Friday, March 5, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Data Privacy

The Digital Services Act: The Next GDPR

Recent Regulations Around Digital Accountability

by Heloise Martorell and Mike Laughton
March 11, 2020
in Data Privacy, Featured
social media app icons on smartphone screen

Access Partnership’s Héloïse Martorell and Mike Laughton discuss the Digital Services Act, which could be viewed as the EU’s next attempt to set a global standard for digital companies.

Emboldened by the GDPR, the EU is increasingly confident in its ability to set global standards for technology regulation. With the new European Commission in place, 2020 will be a year defined by the Digital Services Act (DSA). In Brussels and for much of the industry, the question is not whether to hold digital companies accountable for the actions of their users, but rather which parts of the digital sector to hold liable and to what extent. The process will take time but will be the defining digital regulation of the decade, as it tackles subjects such as the rights of consumers, censorship, the free market and the responsibility of online platforms.

The danger for industry and users alike is that, in tackling the serious challenges associated with the propagation of harmful content online – through platforms owned by Facebook, Google and Twitter – the competitive landscape is undermined, and businesses further removed from end-users are caught within the scope.

The Digital Services Act is timely, as European countries have already pushed their own initiatives to regulate online platforms. Germany blazed the trail of content regulation with the Network Enforcement Act (NetzDG) in 2017 and is looking to expand provisions. France’s Senate is currently debating its own hateful content regulation (Loi Avia). The U.K., now decidedly separate from the EU as of January 31, continues to provide inspiration for its erstwhile partners with the Online Harms White Paper, Age Appropriate Design Code and even through the now-abandoned age-gating proposals of the Digital Economy Act 2017, currently being explored as a model in Paris.

A pan-EU initiative is welcome, at least in the sense that it will attempt to harmonize 27 regimes. It will regulate social media platforms, search engines, video gaming platforms and online marketplaces. First and foremost, it will upgrade liability and safety rules for digital platforms, services and products to incentivize companies to remove illegal and harmful content. This form of content can range from hate speech to fraudulent products by third-party sellers. Current rules on intermediary liability lie within the eCommerce Directive. The 2001 rulebook adopted a “laissez faire” approach, now outdated for today’s range of services, consumption rates and the known dangers of the proliferation of user-generated content. Under the DSA, platforms will be subject to further obligations in the form of “notice and take down” orders or a “duty of care,” potentially requiring companies to use upload filters. This must be balanced by the need to avoid internet intermediaries becoming, in effect, publishers – maintaining safe harbors as much as possible.

While we do not expect legislation to be complete in 2020, this year will be to a large extent where the lines around the initial proposals are drawn. Businesses need to engage now to ensure that the new Commission understands the plethora of services they are due to regulate. While the work will be led by Internal Market Commissioner Thierry Breton, it will become a joint effort across the College.

With policy issues like consumer protection, disinformation, workers’ rights in the gig economy and competition also on the agenda, businesses will need to widen engagement efforts to the cabinets of Didier Reynders (Justice), Věra Jourová (Rule of Law), Nicolas Schmit (Employment) and Margrethe Vestager (Digital and Competition). Meanwhile, businesses must also be aware of the risk of the Digital Services Act becoming a belated Christmas tree bill, where policymakers in the Council and European Parliament can reopen old arguments concerning copyright or privacy. Of immediate concern to businesses is the expected consultation and communication on the scope of the DSA in the first quarter of 2020, followed by the first legislative proposals in the latter part of the year.

Both policymakers and the public have drawn the line after platforms failed to act responsibly out of moral conscience, rather than legal duty. The sector, having now exhausted all avenues for obtaining self- or co-regulatory regimes, should prepare for sweeping regulatory oversight. It would be also a mistake to assume this is merely a problem for the hyperscale online platforms. The proposals drawn up in the Digital Services Act will affect not only the entire technology sector, but potentially any service relying on user-generated content to any extent.

___________

The pieces in this series have been extracted from a larger report by Access Partnership on the trajectory of tech policy in 2020. The next installment will discuss a potential framework for future privacy laws in the United States.


Tags: GDPR
Previous Post

Gartner Survey: Just 12 Percent of Organizations Are Highly Prepared for Coronavirus

Next Post

Clarity on Sanctions Compliance: Examining OFAC Guidance and Enforcement

Heloise Martorell and Mike Laughton

Héloïse Martorell is a Policy Analyst, UK & Europe at Access Partnership, a global public policy consultancy for the tech sector.
Mike Laughton is Policy Manager, UK & Europe at Access Partnership.

Related Posts

illustration of man under giant gavel

BitPay’s $507K OFAC Sanctions Violations Settlement

March 4, 2021
The facade of the SEC in Washington, D.C.

Prepare Now to Comply with SEC’s Updated MD&A and Related Financial Disclosure Requirements

March 3, 2021
Illustration representing a facial recognition technology scan of a face.

Facial Recognition Technology in the Workplace: Employers Use It, Workers Hate It, Regulation Is Coming for It

March 3, 2021
A director contemplates information at her desk.

Key Concerns for Directors in 2021: Recovery from COVID-19 Is Top Priority

March 2, 2021
Next Post
Clarity on Sanctions Compliance: Examining OFAC Guidance and Enforcement

Clarity on Sanctions Compliance: Examining OFAC Guidance and Enforcement

OneTrust offers download to demonstrate privacy management leadership
Access realtime data
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence ESG fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights