The ubiquity of “Big Tech” entities across the digital sector, has led to unprecedented interactions between users, and collection of copious volumes of data, The relative inability of advanced regulatory jurisdictions to arrest the unchecked and oft illicit progression of these conglomerates poses a threat to consumer’s wellbeing, and their privacy. The pressing need for sophisticated regulatory reforms was felt, with the core objective of bringing these reforms to the fore, instead of letting the laws to act as mere footnotes.
Importantly, the concentration of market share amongst a thin band of players is not conducive to innovation, growth, and competitiveness, and creates an opportune framework for consumer exploitation and subjugation of their rights. With a view to address the legislative gaps and arm the European Commission (EC) with renewed impetus, the European Parliament, in 2020, proposed the Digital Services Package, which comprises of the two distinct statutory instruments, the Digital Markets Act (DMA) and Digital Services Act (DSA). The Digital Services Act package is part of the EC’s digital strategy aiming to reinforce the Digital Single Market and to realize the full potential of eCommerce. In this article, we will evaluate the need, the scope, and the consequences of having the Digital Services Package installed within the technological framework.
Digital Markets Act
The DMA intends to create a competitive market for digital companies and ensure the market share of Big Tech does not allow them to create unfair conditions on businesses and consumers. To that end, the proposed statute has defined a new category of technology companies which operate certain ‘core platform services’ in the relevant digital markets. These core platform services may include: (i) online intermediation services (inclusive of marketplaces, app stores) (ii) online search engines, (iii) social networking (iv) video sharing platform services, (v) independent interpersonal electronic communication services, (vi) operating systems, (vii) cloud services and (viii) advertising services. Qualification as a “gatekeeper” under the DMA has qualitative as well as quantitative criteria, and will scope in entities which:
- have a significant impact on the EU internal market;
- operate one or more important gateways to customers; and,
- enjoy or are expected to enjoy an entrenched and durable position in their operations.
Based on its initial assessment, the European Commission estimates the inclusion of 10 to 15 digital companies as “gatekeepers” upon the enactment of DMA. The DMA also provides for a separate class of “emerging gatekeepers”; which would be companies that presently do not enjoy an entrenched and durable position in the relevant market but will do so in the foreseeable future.
The DMA imposes a range of obligations and duties upon the gatekeepers of relevant digital markets, to ensure consumer welfare is not eroded. Typically, core platform services capitalize on direct and indirect network effects, to lock in a user base, and attract business providers. Accordingly, the obligations incumbent upon a gatekeeper are formulated to ensure dominance in a particular market is not leveraged by group entities which qualify as gatekeepers to develop and customize services in
- Article 3, Digital Markets Act, text available at: https://eur-lex.europa.eu/legal-content/en/TXT/?uri=COM%3A2020%3A842%3AFIN
separate verticals. To that end, the defined gatekeepers shall not be permitted to give preference to their own services and products over the similar services or products offered by third parties on the gatekeeper’s platforms.
Additional obligations in relation to the use of data for targeted advertising, inclusion of an option to allow users to uninstall pre-installed software and apps, are imposed to ensure unfair business practices of market oligarchs do not restrain the ability of end users to access third party services and products on the gatekeeper platforms. This is being looked at from a competition view at this juncture and has already been set out in the provisions of the European Union (EU) General Data Protection Regulation (GDPR) prohibits gatekeepers from using personal data mined from one of their services to benefit a separate service they offer. Vide their proposal letter for the Digital Services Package, the EU Parliament stressed on the convergence of antitrust law and privacy law, desisting the gatekeepers to use any fallacy, to their benefit.
In line with the GDPR, DMA reinforces data portability obligations, and mandates the gatekeepers to provide such functionality over the data generated through the activity of a business user or end user and ensure that adequate tools are provided to end users, to facilitate data portability.
Should gatekeepers act in contravention of the DMA, EC is empowered to fine not less than 4% and up to 20% of the company’s worldwide annual turnover and periodic payments of up to 5% of the company’s worldwide daily turnover. In cases of repeated or systemic infringements, the EC may apply additional remedies, including structural remedies such as obliging a gatekeeper to sell a business or its parts.
The ex-ante powers and new enforcement mechanisms under the DMA are meant to be applied in conjunction with the existing ex-post powers available under Articles 101 and 102 of the TFEU [ Treaty on the Functioning of the European Union], enabling member states, to bring legal action against companies, at both levels.
In nutshell, the DMA has provisions split into the liability and compliance rules, transparency reporting obligations, due diligence obligations, and allows for enforcement to be made at the EU level, but primarily through national regulators, aided by the newly proposed European Board for Digital Services.
Digital Services Act
The Digital Services Package also introduces a new act to address the liability and responsibility of “intermediaries” vis-à-vis the content uploaded and available on their respective platforms. The Digital Service Act (DSA) intends to create a holistic framework in consonance with the extant policies for the regulation of intermediaries and digital service providers, and builds on the principles of the e-Commerce Directive, 2000 to deliver a nuanced and up-to-date structure for intermediary content governance.
