Feed

Show only
14 April 2021
Di­git­al Ser­vices Act (DSA): A new leg­al frame­work for the plat­form eco­nomy
The European Com­mis­sion has is­sued the draft pro­pos­al for the Reg­u­la­tion on a Single Mar­ket for Di­git­al Ser­vices (Di­git­al Ser­vices Act, the “DSA”), which cre­ates a new leg­al frame­work for di­git­al ser­vices, amends the e-Com­merce Dir­ect­ive, and pre­pares the EU law for new and in­nov­at­ive in­form­a­tion so­ci­ety di­git­al ser­vices.The DSA sets out uni­form, har­mon­ised rules for in­ter­me­di­ary ser­vice pro­viders (the “ISPs”) to foster in­nov­a­tion, growth and com­pet­it­ive­ness, to bet­ter pro­tect con­sumers and their fun­da­ment­al rights on­line, to en­sure a safe, pre­dict­able and trus­ted on­line en­vir­on­ment, to of­fer more choices for users and less ex­pos­ure to il­leg­al con­tent, to provide ac­cess to busi­ness users to EU-wide mar­kets through plat­forms, and to fa­cil­it­ate the scal­ing up of smal­ler plat­forms, SMEs and start-ups. The new draft rules es­tab­lish:a frame­work for the con­di­tion­al ex­emp­tion from li­ab­il­ity of ISPs;rules on spe­cif­ic due di­li­gence and oth­er ob­lig­a­tions tailored to dif­fer­ent cat­egor­ies of ISPs;law en­force­ment rules and a new re­gime for co­oper­a­tion of and co­ordin­a­tion between the com­pet­ent au­thor­it­ies. 1. Which di­git­al ser­vice pro­viders are covered? The DSA cov­ers those ISPs, wheth­er es­tab­lished in or out­side the EU, that provide in­ter­me­di­ary ser­vices such as con­duit ser­vices, cach­ing ser­vices, host­ing ser­vices to re­cip­i­ents (users, busi­ness users, con­sumers, in­di­vidu­als and leg­al en­tit­ies us­ing the in­ter­me­di­ary ser­vices) hav­ing an es­tab­lish­ment or res­id­ence in the EU.The defin­i­tions of con­duit, cach­ing and host­ing ser­vice pro­viders re­mained the same as in the e-Com­merce Dir­ect­ive; the DSA only re­peats those e-Com­merce Dir­ect­ive defin­i­tions word-for-word.The draft reg­u­la­tion con­tains spe­cial ob­lig­a­tions for on­line plat­form host­ing pro­viders and very large plat­forms as a spe­cial cat­egory of on­line plat­forms, and defines those host­ing ser­vices as fol­lows:On­line plat­forms are pro­viders of host­ing ser­vices which store and make avail­able in­form­a­tion to the pub­lic at the re­quest of a re­cip­i­ent of the ser­vice, e.g. on­line mar­ket­places, app stores, col­lab­or­at­ive eco­nomy plat­forms and so­cial me­dia plat­forms. However, if stor­ing or mak­ing in­form­a­tion avail­able to the pub­lic is a minor and an­cil­lary fea­ture of an­oth­er ser­vice, and can­not be used without that oth­er ser­vice for ob­ject­ive and tech­nic­al reas­ons, the ser­vice does not qual­i­fy as an on­line plat­form. This is the situ­ation with the com­ment sec­tion in an on­line news­pa­per or email and private mes­saging ser­vices.Very large on­line plat­forms are on­line plat­forms which provide their ser­vices to a num­ber of av­er­age monthly act­ive re­cip­i­ents of the ser­vice in the EU equal to or high­er than 45 mil­lion. The list of very large on­line plat­forms is pub­lished in the Of­fi­cial Journ­al of the EU. 2. No change in the li­ab­il­ity of ISPs for in­form­a­tion stored or trans­mit­ted in their ser­vices The DSA does not change the li­ab­il­ity re­gime of ISPs for il­leg­al con­tent. It only re­peats the li­ab­il­ity pro­vi­sions of the e-Com­merce Dir­ect­ive word-for-word and also main­tains the