What it could mean for you.
The Digital Services Act (DSA) is a proposed piece of European Union (EU) legislation that could have a disruptive impact on the digital economy.
It is designed to provide greater protection for consumers and businesses when using digital services, particularly those that operate across borders. It could also change the way digital services are regulated, leading to greater compliance for companies and more control for consumers.
Understanding the implications of the Digital Services Act regulation and how it might affect you is important. This article will provide an overview of the DSA and explain what it could mean for consumers and businesses in the EU.
What Is The Digital Services Act?
The Digital Services Act is a proposed piece of legislation designed to provide greater protection for consumers and businesses when using digital services, particularly those that operate across borders.
It could also change the way digital services are regulated, leading to greater compliance for companies and more control for consumers.
The DSA is being developed as a proposed update to the eCommerce Directive (ECD), which regulates online services within the EU.
The ECD has been in place since the early 2000s and hasn’t kept pace with the evolution of digital services. The DSA aims to update and strengthen the ECD by closing regulatory loopholes, providing greater clarity to businesses, consumers, and regulatory bodies and improving trust in digital interactions.
It is intended to be a “one size fits all” regulation, designed to work across EU member states.
Overview Of The DSA
The digital services act and digital markets act (DSA) will cover three key areas: Consumer rights and control, Business obligations, and clarification of the regulatory framework.
The DSA aims to provide consumers with a greater level of control over their digital data, by ensuring they are able to access, correct and delete their information where they choose and be provided with greater transparency around how companies use their data.
It will require businesses to act transparently when dealing with customers and provide customers with better information about their services. It will also require businesses to improve their data security practices, reducing the risk of data breaches.
The DSA will introduce new obligations for digital service providers (DSPs), outlining how they should protect the security of their customers’ data, ensure their services are transparent, provide customers with control over their data and provide access to digital services that are fit for purpose.
It will enable greater enforcement of EU data protection rules, improving trust in digital services across the region.
What will The DSA Cover?
The Digital Services Act aims to cover a broad range of digital services, including online retail and travel, online financial services, online advertising and social media, online content platforms, online search engines and data portability.
The DSA covers all services provided digitally and accessed digitally, such as booking travel or purchasing goods online. It also covers services provided digitally, such as customer service, marketing and content platforms, as well as those provided remotely, such as cloud services.
The DSA will provide greater detail on the regulatory framework in which digital services operate, particularly in relation to data protection. This will replace the current patchwork of national laws with a single set of EU-wide rules applicable to all digital service providers across the region.
This will allow businesses to provide their goods and services across the EU with greater certainty, reducing complexity for organizations and increasing trust in digital services.
It will also enable greater cooperation between regulatory bodies, providing consumers in all EU member states with a consistent level of protection.
How Will It Affect Consumers
The Digital Services Act will introduce new rights and obligations for all EU citizens, regardless of where they live. It will introduce a Digital Right to Access, which will enable consumers to access their personal data from the DSPs that hold it.
They will be required to provide appropriate justification for this access, which may include correcting inaccurate data or removing data where it is no longer required by the DSP.
The DSA will introduce a Digital Right to Understand, which will require DSPs to provide customers with a standardized, clear and easily accessible way to understand how their data is used, as well as the consequences of not providing it.
It will also introduce a Digital Right to Data Portability, allowing consumers to transfer their data from one service to another.
How will the DSA affect businesses?
The DSA will introduce new obligations on businesses that offer digital services to their customers across the EU. These businesses will be required to comply with the new EU data protection rules, which will introduce a number of new rules and obligations.
For example, businesses will be required to appoint a Data Protection Officer (DPO) where their core activities consist of regular and systematic monitoring of individuals for the purposes of behavioural advertising, online profiling or other forms of processing that carries a significant risk to the rights and freedoms of individuals.
The DSA will require businesses to take greater responsibility for protecting the data of their customers. It will require businesses to put in place appropriate measures to ensure their data is secure and only used for the purposes for which it was provided.
It will also require them to provide customers with clear information about how they collect and process their personal data.
What Are The Implications?
Implications for EU Data Protection
The Digital Services Act will replace the current EU data protection framework and impose a single set of rules across the EU.
It will provide a common understanding of the data protection rules and expectations across the EU, providing a consistent level of protection for individuals’ data.
This will reduce complexity for businesses operating across the region, enabling them to provide their goods and services with greater certainty and provide customers with a consistent level of protection across the EU.
The DSA will increase the level of data protection across the EU by imposing a higher standard of data security on businesses that hold the personal data of their customers.
It will introduce a General Data Protection Regulation (GDPR), which will replace the current Data Protection Directive (DPD).
The GDPR will introduce increased sanctions for businesses found not to be complying with the new rules, such as fines of up to €20 million or 4% of annual global turnover.
It will also introduce a number of new data protection rules, including extending the rules governing the rights of data subjects to include children under 16, broader and stricter rules governing international data transfers, and stricter rules governing the processing of special categories of data.
Impact of the DSA on Digital Services
The DSA will provide greater protection for individuals’ data and greater trust in businesses that provide digital services across the EU.
It will provide a more consistent level of protection for individuals’ data across the region, reducing complexity for businesses that operate across borders and providing greater trust in digital services across the region.
The DSA will enable greater enforcement of data protection rules across the EU, improving trust in businesses that hold and use the personal data of individuals and increasing the level of protection for data across the region.
It will provide a more consistent level of protection across the EU, reducing complexity for businesses that operate across the region and enabling greater trust in digital services across the region.
How can businesses prepare for the DSA?
Businesses operating in the EU and those that provide digital services to customers across the region should begin preparing for the DSA and the GDPR now.
This means ensuring they are compliant with the existing EU data protection rules, as well as the proposed GDPR, and have appropriate measures in place to protect the data of their customers.
Such measures may include data security, increasing transparency around data processing and making it easier for customers to manage their data, including data deletion.
Businesses should also be aware of and understand the implications of the proposed DSA for their operations and be ready to comply with its requirements when it comes into force.
More generally, businesses should ensure they are compliant with the data protection rules that currently apply and be ready to comply with the proposed GDPR when it comes into force.
They should also closely monitor the progress of the DSA and be ready to adapt their operations as necessary when the legislation comes into force, including altering their data processing practices to comply with the new rules.
Digital services act official journal:
Digital services act proposal: