On 17 February 2024, the European Regulation DSA („DSA„) came into force, bringing major changes to digital services. The DSA sets uniform rules for intermediary service providers, promotes security and transparency in the online environment and strengthens users‘ rights. A Digital Economy Act is being adopted in the Czech Republic and will build on the DSA.

The DSA applies to all intermediary service providers (hereafter referred to as „providers„) who offer their services to recipients located in the European Union. The Regulation distinguishes between the following types of providers: 

• providers of mare conduit–provide a service consisting of transmitting information provided by the recipient or providing access to a communications network (e.g. internet service providers or open Wi-Fi network providers);
• providers of caching – provide services consisting of data transmission in which the transmitted information is temporarily stored, but only for more efficient or secure data transmission (e.g. providers of reverse proxy or content editing proxy services);
• hosting providers – provide a service that allows users to store information at their request (e.g. web hosting providers or file storage providers);
• providers of online platforms –provide services that allow users to store data and then publicly distribute it on request (e.g. social network or discussion forum operators);
• provides online markets – providers of online platforms that allow consumers to enter into contracts with traders;
• providers of online search engines – provide services that allow users to enter queries to search essentially any website;
• providers of very large online platforms and providers of very large internet search engines – provide an online platform or internet search engine that has at least 45 million monthly active service recipients in the EU.

In particular, the DSA introduces the following obligations for intermediary service providers:

• obligation to respect orders – providers are obliged to respect orders to take action against illegal content and orders to provide information that is issued by judicial or administrative authorities;
• obligation to issue transparency reports – providers are obliged to issue a transparency report at least once a year, which will include information on any content moderation carried out by the provider in the relevant period;
• obligation to notify the implementation of an order – providers are obliged to notify the authority concerned and the recipient of the service concerned of the implementation of the order without undue delay;
• obligation to establish a contact point – providers are obliged to establish a contact point through which Member State authorities and recipients of services can contact them electronically;
• obligation to appoint a legal representative – providers who do not have an establishment in the EU but have a significant number of service recipients in at least one Member State must appoint a legal representative in one of the EU Member States;
• obligation to disclose terms and conditions – providers are required to disclose terms and conditions which must include (i) information on any restrictions the provider imposes on the use of its service (e.g. demonetization or visibility restrictions), (ii) information on the policies, procedures, measures and tools used to moderate content, and (iii) rules on the use of an internal complaint handling system;
• obligation to establish mechanisms to report illegal content – providers are required to establish mechanisms to enable any person to electronically notify the provider of the appearance of information within the service provided that the reporter considers to be illegal content;
• obligation to justify the restriction – where a provider decides to restrict content provided by a recipient of a service, it must justify such restriction;
• obligation to set up an internal complaint handling system – providers must ensure that service recipients can challenge decisions of online platform providers concerning illegal content or incompatibility of content with contractual terms and conditions, and are obliged to handle all such complaints;
• obligation to cooperate with trusted whistleblowers – providers must ensure that notifications of illegal content by persons designated as trusted whistleblowers are dealt with as a matter of priority;
• obligation to ensure traceability of traders – the provider is obliged to ensure that only traders who submit relevant personal information to the provider use the online marketplace and is obliged to make some of this information publicly available so that recipients of the services can access it;
• obligation to inform about the purchase of an illegal product – if the provider learns within 6 months of the purchase that a trader has sold an illegal product to a consumer, the provider must notify that consumer of (i) information about the illegality of the product, (ii) the identity of the trader, and (iii) information about remedies;
• risk assessment obligation – providers are obliged to produce a risk assessment at least once a year assessing the systemic risks in the EU arising from the design or operation of their services;
• crisis response obligation – the provider is obliged to respond to a decision that the Commission may take in the event of a crisis, ordering the provider to take action in response to the crisis.

Not all of the above obligations apply to every provider. The DSA is based on the principle that the core set of obligations applies to all providers and sets out additional obligations for each additional category of provider. Thus, the fewest obligations will apply to providers of simple transmission services and, conversely, the most obligations will apply to providers of very large online platforms and providers of very large internet search engines (see table below).

Compliance with the obligations under the DSA is overseen by Digital Service Coordinators, with each EU Member State designating one entity to be the Digital Service Coordinator. The Czech Republic has designated the Czech Telecommunications Office as the service coordinator. Violations of obligations under the DSA can result in a fine of up to 6% of a provider’s annual worldwide turnover.

The obligations of providers give new rights to service recipients, the most important of which is the right to defend themselves against the decision of the provider of the online platform within the framework of the complaints system established by the provider.

Users of online platforms can now formally request the online platform providerr to remove content published on its platform or, conversely, defend themselves against a decision to remove published content. Alternatively, users of online platforms can take their complaint against the removal/non-removal of published content directly to an out-of-court dispute resolution body.

The provider of the online platform is not obliged to comply with complaints against the removal/non-removal of published content. However, if the provider of the online platform does not comply with, for example, a complaint against the non-removal of the published content, it would become liable for the consequences caused by the published content and could thus be required to pay compensation for non-pecuniary damage caused by such content..