e-com­merce rule that ISPs do not have a gen­er­al ob­lig­a­tion to mon­it­or the in­form­a­tion they trans­mit or store, or to act­ively seek facts or cir­cum­stances in­dic­at­ing il­leg­al activ­ity.As an ad­di­tion, the draft reg­u­la­tion stip­u­lates that ISPs can still refer to the ex­emp­tion of li­ab­il­ity even if they con­duct vol­un­tary self-ini­ti­ated in­vest­ig­a­tions or oth­er activ­it­ies aimed at de­tect­ing, identi­fy­ing and re­mov­ing, or dis­abling ac­cess to, il­leg­al con­tent, or take the ne­ces­sary meas­ures to com­ply with the re­quire­ments of EU law. 3. What are the new ob­lig­a­tions? The DSA stip­u­lates new ob­lig­a­tions on ISPs at dif­fer­ent levels. Com­mon ob­lig­a­tions ap­ply to all kind of ISPs, in­clud­ing on­line plat­forms and very large on­line plat­forms. Host­ing pro­viders have ad­di­tion­al ob­lig­a­tions, and the DSA con­tains spe­cial ob­lig­a­tions for on­line plat­forms com­pared to oth­er host­ing ser­vices. In ad­di­tion, very large on­line plat­forms have fur­ther ob­lig­a­tions to man­age sys­tem­ic risks. 3.1 Com­mon ob­lig­a­tions ap­plic­able to all ISPs Provid­ing in­form­a­tion to au­thor­it­ies based on or­ders: if an ISP re­ceives an or­der from an au­thor­ity to act against il­leg­al con­tent, the ISP must in­form the au­thor­ity without un­due delay about the ac­tions it takes and the time of those ac­tions. Fur­ther­more, if the ISP re­ceives an or­der to provide in­form­a­tion about a spe­cif­ic in­di­vidu­al re­cip­i­ent of a ser­vice, the ISP must con­firm the re­ceipt of the or­der to the au­thor­ity without un­due delay and must provide the re­ques­ted in­form­a­tion with cer­tain lim­it­a­tions.Des­ig­nat­ing points of con­tact and leg­al rep­res­ent­at­ives: ISPs must es­tab­lish a single point of con­tact for dir­ect elec­tron­ic com­mu­nic­a­tion with the au­thor­it­ies and pub­lish it. Fur­ther­more, ISPs not es­tab­lished in the EU but of­fer­ing ser­vices in the EU must des­ig­nate in writ­ing a leg­al rep­res­ent­at­ive (to­geth­er with its name and con­tact de­tails) in one of the EU coun­tries where the ISP of­fers ser­vices for re­ceipt, ex­e­cu­tion and en­force­ment of au­thor­ity de­cisions and for co­oper­a­tion with the au­thor­it­ies. This des­ig­nated leg­al rep­res­ent­at­ive can be held li­able for non-com­pli­ance with ob­lig­a­tions un­der the DSA.In­dic­at­ing re­stric­tions in terms: all re­stric­tions (in­clud­ing con­tent mod­er­a­tion, al­gorithmic de­cision-mak­ing, and hu­man re­view rules) re­lated to the use of ISPs’ ser­vices re­gard­ing in­form­a­tion provided by the re­cip­i­ents must be in­cluded in the terms and con­di­tions of the ser­vices.Pub­lish­ing an­nu­al trans­par­ency re­ports: ISPs must pub­lish de­tailed an­nu­al re­ports of any con­tent mod­er­a­tion they en­gaged in dur­ing the rel­ev­ant peri­od. These re­ports must in­clude, among oth­ers, cer­tain in­form­a­tion on the or­ders from au­thor­it­ies, no­tices on il­leg­al con­tent and com­plaints re­ceived by the ISP, as well as on con­tent mod­er­a­tion by the ISP. 3.2 Ad­di­tion­al ob­lig­a­tions on all host­ing pro­viders Man­aging no­tices on il­leg­al con­tents: the host­ing pro­vider must in­tro­duce eas­ily ac­cess­ible, user-friendly elec­tron­ic pro­cesses for man­aging no­tices on il­leg­al con­tents. The DSA lists the man­dat­ory ele­ments of such a no­tice. The host­ing pro­vider must con­firm the re­ceipt of such no­tice in a