: what it means, how to respond, World Economic Forum (Jan. 14, 2016), https://www.weforum.org/agenda/2016/01/the-fourth-industrial-revolution-what-it-means-and-how-to-respond/.
[v] The Consumer Protection (E-Commerce) Rules, 2020, G.S.R. 462.
[vi] Proposal for a Regulation of the European Parliament and of the Council on a Single Market For Digital Services (Digital Services Act) and amending Directive 2000/31/EC, COM (2020) 825 final 2020/0361 (COD)
[vii] Proposal for a Regulation of the European Parliament and of the Council on contestable and fair markets in the digital sector (Digital Markets Act), COM (2020) 842 final 2020/0374 (COD) [hereinafter DMA Regulations].
[viii] The Digital Services Act Package, European Commission (Dec. 16, 2020), https://ec.europa.eu/digital-single-market/en/digital-services-act-package.
[x] Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (Directive on electronic commerce), 2000 O.J. (L. 178) 1.
[xi] DSA Regulations, art. 5.
[xii] Christoph Shmon and Karen Gullo, European Commission’s Proposed Digital Services Act Got Several Things Right, But Improvements Are Necessary to Put Users in Contro, Electronic Frontier Foundation (Dec. 15, 2020), https://www.eff.org/deeplinks/2020/12/european-commissions-proposed-regulations-require-platforms-let-users-appeal.
[xiv] Joan Barata, Positive Intent Protections: Incorporating a Good Samaritan principle in the EU Digital Services Act, Centre for Democracy and Technology (July 29, 2020), https://cdt.org/insights/positive-intent-protections-incorporating-a-good-samaritan-principle-in-the-eu-digital-services-act/.
[xv] DSA Regulations, art. 6.
[xvi] Communications Decency Act, 1996, 47 U.S.C. §230 (1996).
[xvii] Information Technology Act, 2000, No. 21, Acts of Parliament, 2000.
[xviii] DSA Regulations, art. 2(g).
[xix] Id., art. 14.
[xx] Id., art. 19.
[xxi] Id., art. 8.
[xxii] Id., art. 14(2)(d).
[xxiii] COMMISSION RECOMMENDATION of 6 May 2003 concerning the definition of micro, small and medium-sized enterprises (notified under document number C(2003) 1422), 2003/361/EC, O.J. (L. 124) 36.
[xxiv] DSA Regulations, art. 17.
[xxv] Id., art. 22.
[xxvi] Id., art. 13.
[xxvii] Id., art. 24.
[xxviii] Id., art. 26.
[xxix] Id., art. 27.
[xxx] Id., art. 28.
[xxxi] Id., art. 33.
[xxxii] Id., art. 30.
[xxxiii] Ability to pay, Bankrate, https://www.bankrate.com/glossary/a/ability-to-pay/.
[xxxiv] DMA Regulations, art. 2(1).
[xxxv] Id., art. 2(2).
[xxxvi] Id., art. 1(2).
[xxxvii] Id., art. 3(1).
[xxxviii] Id., art. 5.
[xxxix] Id., art. 6.
[xl] Id., art. 8.
[xli] Id., art. 9.
[xlii] Id., art. 1(5).
[xliii] Id., art.10.
[xliv] Id., art. 11.
[xlv] Id., ch. IV.
[xlvi] Cory Doctorow and Christoph Shmon, The EU’s Digital Markets Act: There Is A Lot To Like, but Room for Improvement, Electronic Frontier Foundation (Dec. 15, 2020), https://www.eff.org/deeplinks/2020/12/eus-digital-markets-act-there-lot-room-improvement.
[xlvii] Digital Services Act proposal: the start of a new era in digital regulation, DR2 Consultants (Dec. 18, 2020), https://dr2consultants.eu/digital-services-act-proposal-the-start-of-a-new-era-in-digital-regulation/.
[xlviii] DSA Regulations, art. 59.
[xlix] DMA Regulations, art. 29.
[l] DR2 Consultants, supra note 47.
[li] Samuel Stolton , Digital Brief, powered by Google: DSA and DMA – member states respond, Euractive (Dec. 18., 2020), https://www.euractiv.com/section/digital/news/digital-brief-powered-by-google-dsa-and-dma-member-states-respond/.
[lvi] Mark Scott, Thibault Larger and Laura Kayali, Europe rewrites rulebook for digital age, Politico (Dec. 15, 2020), https://www.politico.eu/article/europe-digital-markets-act-services-act-tech-competition-rules-margrethe-vestager-thierry-breton/.