The EU Digital Services Act, Big Tech Companies, New Rules
July 19, 2022 | 4 minutes read
In April of 2022, the European Union took a massive step toward regulating the online digital landscape that exists across the continent. More specifically, the EU Parliament and Council have agreed to enact the Digital Services Act (DSA), an antitrust law that will govern the manner in which companies and businesses that serve consumers within the EU are permitted to operate with respect to data privacy, online communications, and illegal content, among other things. As large multinational social media corporations such as Twitter, Meta, TikTok, and Instagram, as well as major technology companies such as Apple, Google, and Microsoft, have been able to function globally without any restrictions or relative impunities, the passing of the DSA represents a stark contrast to the internet as we know it today.
As stated by European Commission President Ursula von der Leyen: “today’s agreement on the Digital Services Act is historic, both in terms of speed and of substance. The DSA will upgrade the ground rules for all online services in the EU. It will ensure that the online environment remains a safe space, safeguarding freedom of expression and opportunities for digital businesses. It gives practical effect to the principle that what is illegal offline, should be illegal online. The greater the size, the greater the responsibilities of online platforms. Today’s agreement – complementing the political agreement on the Digital Markets Act last month – sends a strong signal: to all Europeans, to all EU businesses, and to our international counterparts.”
The provisions of the DSA
The DSA places several obligations on major companies and corporations as it relates to the use of online platforms. For example, the law contains provisions that call for the swift and timely removal of online content that has been found to be illegal. Alternatively, the law also calls for a ban on targeted advertising toward children, as said children obviously do not have the ability to consent to the collection, processing, and retention of their personal data in the same way that adults do. To this end, the law also outlines the rights that children within the EU have regarding online content and internet usage, in accordance with the United Nations Convention on the Rights of the Child.
On top of this, the laws also contain several provisions pertaining to the moderation of online content. As the rise of misinformation that is spread via the internet has increased substantially during the past decade, the DSA requires companies to “release detailed biannual reports of their moderation efforts, including the number of staff, expertise, languages spoken and the use of artificial intelligence to remove illegal content”. In addition to this, the law also states that businesses and organizations will have to create, implement and maintain policies that can be used to address the spread of misinformation that occurs during crises, such as data that has been proliferated online with respect to the worldwide COVID-19 pandemic, as the role that social media and online communication plays in the spread of information cannot be ignored.
U.S. Companies and the DSA
While the provisions of the DSA apply to the various European countries that constitute the EU, the reality of the situation is that many of the companies that have inspired the enactment of such legislation are based in the U.S. This being said, the passing of the EU’s DSA only widens the data protection and personal privacy gap that exists between the U.S. and the EU respectively, as the former has yet to officially pass any form of data privacy legislation at the federal level. As such, prominent social media companies that serve users within the EU, such as Twitter and Instagram, will have to alter the way in which users are allowed to access and interact with their online services, just as businesses that collect personal data were required to adjust to the EU’s GPDR law.
Subsequently, just as the enactment of the GDPR led to the passing of similar legislation in non-European countries around the world, the enactment of the DSA could very well push other nations to pass laws that function to regulate the online activities of the citizens that reside within said nations. To this point, the DSA undoubtedly signifies a shift in the ways in which people will be able to communicate with each other online around the world, as the internet has very much been the Wild West metaphorically speaking up until this point. Likewise, major companies that carry a large online presence on an international scale will invariably have to adjust to changes that are being made within the EU, irrespective of the data protection framework that exists in the countries in which said companies are based.
With the passing of the Digital Services Act, the EU continues to set the pace for data protection and privacy globally. Due in large part to the enormous role that the internet has played in the formation of modern-day society, the passing of legislation such as the DSA was all but inevitable. While the impact of the DSA remains to be seen, the fact that such legislation has been passed at all represents a positive development in many respects. In spite of all the benefits that online communication provides to businesses and consumers alike, there must be rules in place that govern this communication, as failing to so do will lead to adverse consequences for all parties involved.