Digital Services Act
The draft Digital Services Act ("DSA") would update the European Union's online trade laws, which were last updated more than 20 years ago, to address changes in digital and online services in the intervening years. The draft DSA would introduce new obligations to monitor and filter content appearing on platforms that would apply to all digital services companies that act as intermediaries in connecting consumers with goods, services, and content.
The extent of the obligations will depend on the type of services that the company provides, as well as its user base. For example, different rules will apply to companies that offer intermediary services, hosting services, and online platform services. Online platforms with a particularly large user base, defined as at least 45 million users in the European Union, representing about 10% of the EU population, will also be subject to distinct obligations.
The DSA establishes new obligations on digital services companies to combat certain illegal content that users post on the platform. The DSA rules would empower users to notify the platform of illegal content (e.g., copyright infringement, counterfeit products, hate speech) on their services, require platforms to process notices of illegal content, implement procedures to help trace sellers of illegal goods, and adopt more transparency related to online advertising, such as identifying the person on whose behalf the advertisement is displayed and the parameters used to determine the recipient.
The DSA delegates most enforcement powers to competent EU Member State authorities to be designated by Member States (possibly among existing regulators for telecommunications, media, competition or consumer protection regulators) and with one authority keeping the role of Digital Services Coordinator. However, the EC will have exclusive authority over large online platforms. If implemented, failure to comply with the DSA could result in maximum fines of up to 6% of the company's worldwide annual income or turnover.
Digital Markets Act
The draft Digital Markets Act ("DMA") introduces rules for online platforms that act as "gatekeepers" in the digital sector to prevent those companies from imposing allegedly unfair conditions on businesses and consumers. Examples of potentially covered platforms include providing cloud computing services, online social networking services, video-sharing platform services, and number-independent interpersonal communication services.
In general, the DMA sets forth three qualitative criteria that determine whether a company is a gatekeeper. The DMA also associates each qualitative criteria with financial and/or user base thresholds, which, if met, trigger an obligation to make a filing with the EC within three months of crossing all three of the thresholds.
Even if a platform company's operations cross the numerical thresholds above, it may rebut the presumptions by showing that it does not meet the DMA's qualitative definition of a gatekeeper. Within 60 days of receiving a complete filing, and considering facts and arguments presented by a filer about the DMA's qualitative thresholds, the EC must release its decision about whether it thinks the filer qualifies as a gatekeeper. A company may seek judicial review of the EC's gatekeeper determination in the Court of Justice of the European Union.
The DMA also empowers the EC to identify a gatekeeper even if the quantitative filing thresholds are not met. The EC considers criteria such as the size of the provider, entry barriers derived from network effects, and user lock-in.
Qualification as a gatekeeper triggers a series of regulations, and noncompliance risks substantial fines. These obligations include granting smaller rivals access to and interoperability with hardware and software needed to offer their services, and informing the EC of any planned acquisitions in the digital sector, including small acquisitions that would otherwise fall below the EC's merger review thresholds.
The DMA also would prohibit gatekeepers from engaging in certain conduct that has been or is the subject of EC or Member State investigations. While those investigations remain controversial, the DMA would prohibit gatekeepers from:
- Implementing most-favored-nation ("MFN") clauses that prevent business users from offering the same products at different prices or conditions through third-party online intermediation services;
- Combining personal data across services without prior consent of the end users;
- Preferencing the gatekeepers' own products or services over the products or services of competing businesses that also use the platform;
- Using nonpublic data collected from the platform's business users to compete against those business users; and
- Requiring business users to use the gatekeeper's identification service.
The DMA empowers the EC to designate which companies are gatekeepers, investigate and sanction violations, develop rules that specify the manner of compliance with certain DMA obligations, and establish additional gatekeeper regulations on top of the rules in the DMA.
If a company fails to comply with the proposed new rules it could face fines of up to 10% of their global annual revenue. In the case of "systematic infringements," the EC could also impose behavioral or structural remedies, such as divestiture of a whole business or parts of it (e.g., forced sale of business units, assets, intellectual property, or brands). Contrary to the initial draft, the revised DMA would not permit the EC to order structural remedies such as divestitures in the absence of a violation.
The European Parliament and the Council of the European Union will now review and discuss the EC's proposal, which could result in changes. Both institutions must agree on the final text under qualified majority at the Council before the DSA or DMA take effect. If adopted, the DSA and DMA would become applicable across the European Union, and would not need separate approval in Member States.
Global Regulation Is Not a Foregone Conclusion
There is not a global consensus about whether regulatory intervention is necessary, or what regulation is warranted. For example, in a speech in February 2019, the Assistant Attorney General ("AAG") for the U.S. Department of Justice Antitrust Division ("DOJ") cautioned against "misplaced" and "extreme views" that would propose new rules to regulate online platforms and displace the long-standing global consensus "consumer welfare" standard in antitrust reviews. In a nutshell, under the consumer welfare standard, antitrust enforcers intervene in markets or acquisitions only if the conduct harms consumers in a relevant market.
DOJ noted that digital platforms have grown, in part, because they provide innovative and disruptive services that consumers like. According to DOJ, antitrust enforcement should not concern itself with "how big the platform is, but whether what the platform is doing harms competition." Although DOJ agreed that concerns over privacy, notice, and unauthorized use of data should be discussed, it discouraged the use of the antitrust laws to address policy issues that do not result in collusive or exclusionary conduct.