re­spond­ing email and no­ti­fy the claimant of its de­cision without un­due delay.Provid­ing reas­on­ing for de­cisions: if the host­ing pro­vider de­cides to re­move or make un­avail­able any il­leg­al con­tent provided by the re­cip­i­ent, it must in­form the re­cip­i­ent of the de­cision and give clear reas­on­ing for that de­cision. This reas­on­ing must con­tain all man­dat­ory ele­ments lis­ted in the DSA. The de­cision must be pub­lished in an an­onymised way in the Com­mis­sion’s pub­lic data­base. 3.4 Spe­cial ob­lig­a­tions of on­line plat­forms The pro­vi­sions ap­plic­able to on­line plat­forms can­not be ap­plied to SME on­line plat­forms. The fol­low­ing ad­di­tion­al ob­lig­a­tions ap­ply to on­line plat­forms, in­clud­ing very large on­line plat­forms:Com­plaint man­age­ment sys­tem: on­line plat­forms must main­tain an in­tern­al, user-friendly, eas­ily ac­cess­ible elec­tron­ic com­plaint man­age­ment sys­tem and must grant ac­cess to it to the re­cip­i­ents. The re­cip­i­ents can sub­mit com­plaints elec­tron­ic­ally here against the on­line plat­form’s de­cisions on their il­leg­al con­tent.Out of court dis­pute set­tle­ment: re­cip­i­ents af­fected by an on­line plat­form’s de­cision on il­leg­al con­tent are en­titled to turn to an out-of-court body cer­ti­fied by the di­git­al ser­vice co­ordin­at­or. The on­line plat­forms are bound by the de­cision of this body. The DSA con­tains the de­tailed rules for the pro­ceed­ings and the de­cisions of this cer­ti­fied body.Pri­or­ity for trus­ted flag­gers: on­line plat­forms must pro­cess the no­tices on il­leg­al con­tent sub­mit­ted by trus­ted flag­gers with pri­or­ity. The di­git­al ser­vice co­ordin­at­ors are en­titled to qual­i­fy an en­tity as a trus­ted flag­ger if all con­di­tions lis­ted in the DSA are met. The list of trus­ted flag­gers is pub­lished in the Com­mis­sion’s pub­licly avail­able data­base.Meas­ures against ab­us­ive no­tices and counter-no­tices: on­line plat­forms must sus­pend their ser­vices to re­cip­i­ents that fre­quently provide mani­festly il­leg­al con­tent. Fur­ther­more, on­line plat­forms must also sus­pend the pro­cessing of no­tices and com­plaints sub­mit­ted by per­sons that fre­quently sub­mit no­tices or com­plaints that are mani­festly un­foun­ded. The DSA con­tains de­tailed rules for the cir­cum­stances to be as­sessed in the case of such sus­pen­sion.Re­port­ing sus­pi­cions of crim­in­al of­fences: on­line plat­forms must promptly in­form the mem­ber states’ com­pet­ent law en­force­ment au­thor­it­ies, or in cer­tain cases Euro­pol, if they be­come aware of any sus­pi­cion of a crim­in­al of­fence in­volving a threat to the life or safety of per­sons has taken place, is tak­ing place or is likely to take place.Know Your Busi­ness Cus­tom­er: on­line plat­forms must identi­fy their traders pro­mot­ing mes­sages or of­fer­ing products or ser­vices to EU con­sumers, and must ob­tain in­form­a­tion about them lis­ted in the DSA, among oth­ers the name, con­tact de­tails, re­gis­tra­tion num­ber, copy of the ID card of the trader. More de­tailed trans­par­ency re­ports: on­line plat­forms must in­clude ad­di­tion­al in­form­a­tion in their an­nu­al trans­par­ency re­port, such as in­form­a­tion about out-of-court dis­putes, sus­pen­sions, and auto­mated con­tent mod­er­a­tion. Fur­ther­more, on­line plat­forms must pub­lish in­form­a­tion at least once every six months on the av­er­age monthly act­ive re­cip­i­ents of the ser­vice in each EU coun­try.User-fa­cing trans­par­ency of on­line ad­vert­ising: on­line plat­forms must en­sure that ad­vert­ise­ments dis­played in their ser­vices con­tain in­form­a­tion that this is an ad­vert­ise­ment, who is the ad­vert­iser, and the tar­get audi­ence of the ad­vert­ise­ments. 