The Digital Services Act (“DSA”) is nearing final approval. The DSA imposes new rules on providers of intermediary services (e.g., cloud services, file-sharing services, search engines, social networks and online marketplaces). As we reported in July, the European Parliament voted to adopt the DSA on 5 July 2022. As we wait for the Council to adopt it, there have been a couple of updates in recent weeks, which we set out below. We will keep this blog updated as the finish line approaches.

Corrigendum to the DSA

On 12 September 2022, the European Parliament voted on a corrigendum to the DSA, which includes a number of edits to the text that was agreed in June. These edits primarily reflect changes introduced by lawyer-linguists to clarify and refine the text’s wording, and to fix numbering issues. Notably, the edits state that online search engines are “intermediary services.” The corrigendum was deemed approved on 14 September 2022.

Commission Announces Plans to Adopt Implementing Acts

The DSA empowers the Commission to adopt implementing acts concerning practical arrangements for:

  • the proceedings in Articles 69 (Power to conduct inspections) and 72 (Monitoring actions) (Article 83(a));
  • the hearings in Article 79 (Right to be heard and access to the file) (Article 83(b)); and
  • the negotiated disclosure of information provided for in Article 79(Right to be heard and access to the file) (Article 83(c)).

The Commission has announced that it is currently preparing an implementing regulation laying down rules on “all procedural practical arrangements in Article 83 of DSA,” and intends to adopt it in the fourth quarter of 2022.

Next Steps

The Council intends to adopt the DSA in a meeting of the Economic and Financial Affairs Council on 4 October 2022. Once adopted, the DSA will be published in the Official Journal of the EU. Companies won’t be expected to comply until 1 January 2024, or 15 months and 20 days after the date on which the DSA is published in the Official Journal of the EU, whichever is later. Very large online platforms will be required to comply 4 months after they are designated as such.

* * *

The Covington team is advising many clients on how to prepare for complying with the DSA and other legislative proposals affecting technology companies. Please reach out to a member of the team if you have any questions.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Lisa Peets Lisa Peets

Lisa Peets is co-chair of the firm’s Technology and Communications Regulation Practice Group and a member of the firm’s global Management Committee. Lisa divides her time between London and Brussels, and her practice encompasses regulatory compliance and investigations alongside legislative advocacy. For more…

Lisa Peets is co-chair of the firm’s Technology and Communications Regulation Practice Group and a member of the firm’s global Management Committee. Lisa divides her time between London and Brussels, and her practice encompasses regulatory compliance and investigations alongside legislative advocacy. For more than two decades, she has worked closely with many of the world’s best-known technology companies.

Lisa counsels clients on a range of EU and UK legal frameworks affecting technology providers, including data protection, content moderation, artificial intelligence, platform regulation, copyright, e-commerce and consumer protection, and the rapidly expanding universe of additional rules applicable to technology, data and online services.

Lisa also supports Covington’s disputes team in litigation involving technology providers.

According to Chambers UK (2024 edition), “Lisa provides an excellent service and familiarity with client needs.”

Photo of Shona O'Donovan Shona O'Donovan

Shóna O’Donovan is an associate in the technology regulatory group in the London office. She advises clients, particularly in the technology industry, on a range of data protection, e-privacy and online content issues under EU, Irish and UK law.

Shóna advises multinational companies…

Shóna O’Donovan is an associate in the technology regulatory group in the London office. She advises clients, particularly in the technology industry, on a range of data protection, e-privacy and online content issues under EU, Irish and UK law.

Shóna advises multinational companies on complying with EU and UK data protection and e-privacy rules. She regularly defends clients in regulatory investigations and inquiries, and provides strategic advice on incident response. She advises clients on existing and emerging online content laws, including those affecting intermediary services and audiovisual media services. In this context, she regularly advises clients on the intersection between online content and privacy rules.

Shóna also counsels clients on policy developments and legislative proposals in the technology sector, and the impacts of these developments for their business.

In her current role, Shóna gained experience on secondment to the data protection team of a global technology company. In a previous role, she spent seven months on secondment to the European data protection team of a global social media company.

Shóna’s recent pro bono work includes providing data protection advice to the International Aids Vaccine Initiative and a UK charity helping people with dementia, and working with an organization specializing in providing advice to states involved in conflict on documenting human rights abuses.

Photo of Anna Oberschelp de Meneses Anna Oberschelp de Meneses

Anna Sophia Oberschelp de Meneses is an associate in the Data Privacy and Cybersecurity Practice Group.

Anna is a qualified Portuguese lawyer, but is both a native Portuguese and German speaker.

Anna advises companies on European data protection law and helps clients coordinate…

Anna Sophia Oberschelp de Meneses is an associate in the Data Privacy and Cybersecurity Practice Group.

Anna is a qualified Portuguese lawyer, but is both a native Portuguese and German speaker.

Anna advises companies on European data protection law and helps clients coordinate international data protection law projects.

She has obtained a certificate for “corporate data protection officer” by the German Association for Data Protection and Data Security (“Gesellschaft für Datenschutz und Datensicherheit e.V.”). She is also Certified Information Privacy Professional Europe (CIPPE/EU) by the International Association of Privacy Professionals (IAPP).

Anna also advises companies in the field of EU consumer law and has been closely tracking the developments in this area.

Her extensive language skills allow her to monitor developments and help clients tackle EU Data Privacy, Cybersecurity and Consumer Law issues in various EU and ROW jurisdictions.