This week, European Parliament held the final vote on their long-awaited Digital Services Act (DSA) and Digital Markets Act (DMA). With a resounding majority saying yes to these new landmark rules, supporters of the legislation feel they have taken important steps towards tackling the spread of illegal content online and protecting the fundamental rights of citizens online with a prescriptive set of standards. 

Based on the premise that what is illegal offline should also be illegal online, the DSA sets out a clear set of requirements for digital service providers as well as some additional obligations for those online platforms with 45 million or more monthly users.  

As we review the current proposals in Canada regarding more transparency and tighter controls around the use of data and AI, it is important for us to keep informed on what might become a question of international adequacy as we saw with the GDPR.  

The newly passed DSA requires: 

• New measures to counter illegal content online and obligations for platforms to react quickly, while respecting fundamental rights, including the freedom of expression and data protection. 
• Strengthened traceability and checks on traders in online marketplaces to ensure products and services are safe; including efforts to perform random checks on whether illegal content resurfaces. 
• Increased transparency and accountability of platforms, by providing clear information on content moderation or the use of algorithms for recommending content (users will be able to challenge content moderation decisions. 
• Bans on misleading practices and certain types of targeted advertising, such as those based on sensitive data or targeting children. Misleading practices designed to manipulate a user’s choice will also not be allowed. 

Meanwhile, the DMA sets obligations for those large platforms categorized as gatekeepers (those with 45 million or more monthly users) in order to ensure a fairer business environment and greater access to a broader range of services for consumers non-compliance will carry fines up to 10% of total global revenue in the preceding year or up to 20% in the case of repeated non-compliance. You can read more about the DMA here. 

Once Council formally adopts both acts (expected anytime between July and September 2022) they will be published in the EU Official Journal and enter into force twenty days later. The DSA will be applicable across the EU and will apply fifteen months or from 1 January 2024 (whichever comes later) after the entry into force. Meanwhile the obligations for gatekeepers will kick in earlier, four months after they have been designated as such by the Commission. The DMA will apply six months following its entry into force and gatekeepers will have a maximum of six months after they have been designated to comply with the new obligations. 

IAB Canada continues to work with IAB Europe on key developments around privacy and other relevant policy files and will keep our members informed. If you have any questions, please reach out to policy@iabcanada.com.