The major political groups of the European Parliament reached common ground on the Digital Services Act (DSA), which is set to be largely confirmed in a key committee vote as alternative amendments have so far gathered only limited support.
On Monday (6 December), EU lawmakers found a compromise on the DSA, a landmark proposal to regulate online content, services and goods. The agreement, brokered by the rapporteur Christel Schaldemose, will be voted in the internal market and consumer protection committee (IMCO) on December 13 and 14.
MEPs had until Tuesday (7 December) to table alternative amendments, which required the support of at least two political groups in order to pass. The Green group put forth several alternative amendments but was only backed up by the far left.
The alternative amendments request very large online platforms – those with more than 45 million users in the EU – to establish a legal representative in each member state, to consider the environment in their assessment of systemic risks and to pay the EU Commission a “supervisory fee”.
Measures to set up standards for sustainable consumption and the establishment of a citizen assembly to monitor the progress of voluntary codes of conduct were also tabled.
An amendment to introduce stricter measures against revenge porn was the only one to meet the support of another group, the liberal Renew, but also in this case it is unlikely to pass as the other parties are pushing to close the file.
Monday’s agreement is therefore likely to pass mostly unchanged in the IMCO, formalising significant changes to the initial version of the proposal.
In terms of scope, the regulation covers all online platforms that store or disseminate public information, but Cloud services have been explicitly excluded.
Platforms cannot be obliged to monitor all the content hosted on them but will have to take down the illegal content flagged to them by law enforcement authorities. In case the content was wrongly considered illegal, authorities may ask the platforms to reinstate it, in a concession made to secure the support of the conservative ECR group, EURACTIV has learned.
The compromise text introduces measures to limit the power of national authorities, as member states will not be able to force “providers of intermediary services to generally and indiscriminately retain personal data of the recipients of their services.”
Similarly, EU governments are prevented from requesting the monitoring of people’s behaviour online nor to stop service providers from offering end-to-end encrypted communication services.
The new version of the law also includes provisions against dark patterns, intended as a technique to make a user do something they would rather not. The measures were a flagship proposal of Schaldemose but faced opposition from the centre-right.
“Providers of intermediary services shall not use the structure, function or manner of operation of their online interface, or any part thereof, to distort or impair recipients of services’ ability to make a free, autonomous and informed decision or choice,” the new Article 13a reads.
At the same time, the recital specifies that these should not prevent providers from interacting directly with the users to offer them services, as “it should be possible to approach a user again in a reasonable time, even if the user had denied consent for specific data processing purposes.”
Another key proposal from Schaldemose was turning off by default platforms’ recommender systems, the algorithm that personalises user experience. The initiative did not receive sufficient support, so a compromise was found in obliging very large online platforms to provide an alternative recommender system not based on profiling.
Users would also be able to modify the preferences used by the algorithm at any time and the platforms will need to explain the criteria and objective of the personalisation in a clear manner.
The European Commission and the national authorities, gathered in a board, are to lead the development of codes of conduct, voluntary tools intended to facilitate compliance to the law, notably to address illegal content or systemic risks “avoiding negative effects on fair competition, data access and security.”
While the DSA introduces transparency obligations for platforms to explain their inner working, a sensitive point related to the protection of trade secrets and intellectual property rights.
“Everything will become a trade secret,” warned the Facebook whistleblower Frances Haugen in her hearing to the European Parliament last month, a sentiment shared by several NGOs that consider this exemption might provide a loophole for platforms to continue to operate as a black box.
Explicit mentions of trade secrets were removed from the provisions on access to data, but the preamble continues to specify access to data should be proportionate to the protection of “trade secrets and other confidential information.”
New obligations were introduced to target deepfake, a piece of content that replaces a person with someone else’s likeness. If very large online platforms become aware of such manipulated content, they need to clearly label it accordingly.
Following the IMCO adoption, the DSA is to be voted during the plenary session in January, where more amendments are expected.