The EU executive delivered a presentation, obtained by EURACTIV, to national authorities on the designation of very large online platforms, the governance architecture and an information-sharing system.

The European Commission gave the presentation on Tuesday (24 January) during a webinar with the competent national authorities that will enforce the Digital Services Act (DSA), a recently adopted EU law to regulate the online distribution of content, products and services.

The DSA is horizontal legislation setting out responsibilities for all the actors involved in the digital sphere. Stricter requirements have been included for very large online platforms, those with more than 45 million users in the EU, deemed to pose a systemic risk to society as a whole.

The likes of Facebook and Instagram will have to publish how many users are active on their platforms by 17 February. On that basis, they will be designated as a very large online platform under the DSA. Member states will have one more year to appoint the Digital Services Coordinator.

Risk management year-cycle

The designated platforms will have to comply with the regulation earlier than the other economic actors, namely next July. An essential part of this compliance is to put in place a risk management system to identify and mitigate potential risks for society, like harmful content.

The Commission’s presentation further details what this risk management would entail every year. In particular, following the entry into the application of the obligation, the very large platform would have to put the relevant mitigation measures in place.

These measures are to be vetted by independent audits. When the auditing firm provides its implementation report, the large platforms would have three months to implement it. By July 2024, the designated platforms will have to send a risk assessment report to the Commission and the country’s authority where it has its European headquarters.

Governance

The EU executive will be the primary enforcer on large online platforms. In contrast, smaller actors will be the competence of the Digital Services Coordinator, that will also coordinate with other national competent authorities.

A third layer of what the Commission defines as the ‘principles of DSA governance’ is made by the European Board of Digital Services to ensure cooperation and consistent cross-border enforcement.

The member states might decide to delegate some tasks to authorities other than the coordinator, which would, however, still be the single point of contact for dealing with the companies established in its national territory and to represent the national position within the Board.

Digital Services Coordinators are also tasked with conducting joint investigations, cooperating with their peers on cross-border cases or requesting that the Commission assesses whether a large platform poses a systemic issue.

Albeit noting that the member states have flexibility in allocating supervisory and enforcement competencies, the EU executive stressed the need to streamline coordination at the national level and maintain independence and professional secrecy for all the authorities concerned.

Use cases

The presentation provided several cases to illustrate the role of the national authorities in DSA enforcement.

For instance, the designation process starts at the national level. If a platform presumed to have more than 45 million users fails to publish its user number or reports abnormally low numbers, the relevant Digital Services Coordinator would request further information.

“How is the Member State planning to identify the providers that failed to publish their number of users? Will it consider any review of suspect low reporting?” asks the presentation. If the authority still has reasons to believe the company concerned passes the threshold, it should inform the Commission.

Another example relates to a possible cross-border complaint. In this case, the authority of the country where the complaint was filed will do a first assessment and transmit the complaint to the country that hosts the platform if deemed relevant – or to the Commission if the platform is very large.

The authority of the hosting country will have two months to assess the complaint, and if the original authority disagrees with the decision, it is sent to the Board. In turn, if the Board also disagree with the hosting country, it would be up to the Commission to settle the dispute.

Broader cooperation

The Board could cooperate with EU bodies and agencies on matters such as data protection, competition and non-discrimination. The results of this cooperation would be made public.

The Commission might decide to involve EU bodies in drafting the crisis protocols intended to address extraordinary situations affecting public security. The EU executive might also ask for support in overseeing the large platforms and assessing the systemic risks.

Information sharing

According to the presentation, the Commission is working on a common and interoperable information-sharing system for official requests, operational tasks and informal collaboration.

The Commission asked the member states for their preferences as this system might either be made interoperable with the national ones, or the national authorities might also adopt the European system for internal coordination.

[Edited by Nathalie Weatherald]

Source: Euractiv.com