Digital Security Act changes rights and obligations in the online world

Digital Security Act changes rights and obligations in the online world
In recent years, many services have moved online. Almost anything can be bought from the comfort of home these days, and sharing information to a wide range of people is just a click away. That is why the European Union has taken steps to make the online environment more secure, trustworthy, transparent and predictable across its Member States.
The Digital Security Act (DSA)

The Digital Security Act (the "Regulation" or "DSA") is a European Union regulation for operators of platforms such as Youtube, Instagram, Allegro and other similar services.. The Regulation came into force on 17 February 2024.  

The aim of the DSA is to respond to the dynamic development of online platforms and services and the increase in the number of people using these services in their daily lives. The modernization and improvement of the regulatory framework for digital services in the European Union focuses on stronger user protection in the online environment, including transparency, limiting misinformation, reporting mechanisms for illegal content and other obligations – all of which the European Union expects from the Regulation.

What are digital services?

The DSA applies to what it calls 'digital services'. These are various online platforms and services including social networks, online marketplaces, hosting, etc. Realistically, we can think of these as: 

Public WiFi networks or VPNs

Accommodation and travel platforms

Social media

Platforms for sharing information

Shopping platforms

Cloud computing services

Internet search engines

Reverse proxy servers

Who is affected by the DSA?

The regulation affects a wide range of digital service providers. Providers of individual services must respect the obligations imposed by the Regulation from 17 February 2024. These services then include simple transmission services, caching services and hosting services.

The principle of the DSA requirements

A specific feature of the Regulation is the introduction of asymmetric rules. The obligations do not apply equally to all entities but depend on the social and economic impact of the intermediary in question. Obligations are thus divided into certain groups, and gradually escalate.  

Additional obligations will apply to operators of very large online platforms and search engines. Specifically, these are entities that have an average monthly number of active recipients of their services of at least 45 million. They will then be labelled as very large operators by the European Commission. The current list of all thewentities can be found here.

Some of the very large operators include LinkedIn, Booking.com, YouTube, Zalando and Google.

Specific obligations according to the DSA

The greatest emphasis is placed on the obligation of transparency and information sharing, whether in terms of publishing contact details, information on content moderation procedures or rules for handling complaints. These obligations apply to all intermediaries.

With the DSA Regulation, we also have two new statutes. The positions of trusted whistleblower and vetted researcher are designed to review content and detect systemic risks.

Role of the Czech Telecommunications Office 

The Regulation imposes obligations not only on private parties but also on Member States, which should designate a body to supervise compliance with the Regulation. This national coordinator of digital services should be the Czech Telecommunications Office, as is clear from the draft Digital Economy Act currently before the Government for discussion.

Get ready

We can help you to prepare your company for the new legislative requirements.

More articles

Deepfakes have become a common tool in the hands of attackers due to rapid advancements in artificial intelligence. How can companies effectively defend themselves against them?
Bigger responsibility for top management in cybersecurity also means stricter penalties. What will attract the highest fines?
The new Cybersecurity Act will significantly affect the responsibilities and duties of top management. What will top management be responsible for?

Newsletter

Do you want to be sure that your company is protected from cyber threats and at the same time comply with the applicable legislation? Sign up for the newsletter and get practical advice from our legal consultants.

By clicking submit, you consent to the processing of your personal data for marketing purposes.