EU Digital Services Act: Potential Impact on Businesses

“The whole logic of our rules is to ensure that technology serves people and the societies that we live in – not the other way around. The Digital Services Act will bring about meaningful transparency and accountability of platforms and search engines and give consumers more control over their online life. The designations made today are a huge step forward to making that happen.“

Margrethe Vestager, Executive Vice-President for a Europe Fit for the Digital Age – 25/04/2023

The Digital Services Act (DSA) came into force on 16 November 2022, yet companies still have some obligations to fulfill before the next deadline, which is 17 February 2024.

The Act applies to all digital services that connect consumers with goods, services or products, especially “very large online platforms and search engines” such as Google, explains the EU Commission. The DSA is part of the EU’s digital strategy “A Europe fit for the Digital Age”. However, it is only a matter of time before these laws affect the entire industry. Therefore, it may be beneficial for your company to apply these guidelines already now.

As quoted in the official Site of the European Comission: 

“Micro and small companies will have obligations proportionate to their ability and size while ensuring they remain accountable. In addition, even if micro and small companies grow significantly, they would benefit from a targeted exemption from a set of obligations during a transitional 12-month period.”

The aim of the Digital Services Act is to promote a safer online environment, specifically within the responsibility of large online platforms, by 

• better protecting consumers and their fundamental rights online
• Establishing a strong framework for transparency and accountability of online platforms
• fostering innovation, growth and competitiveness in the internal market.

What will this look like? The online platforms in question will have to change their practices and take certain measures, such as:

• Platforms must ban advertising targeted at children
• Giving users the choice not to receive recommendations based on profiling
• Adapt measures against abusive advertising and counter-advertising
• Reporting of crimes

Fur the full official list of practices, click here. 

The platforms required to comply with the DSA are the following 17 Very Large Online Platforms (VLOPs) and 2 Very Large Online Search Engines (VLOSEs):

• Alibaba AliExpress
• Amazon Store
• Apple AppStore
• Booking.com
• Facebook
• Google Play
• Google Maps
• Google Shopping
• Instagram
• LinkedIn
• Pinterest
• Snapchat
• TikTok
• Twitter
• Wikipedia
• YouTube
• Zalando

Very Large Online Search Engines:

• Bing
• Google Search

The Impact of the EU Digital Services Act

• For users/citizens
  • Improved protection of fundamental rights
  • More choice, lower prices
  • Less exposure to illegal content
• For businesses
  • More choice, lower prices
  • Access to EU-wide markets through platforms
  • Level playing field against illegal content providers
• For platforms/providers of digital services
  • Legal certainty, harmonisation of rules
  • Easier to start up and scale up in Europe

How you can prepare now

If your business does not fall into the categories of a very large online platform, you don’t need to respond to the DSA obligations just yet. However, you will benefit in the long run by adopting the following privacy practices now:

Train your team and keep them informed

Make sure your team members, especially those involved in data handling and compliance, are well informed about the DSA and its potential impact on your business. Using a dedicated consent management tool will also give you that extra level of security. 

→ Encourage regular updates and subscriptions to relevant newsletters, regulatory updates or industry publications.
Note: Subscribe to consentmanager’s monthly newsletter and you will be informed as soon as new data protection regulations come into force.

Conduct a compliance gap analysis

Assess your current data handling practices and compare them to the requirements outlined in the DSA to identify gaps and areas for improvement.

→ Work with legal and compliance experts to conduct a thorough analysis of your processes, policies and technology. Produce a comprehensive report highlighting areas that need attention and allocate resources to address these gaps.
For a quick compliance check, you can also use our free website scanner directly, which will provide you with our compliance report suggesting areas to focus on based on the laws that apply to your business.

Regularly review and adjust your privacy settings

Regularly review and adjust the privacy settings on your websites and other connected platforms to match the level of privacy you require.

→ For your cookie consent tool, you can take a few minutes to ensure that you have adjusted the following items to comply with general privacy guidelines: 

• Optimise the user interface of your banner to make it clear, user-friendly and accessible.
• Include opt-out mechanisms
• Implement granular consent settings
• Customise consent options

Visit our checklist to make sure you’re on the safe side with major privacy regulations.

By following these practices, you’ll not only increase user confidence, but you’ll also demonstrate your commitment to privacy compliance and be better prepared for any upcoming changes to the DSG, should it apply to you. It’s important to stay vigilant, adapt to evolving regulations and continually improve your compliance efforts to meet the ever-changing landscape of data protection laws.