The question of the extent to which an intermediary may be liable for content available on its platform has become particularly relevant over the last few years, and today such platforms tend to operate in a grey area of law. Further, legislative measures implemented by member states of the European Union (EU) to regulate such operations have led to the development of a cohort of legislations incompatible with the European Union’s objective to develop a singular pan European digital market regulation.
The DSA emulates the principles enshrined within the GDPR, and is applicable upon all intermediary service providers who direct their services to EU-based users. It is expected that the DSA would trigger a ripple effect amongst non-European countries to develop similar legislations to regulate intermediary services; the DSA, much like the GDPR, could act as the blueprint to draft these potential legislations, and represent the golden standard across jurisdictions for intermediary service governance.
Features of the DSA
The level of compliance and respective obligations on a service provider under the DSA is based on its size, audience, and revenue generated. The DSA introduces due diligence requirements which include (i) appointment of a single point of contact for communication with authorities, (ii) development of notice and action procedures to allow third parties to notify the presence of illegal content, (iii) development of channels for trusted flaggers to report illegal content and (iv) implementation of tracing protocols for traders (know your business customer).
The DSA’s disparate treatment of service providers moves away from the “one size fits all” policy with respect to intermediaries in the e-Commerce Directive. Under the DSA, “very large” online platforms, which exceed the threshold of 45 million active monthly users, must conduct annual risk assessments , external audits and appoint compliance officers, to ensure consumer interest is not eroded by the unfair business conditions/ practices of such platforms.
In order to provide stricter liabilities for digital service providers and enhance the enforcement powers of the inspecting authority, the EC has been granted the power to impose fines of up to 6% of the global turnover upon “very large” online platforms. In order to ensure effective regulation under the new regime, the DSA contemplates the establishment of regulatory bodies, at a national and EU level.
Criticism and prospective improvements to the Digital Services Package
The DSA is a welcome step towards the regulation of content hosted by digital service providers but fails to address the interpretational ambiguity in relation to intermediary liability and actual knowledge of illegal activity by digital service providers. While the DSA encourages proactive content moderation by online platforms, it falls short of ascribing liability on such platforms, for its omission to remove illegal content based on such voluntary audits. Keeping in mind the vast spectrum of services offered by online platforms, the European Parliament may look towards imposition of relevant media standards upon their operations, to stem the dissemination of misinformation and arbitrary removal of content by the platforms.
The DMA has faced criticism from major corporates in the technology sector, referring to the powers under the DMA as overbroad and that the provision of ex-ante powers in addition to the existing ex-post powers could lead to double enforcement of competition law. Further, subjective obligations,
thresholds threaten to stifle innovation, and offering of less personalized services, a major hallmark of the Big Tech entities in the modern day. However, a harmonic interpretation and application of the two regimes would be ideal as it would provide a regulatory mechanism to immediately address both existing and future Competition issues in the rapidly expanding digital markets.
At the time of publishing, the European Parliament and the Council of the EU have reached a provisional political agreement on the text of the DMA and DSA respectively, during their separate tripartite meetings. The texts of the statutes will now be finalized on the basis of the political agreements, and formally adopted in accordance with the EU’s legislative procedure. The DMA will be applicable 6 months after it comes into force, whereas DSA shall be applicable 15 months after it comes into force.
- Article 10, Digital Services Act, text available at: https://eur-lex.europa.eu/legal-content/en/TXT/?uri=COM%3A2020%3A825%3AFIN
- Article 14, Notice and action mechanisms, Supra Note 10
- Article 19; Entities which depict all of the following conditions: (a) it has particular expertise and competence for the purposes of detecting, identifying and notifying illegal content; (b) it represents collective interests and is independent from any online platform; (c) it carries out its activities for the purposes of submitting notices in a timely, diligent and objective manner., Supra Note 10
- Article 22, Traceability of Traders, Supra Note 10
- Article 26 of DSA, Risk assessments, Supra Note 10
- Article 28 of DSA, Independent Audits, Supra Note 10
- Article 38 of draft DSA, Competent authorities and Digital Services Coordinators, Supra Note 10
- Article 50, Enhanced supervision for very large online platforms, Supra Note 10
Raunak Samdani, Senior Associate
Raunak Samdani is a Senior Associate at TMT Law Practice. He comes with over 3 years of work experience in insolvency, criminal and Intellectual Property Law. He started his career at Crawford Bayley & Co, Law Firm, Mumbai, where he was involved in a variety of matters, ranging from corporate, securities and insolvency law, real estate and property law and criminal law. He has advised counsels and appeared before the Bombay High Court, National Company Law Tribunal, Debt Recovery Tribunal and other forums. He has also worked individually with corporates in the FMCG and entertainment industries.
Siddhant Gupta, Associate
Siddhant Gupta is an Associate with TMT Law Practice. He is a graduate of the 2015-2020 batch from Symbiosis Law School, Pune and his core areas of interest lies in the areas of Intellectual Property Laws, Media and Entertainment Laws. Siddhant has previous internship experience in intellectual property and litigation fields and interned with TMT Law Practice in 2020. During his time with TMT Law Practice, Siddhant gained valuable experience in the sectors of Telemedicine, Data Privacy, Gaming Laws and Corporate Laws.