3.5 Very large on­line plat­forms’ spe­cial ob­lig­a­tions for man­aging sys­tem­ic risks The draft reg­u­la­tion con­tains the fol­low­ing spe­cial ob­lig­a­tions for very large on­line plat­forms for man­aging sys­tem­ic risks:Risk man­age­ment ob­lig­a­tions: very large on­line plat­forms must con­duct an­nu­al risk as­sess­ments on the sig­ni­fic­ant sys­tem­ic risks stem­ming from the func­tion­ing and use of their ser­vices in the EU. Fur­ther­more, based on these risk as­sess­ments, they must put in place reas­on­able, pro­por­tion­ate and ef­fect­ive risk mit­ig­a­tion meas­ures for the sys­tem­ic risks they identi­fy. The DSA con­tains a de­tailed list of those risk-mit­ig­a­tion meas­ures.Ex­tern­al risk audit­ing and pub­lic ac­count­ab­il­ity: very large on­line plat­forms must con­duct an­nu­al audits on com­pli­ance with the DSA and the code of con­duct via an in­de­pend­ent, ex­tern­al pro­fes­sion­al aud­it­or. The aud­it­or must is­sue a writ­ten audit re­port in­clud­ing the man­dat­ory ele­ments lis­ted in the DSA in writ­ing.Trans­par­ency of re­com­mend­er sys­tems: if a very large on­line plat­form uses a re­com­mend­er sys­tem, it must in­clude the main para­met­ers of and cer­tain in­form­a­tion about this sys­tem in its terms and con­di­tions, and must en­sure op­tions for users not in­volving pro­fil­ing.More trans­par­ency in on­line ad­vert­ising: very large on­line plat­forms must make pub­licly avail­able, through APIs, an an­onymised re­pos­it­ory about the on­line ad­vert­ise­ments dis­played on the plat­form. The re­pos­it­ory must con­tain the con­tent of the ad­vert­ise­ments, each ad­vert­iser’s name, the peri­od when each ad­vert­ise­ment was dis­played, and cer­tain in­form­a­tion about the tar­get audi­ence of each ad­vert­ise­ment.Data shar­ing with au­thor­it­ies and re­search­ers: very large on­line plat­forms must provide ac­cess to the data to the di­git­al ser­vice co­ordin­at­or or the Com­mis­sion for mon­it­or­ing and as­sess­ing com­pli­ance with the DSA, and must grant ac­cess to the data to vet­ted aca­dem­ic, in­de­pend­ent re­search­ers for con­duct­ing re­search that con­trib­utes to the iden­ti­fic­a­tion and un­der­stand­ing of sys­tem­ic risks. Data ac­cess must be en­sured via APIs or on­line data­bases.Com­pli­ance of­ficer: very large on­line plat­forms must ap­point at least one pro­fes­sion­al com­pli­ance of­ficer to mon­it­or com­pli­ance with the DSA. The com­pli­ance of­ficer’s name and con­tact de­tails must be provided to the di­git­al ser­vice co­ordin­at­or and the Com­mis­sion.Ad­di­tion­al trans­par­ency re­port­ing du­ties: very large on­line plat­forms must pub­lish trans­par­ency re­ports every six months and must pub­lish and sub­mit ad­di­tion­al re­ports lis­ted in the DSA to the di­git­al ser­vice co­ordin­at­or and the Com­mis­sion. 4. Com­pet­ent au­thor­it­ies, for­um shop­ping All EU mem­ber states must des­ig­nate a com­pet­ent na­tion­al en­force­ment au­thor­ity for the DSA and the same or an­oth­er au­thor­ity as the di­git­al ser­vice co­ordin­at­or. Each di­git­al ser­vice co­ordin­at­or