In our increasingly digital world, online businesses are facing a wave of regulatory changes aimed at fostering innovation, protecting consumers, and ensuring a safer digital landscape. The European Union's Digital Services Act (DSA) is at the forefront of this regulatory revolution, bringing forth a comprehensive framework that imposes new responsibilities on a variety of digital service providers. This article will delve into the key elements of the DSA, its implications for businesses, how it compares to the recently passed UK Online Safety Bill, and how on-device age verification and online safety solutions can help businesses achieve compliance.
What does the DSA aim to achieve?
The DSA introduces a set of rules that are designed to address several key goals:
Better protection of consumers and their fundamental rights online: The DSA prioritises safeguarding users by implementing mechanisms for the removal of illegal or harmful content, and ensuring products sold online are safe and comply with EU standards.
Establishing transparency and accountability: Online platforms are held to higher standards, with a focus on transparency and clear accountability frameworks. Users are granted the ability to challenge content moderation decisions and gain a better understanding of, and control over, how algorithms serve them content.
Fostering Innovation, Growth, and Competitiveness: The DSA aims to encourage innovation, growth, and competitiveness within the single market while creating a level playing field for all businesses offering digital services.
Which providers are covered by the DSA?
The DSA casts a wide net, encompassing various types of digital service providers, including:
Intermediary services offering network infrastructure: This category includes internet access providers, domain name registrars, and hosting services such as cloud and web hosting.
Online platforms: These platforms, which bring together sellers and consumers, include online marketplaces, app stores, collaborative economy platforms, and social media platforms. Specific rules are outlined for very large online platforms (VLOPs) that reach more than 10% of the EU's population.
One crucial aspect to note is that all online intermediaries offering their services in the EU, whether located within the EU or outside, must comply with the DSA. Micro and small companies have proportionate obligations, and exemptions are provided during a transitional 12-month period to enable them to comply without hindering growth. However it is the goal of the EU that businesses large and small are eventually compliant with the DSA.
Impact of the new obligations
The DSA significantly enhances mechanisms for the removal of illegal content and the protection of users' fundamental rights online.
Key changes include:
- Measures to counter illegal goods, services, or content online.
- Obligations on traceability of business users in online marketplaces.
- Safeguards for users to challenge content moderation decisions.
- Prohibitions on targeted ads when targeting children or using special categories of personal data (such as sexual orientation, religion and ethnicity).
- Transparency measures on algorithm usage.
- Obligations for VLOPs and very large online search engines (VLOSEs) to prevent misuse of their systems, supported by independent audits.
The DSA became effective on November 16, 2022. Online platforms were required to report their active end users to the Commission within three months. The Commission subsequently designated VLOPs and VLOSEs based on this data in April 23. Designated entities were given four months to comply with DSA obligations. The full force of the regulation comes into effect on 17 February 2024, by which time EU Member States are required to empower their Digital Services Coordinators to ensure full compliance.
Key differences between the DSA and the UK Online Safety Bill
In an era of heightened online regulation, the EU's DSA and the UK's Online Safety Bill (OSB) share similar objectives. Both aim to strike a balance between innovation and ensuring a safer digital environment, but there are notable differences:
Scope and Focus: While the DSA covers a wide range of issues, including intellectual property, dark patterns (tricks used by sites to make you do things you didn’t mean to), and illegal goods, the OSB has a narrower but more detailed focus on illegal and harmful content.
Definitions of Illegal Content: The DSA provides flexibility in defining illegal content, covering both existing unlawful actions and those transitioning online. The OSB offers specificity by categorising illegal content into general offences and "priority offences."
Platform Obligations: The DSA operates under a "notice and takedown" system, whereas the OSB mandates proactive monitoring of content.
Classification of Platforms: The DSA defines VLOPs and VLOSEs with clear user thresholds. The OSB relies on risk evaluations and size of UK user base, with Ofcom undertaking assessments.
Obligations on Smaller Platforms: The OSB categorises user-to-user services as high-risk, regardless of sharing behaviour. In contrast, the DSA offers exemptions for smaller companies.
Protection of Minors: Both legislations emphasise the protection of minors but approach it differently. The OSB allocates entire sections to safeguards, while the DSA maintains a broader scope.
Supporting Regulation on CSAM
The DSA is accompanied by a number of other measures that together aim to provide a strong regulatory framework to better protect EU citizens from a variety of online harms.
A key element of this supporting regulation is around the identification and removal of Child Sexual Abuse material (CSAM). Service providers will have obligations to detect, report and remove CSAM, as well as undertake risk assessments and risk mitigation measures.
How Privately can help businesses achieve compliance
Our solutions ensure that your online platform effectively screens and verifies the age of users, particularly those accessing content that is not suitable for minors. Our on-device solutions are fully privacy preserving with no personal data stored or transmitted, and can be built into the online platform for a seamless user experience.
Prevention of upload of CSAM Content
One of the biggest challenges facing the industry is the identification and removal of CSAM material. Reports from the Internet Watch Foundation (IWF) highlight that a large portion of CSAM content is self generated imagery uploaded by children themselves, who may have been groomed, deceived or extorted into creating and sharing this content. Privately has developed on-device detection of CSAM which can intervene at the point of creation and prevent the upload of such content. Our CSAM detection SDK can be integrated by apps, games and platform providers - small or large. The technology can be tested in the Privately showroom here
With the DSA, the OSB and other supporting measures bringing significant changes to the regulatory landscape, it's essential for businesses to partner with experienced service providers like Privately to help them navigate these complex and evolving digital regulations.
The EU's Digital Services Act is a pivotal step toward regulating the EU digital landscape, protecting consumers and creating a safer online environment, while promoting innovation and competition. Although it shares common objectives with the UK's Online Safety Bill, the DSA has its unique characteristics and implications for businesses. Privately is ready to assist businesses in achieving compliance and safeguarding the online experience for users. As the digital regulatory landscape evolves, staying informed and prepared is key for businesses to thrive while ensuring a safer online world for all.
Get in touch with Privately today to learn more about our age verification and online safety services and how we can help your business comply with the upcoming regulations.