First important compliance deadline for Very Large players under the Digital Services Act

Written By

francine cunningham Module
Francine Cunningham

Regulatory and Public Affairs Director
Belgium Ireland

As Regulatory & Public Affairs Director in Brussels, I assist companies facing an unprecedented wave of new EU regulation that will have an impact on every business operating in the digital and data-related economy. I help companies navigate complex EU decision-making processes and understand the practical application of the law to their sectors.

The global conversation about the role and responsibilities of online platforms enters a new, practical phase on 25 August, when very large players face their first important compliance deadline under the Europe’s Digital Services Act (DSA). This date marks the start of enforcement efforts around the DSA, which is designed to provide a legal framework promoting an open, transparent and safe online environment in the European Union.

Under the DSA, online platforms or search engines deemed to have at least 45 million “average monthly active recipients” in the EU have been designated as Very Large Online Platforms (VLOPs) or Very Large Search Engines (VLOSEs) by the European Commission. These companies are now obliged to comply with the more stringent rules for very large players outlined in the DSA, since they are regarded as playing a central role in the economy, society and public discourse. To date, a total of 19 companies which have been designated as VLOPs/VLOSEs by the Commission’s DG Connect, although this label has already been subject to legal challenge by two companies before the EU’s general court.

Obligations for such designated companies include delivery of their first risk assessment to evaluate compliance with the due diligence requirements in the DSA, as well as mitigation measures to guard against any potential systemic risks stemming from the design or functioning of their service. The relevant audit reports should be carried out be a service provider that is independent from the VLOP/VLOSE and should contain an opinion on whether the tech company has complied with the relevant obligations and commitments. While these first reports are likely to be a learning curve for both the companies concerned and DG Connect, the Commission is empowered to come forward with a future Delegated Act to provide more guidance on how to carry out risk assessments. For their part, designated companies will be concerned to ensure a sufficient level of confidentiality and protection of trade secrets in respect of the information provided in the context of such audits.

Bird & Bird’s team of experts is on hand to help your organisation with DSA compliance. More information available here.


Latest insights

More Insights
flower

NEWSFLASH - The UK’s New Consultation on AI and Copyright: Purr-suing Balance?

Dec 19 2024

Read More
laptop phone

EU/UK sanctions regarding Russia and Belarus (16-12-2024)

Dec 19 2024

Read More
Curiosity line pink background

Australia’s first standalone cyber security law – the Cyber Security Act 2024

Dec 18 2024

Read More