has the power of in­vest­ig­a­tion and is en­titled to de­mand in­form­a­tion from the ISPs and any oth­er per­son on sus­pec­ted in­fringe­ments of the DSA, to carry out on-site in­spec­tions, to ask staff of the ISPs to give ex­plan­a­tions, to or­der the ces­sa­tion of an in­fringe­ment, to im­pose fines, and to ad­opt in­ter­im meas­ures.The EU mem­ber state in which the main es­tab­lish­ment of the ISP is loc­ated will have jur­is­dic­tion over the ISP. If an ISP does not have an es­tab­lish­ment in the EU but of­fers ser­vices in the EU, it will be deemed to be un­der the jur­is­dic­tion of the EU mem­ber state where its leg­al rep­res­ent­at­ive resides or is es­tab­lished, which en­ables for­eign ISPs to choose the EU jur­is­dic­tion by des­ig­nat­ing its leg­al rep­res­ent­at­ive. If the ISP fails to ap­point a leg­al rep­res­ent­at­ive, all EU mem­ber states will have jur­is­dic­tion over that ISP.The DSA es­tab­lishes the European Board for Di­git­al Ser­vices, an in­de­pend­ent ad­vis­ory group of di­git­al ser­vice co­ordin­at­ors on the su­per­vi­sion of ISPs with ad­vis­ory tasks for di­git­al ser­vice co­ordin­at­ors and the Com­mis­sion.The DSA in­tro­duces en­hanced su­per­vi­sion for very large plat­forms. In this case, the di­git­al ser­vices co­ordin­at­or will con­sider all opin­ions and re­com­mend­a­tions of the European Board for Di­git­al Ser­vices and the Com­mis­sion. The Com­mis­sion and the Board is en­titled to re­com­mend that the di­git­al ser­vice co­ordin­at­or in­vest­ig­ates the in­fringing activ­ity. The Com­mis­sion is en­titled to ini­ti­ate its own pro­ceed­ings against a very large on­line plat­form in cases defined in the DSA. The DSA con­tains spe­cial rules for pro­ceed­ings ini­ti­ated by the Com­mis­sion against a very large plat­form, with spe­cial pro­ced­ur­al rights and ob­lig­a­tions. 5. Sanc­tions The DSA does not con­tain an ex­haust­ive list of sanc­tions for an in­fringe­ment of the reg­u­la­tion; the Mem­ber States will set out the rules on sanc­tions. The draft reg­u­la­tion defines the fol­low­ing max­im­um amount of pen­al­ties:6% of the an­nu­al in­come or turnover of the ISP for in­fringing the ob­lig­a­tions in the DSA;1% of the an­nu­al in­come or turnover of the ISP for sup­ply­ing in­cor­rect, in­com­plete or mis­lead­ing in­form­a­tion, fail­ing to reply or rec­ti­fy in­cor­rect, in­com­plete or mis­lead­ing in­form­a­tion, and fail­ing to sub­mit to an on-site in­spec­tion;5% of the av­er­age daily turnover in the pre­ced­ing fin­an­cial year per day, cal­cu­lated from the date ap­poin­ted by the de­cision in the case of daily, peri­od­ic pen­alty pay­ments. 6. Next steps The European Par­lia­ment and Mem­ber States will dis­cuss the Com­mis­sion’s pro­pos­al ac­cord­ing to the or­din­ary le­gis­lat­ive pro­ced­ure, which will take at least 18 months. Once ad­op­ted, the DSA will dir­ectly ap­ply across the EU and ISPs will have three months to pre­pare for the new leg­al re­gime.We will con­tinu­ously mon­it­or the status of the le­gis­lat­ive pro­cess and keep you up­dated on any changes to the draft text of the DSA.
13 April 2021
COV­ID-19: vac­cin­a­tion of em­ploy­ees and vir­us con­tain­ment in the work­place
On 6 April 2021, so­cial part­ners in Italy, which in­cluded the gov­ern­ment, em­ploy­ers and em­ploy­ee rep­res­ent­at­ives signed shared pro­to­cols for the ac­tiv­a­tion of vac­cin­a­tion points in work­places and for...
