Alert DSA DMA

Context

The Digital Market Act (DMA) and the Digital Services Act (DSA) were definitively voted by the European Parliament on July 5, 2022. The texts will have to be respectively adopted by the Council of the European Union during the months of July and September. These texts will then apply to all Member States in March 2023 for the DMA and on January 1, 2024 for the DSA.

These two major new digital regulatory frameworks aim to limit the economic domination of large online platforms and the online diffusion of illegal content and products.

The DMA

The DMA aims to regulate the activities of the "gatekeepers", i.e., the large platforms that represent key structuring elements of today’s digital economy, intermediating the majority of transactions between end users and business users and generating user dependency and competition concerns.

These gatekeepers will have to comply with new obligations, mainly concerning:

• Their contractual relationships with business users and consumers to rebalance them and avoid any unfairness;
• The collection and use of personal data.

In case of non-compliance with the obligations set forth in the DMA, the gatekeeper risks a fine of up to 10% of its total worldwide turnover and up to 20% in case of recidivism. It may also be subject to penalty payments of up to 5% of its average daily worldwide turnover.

If the infringements are recurrent, the European Commission may impose any remedial measures of a behavioral or structural nature necessary to ensure compliance with the DMA (for instance, it may require the gatekeeper to divest a business activity).

The DSA

The DSA deletes and replaces the articles of the "e-commerce" directive of June 8, 2000 relating to the liability of technical intermediaries. It should also contribute to making the Internet a safer place by aiming to make platforms more responsible. Thus, the DSA applies to all online intermediaries (ISPs, cloud computing services, marketplaces, social networks, etc.) that offer their services on the European market, regardless of their establishment.

The latter will have to comply with new obligations depending on their size, the nature of their services, their audience, their influence and the risks and societal damage they are likely to cause. These obligations are gathered in three main axes:

• The fight against illegal goods, services or content online to reinforce the rapid removal/blocking illegal content (cooperation with "trusted flaggers", creation of tools for users facilitating the reporting of illegal content, etc.)
• Online transparency promoting a better understanding of moderation decisions by users and the use of advertising (Internet system for handling complaints, possibility to contest a decision, explanations of how targeted advertising algorithms work, prohibition of targeted advertising for minors, prohibition of dark patterns, etc.)
• Risk mitigation and crisis management (only concerns very large platforms and search engines, as defined in the DSA - analysis of systemic risks generated, independent risk mitigation audits to be carried out every year, compliance with potential codes of conduct, interface algorithms to be provided to the Commission and competent national authorities, etc.)

In order to ensure compliance with its terms, the DSA establishes a monitoring and sanctioning system. Each EU country will have to designate one or more competent authorities (potentially ARCOM in France) to monitor compliance with the DSA. The very large search engines and online platforms will be directly supervised by the Commission and will have to designate in-house compliance officers.

In addition to powers of investigation, the Digital Services Coordinators and the Commission will be able to impose penalties and fines of up to 5% and 6% of the worldwide turnover of the intermediary service provider concerned