12 April 2021
EU Di­git­al Ser­vices Act gives new leg­al frame­work for plat­form eco­nomy
The European Com­mis­sion has is­sued the draft pro­pos­al for the Reg­u­la­tion on a Single Mar­ket for Di­git­al Ser­vices (Di­git­al Ser­vices Act or DSA), which cre­ates a new leg­al frame­work for di­git­al ser­vices...
09 April 2021
Im­ple­ment­a­tion of EU Dir­ect­ive on un­fair trad­ing prac­tices in B2B re­la­tion­ships...
Draft Law no. 1721-B (European del­eg­a­tion law) which Art­icle 7 con­tains the prin­ciples and guidelines for the im­ple­ment­a­tion of European Dir­ect­ive 2019/633 on un­fair trad­ing prac­tices in B2B re­la­tion­ships...
08 April 2021
Crim­in­al li­ab­il­ity from the ad­min­is­tra­tion of the SARS-CoV-2 vac­cine: ex­clu­sion...
On April 1 the Itali­an Gov­ern­ment passed a De­cree ( Law De­cree no. 44 of 2021), that, among vari­ous meas­ures for the con­tain­ment of the COV­ID 19 pan­dem­ic, ex­cludes crim­in­al sanc­tions for man­slaughter...
06 April 2021
EU is­sues draft of Di­git­al Mar­kets Act aimed at cre­at­ing a new and fair...
The European Com­mis­sion has pub­lished a draft pro­pos­al for a new com­pet­i­tion law frame­work for large on­line plat­forms, called the Di­git­al Mar­kets Act (DMA). The Com­mis­sion pro­posed the DMA due to the...
01 April 2021
Di­git­al Mar­kets Act: a new and fair busi­ness frame­work for large plat­forms
The European Com­mis­sion has pub­lished the draft pro­pos­al for a new com­pet­i­tion law frame­work for large on­line plat­forms, called the Di­git­al Mar­kets Act (the “DMA”). The reas­on the Com­mis­sion pro­posed the DMA is that a small num­ber of large on­line plat­forms cap­ture the biggest share of over­all value gen­er­ated in Europe’s di­git­al eco­nomy, and these plat­forms have emerged by be­ne­fit­ting from sec­tor char­ac­ter­ist­ics such as strong net­work ef­fects, of­ten em­bed­ded in their own plat­form eco­sys­tems. These plat­forms rep­res­ent the key struc­tur­ing ele­ments in today’s di­git­al eco­nomy, in­ter­me­di­at­ing the ma­jor­ity of trans­ac­tions between end users and busi­ness users. A few large plat­forms in­creas­ingly act as gate­ways or gate­keep­ers between busi­ness users and end users, and en­joy a long-term, en­trenched po­s­i­tion, of­ten as a res­ult of the cre­ation of con­glom­er­ate eco­sys­tems around their core plat­form ser­vices, which re­in­forces ex­ist­ing entry bar­ri­ers.The DMA deals with those large on­line plat­forms act­ing as gate­keep­ers in di­git­al mar­kets. The DMA aims to en­sure that:these plat­forms be­have fairly on­line;in­nov­at­ors and tech­no­logy start-ups will have new op­por­tun­it­ies to com­pete and in­nov­ate in the on­line plat­form en­vir­on­ment without hav­ing to com­ply with un­fair terms and con­di­tions that lim­it their de­vel­op­ment;con­sumers will have more and bet­ter ser­vices to choose from, more op­por­tun­it­ies to switch their pro­vider if they so wish, dir­ect ac­cess to ser­vices, and fairer prices. Who are the gate­keep­ers? Gate­keep­ers are core plat­form ser­vices which meet the qual­it­at­ive and quant­it­at­ive cri­ter­ia set out in the DMA. Core plat­form ser­vices in­clude on­line in­ter­me­di­ation ser­vices, search en­gines, so­cial net­work­ing ser­vices, video-shar­ing plat­form ser­vices, num­ber-in­de­pend­ent in­ter­per­son­al com­mu­nic­a­tion ser­vices, op­er­at­ing sys­tems, cloud com­put­ing ser­vices, ad­vert­ising ser­vices in­clud­ing any ad­vert­ising net­works, ad­vert­ising ex­changes and any oth­er ad­vert­ising in­ter­me­di­ation ser­vices, provided by a pro­vider of any of the core plat­form ser­vices lis­ted above.A core plat­form ser­vice qual­i­fies as a gate­keep­er, if:it has a sig­ni­fic­ant im­pact on the in­tern­al mar­ket, which is pre­sumed if it achieves an an­nu­al EEA turnover equal to or above EUR 6.5 bil­lion in the three pre­ced­ing fin­an­cial years, or where the av­er­age mar­ket cap­it­al­isa­tion or the equi­val­ent fair mar­ket value of the un­der­tak­ing to which it be­longs amoun­ted to at least EUR 65 bil­lion in the pre­ced­ing fin­an­cial year, and it provides a core plat­form ser­vice in at least three Mem­ber States;it op­er­ates a core plat­form ser­vice which serves as an im­port­ant gate­way for busi­ness users to reach end users, which is pre­sumed if it has more than 45 mil­lion monthly act­ive end users es­tab­lished or loc­ated in the Uni­on and more than 10,000 yearly act­ive busi­ness users es­tab­lished in the EU in the pre­ced­ing fin­an­cial year;it en­joys a long-term, en­trenched po­s­i­tion in its op­er­a­tions or it is fore­see­able that it will en­joy such po­s­i­tion in the near fu­ture, which is pre­sumed if the thresholds in point b) were met in each of the three pre­ced­ing fin­an­cial years.   What are the gate­keep­ers’ main ob­lig­a­tions? Do’s and Don’ts     What kind of tools and powers do the Com­mis­sion and oth­er bod­ies have? The DMA grants powers and dif­fer­ent pro­ced­ur­al rights to the European Com­mis­sion and es­tab­lishes the Di­git­al Mar­kets Ad­vis­ory Com­mit­tee for is­su­ing opin­ions in is­sues re­lated to the DMA.The DMA gives the Com­mis­sion the fol­low­ing powers:to des­ig­nate core plat­form ser­vices that meet the DMA cri­ter­ia as gate­keep­ers;to re­view ad-hoc the status of gate­keep­ers on re­quest or on its own;to re­view at two-year in­ter­vals the status of gate­keep­ers;to spe­cify meas­ures to be taken by gate­keep­er to com­ply with the DMA;to sus­pend cer­tain gate­keep­er ob­lig­a­tions un­der the DMA at a gate­keep­er’s re­quest, if the gate­keep­er demon­strates that com­pli­ance with that spe­cif­ic ob­lig­a­tion would en­danger its eco­nom­ic vi­ab­il­ity;to ex­empt a gate­keep­er from cer­tain ob­lig­a­tions un­der the DMA on the grounds of pub­lic mor­al­ity, pub­lic health or pub­lic se­cur­ity;to ini­ti­ate mar­ket in­vest­ig­a­tions:lower-ro­manto ex­am­ine wheth­er a pro­vider of core plat­form ser­vices should be des­ig­nated as a gate­keep­er;in­to sys­tem­at­ic non-com­pli­ance by a gate­keep­er;to ex­am­ine wheth­er cer­tain ser­vices in the di­git­al sec­tor should be ad­ded to the list of core plat­form ser­vices and identi­fy prac­tices that might lim­it the con­test­abil­ity of core plat­form ser­vices or might be un­fair.The DMA grants in­vest­ig­at­ive, en­force­ment and mon­it­or­ing powers to the Com­mis­sion dur­ing its pro­ceed­ings, based on which the Com­mis­sion is en­titled to:re­quest in­form­a­tion from any un­der­tak­ings and from the gov­ern­ments and au­thor­it­ies of EU mem­ber states;ac­cess data bases and al­gorithms;in­ter­view any private per­son or leg­al en­tity to col­lect in­form­a­tion re­lat­ing to the sub­ject-mat­ter of an in­vest­ig­a­tion;con­duct on-site in­spec­tions at the premises of any un­der­tak­ings, in­clud­ing to­geth­er with aud­it­ors and ex­perts;or­der in­ter­im meas­ures against a gate­keep­er on the basis of a prima facie find­ing of an in­fringe­ment of ob­lig­a­tions un­der the DMA;mon­it­or the ef­fect­ive im­ple­ment­a­tion and com­pli­ance with the ob­lig­a­tions un­der the DMA.   What will the sanc­tions for non-com­pli­ance be? If the Com­mis­sion ad­opts a non-com­pli­ance de­cision in which it finds that a gate­keep­er does not com­ply with one or more ob­lig­a­tions un­der the DMA, the Com­mis­sion may fine a gate­keep­er.The max­im­um amount of a fine is 10% of the total world­wide an­nu­al turnover of the gate­keep­er in the case of a ma­ter­i­al breach of the ob­lig­a­tions un­der the DMA, and a max­im­um 1% in the case of a less ser­i­ous breach of ob­lig­a­tions un­der the DMA.The Com­mis­sion is also en­titled to or­der peri­od­ic pen­alty pay­ments of up to 5% of the av­er­age daily turnover in cer­tain cases defined in the DMA.In the case of sys­tem­at­ic breaches of the DMA ob­lig­a­tions by gate­keep­ers, ad­di­tion­al rem­ed­ies may be im­posed after a mar­ket in­vest­ig­a­tion. Such rem­ed­ies will need to be pro­por­tion­ate to the of­fence com­mit­ted. If ne­ces­sary and as a last re­sort, non-fin­an­cial rem­ed­ies can be im­posed. These can in­clude be­ha­vi­our­al and struc­tur­al rem­ed­ies, e.g. the di­vestit­ure of (parts of) a busi­ness.   What are the next steps? The European Par­lia­ment and Mem­ber States will dis­cuss the Com­mis­sion’s pro­pos­al ac­cord­ing to the or­din­ary le­gis­lat­ive pro­ced­ure, which will take at least 18 months. Once ad­op­ted, the Act will dir­ectly ap­ply across the EU and the core plat­form ser­vice pro­viders will have six months to pre­pare for the new leg­al re­gime.We will con­tinu­ously mon­it­or the status of the le­gis­lat­ive pro­cess and keep you up­dated on any changes to the draft text of the DMA.
29 March 2021
EDPS & EDPB re­lease joint opin­ion on the Data Gov­ernance Act
On 10 March 2021, the EDPB and the EDPS re­leased their joint opin­ion on the Data Gov­ernance Act (DGA), the European Com­mis­sion’s Pro­pos­al for a Reg­u­la­tion on European data gov­ernance. The DGA is an...
26 March 2021
Oil & Gas / Ship­ping – The Ever Giv­en
The Suez Canal opened in 1869. Along with the Panama Canal, it is one of the most im­port­ant mari­time “short­cuts” ever built. Today, the canal is 193km (120 miles) long and is one of the busiest wa­ter­ways...
25 March 2021
De­creto Sostegni COV­ID-19 meas­ures for com­pan­ies and em­ploy­ees
Fol­low­ing the pub­lic­a­tion of De­cree-Law no. 41 of 22 March 2021, we of­fer a brief sum­mary of the Ur­gent La­bour Meas­ures re­lated to the COV­ID-19 emer­gency. So­cial safety nets Em­ploy­ers who sus­pend or...
24 March 2021
IVASS re­leases cla­ri­fic­a­tions on Or­der no. 97/2020: pro­hib­i­tion to re­gister...
IVASS has spe­cified that com­men­cing from 31 March 2021 in­ter­me­di­ar­ies op­er­at­ing un­der the free­dom to provide ser­vice (FOS) in Italy can­not re­gister their col­lab­or­at­ors in the Re­gister of In­sur­ance In­ter­me­di­ar­ies...
24 March 2021
The Bul­gari­an Com­mis­sion for Per­son­al Data Pro­tec­tion an­swers the ques­tion...
The Bul­gari­an Com­mis­sion for Per­son­al Data Pro­tec­tion (the CP­DP) has re­cently pub­lished ad­di­tion­al guidelines on the ap­point­ment of a Data Pro­tec­tion Of­ficer (DPO) by con­trol­lers and pro­cessors of per­son­al...