The 19 named platforms are: AliExpress, Amazon Store, AppStore, Bing, Booking, Facebook, Google Maps, Google Play, Google Search, Google Shopping, Instagram, LinkedIn, Pinterest, Snapchat, TikTok, Twitter, Wikipedia, YouTube and Zalando.
The criterion to be designated as a gatekeeper (i.e. a large online platform or large online search engine) is to have more than 45 million monthly active users in the EU. Platforms were required to report their numbers to the European Commission in February 2023. After that the European Commission began its work on designating the gatekeepers. The EU considers these large platforms and search engines as gatekeepers, as due to the number of their users they should set the example for the others. For this reason, the European Commission believes they have a huge responsibility when it comes to influencing other digital services providers.
Thus the gatekeepers were obliged to comply with stricter rules by 25 August 2023 or be exposed to fines of up to 10 % of their global annual turnover – considerably more than the fines introduced under the GDPR.
Strict rules for gatekeepers
The strict obligations applicable to gatekeepers include: (i) more user empowerment (e.g. users must be able to report illegal content easily, and companies must react accordingly, the users must have mechanisms to opt out from the recommendation system based on profiling); (ii) strong protection of minors (e.g. targeted advertising to minors is prohibited); (iii) more diligent content moderation, less disinformation (e.g. platforms must have mechanisms for users to flag illegal content); and (iv) more transparency and accountability (e.g. platforms must ensure that risk assessments of their platforms are externally audited).
Like the GDPR, the DSA has an overreaching effect. First, it applies to all EU Member States, and second, it applies to online service providers who are not established in the EU but offer their services to persons/entities who are established or located in the EU. In that sense, the DSA has the same principle of extraterritorial application as the GDPR and could also be applicable to online service providers located outside the EU, hence even in Serbia.
Serbia is still far behind the EU's legislative framework for online services. The only legislation in force is the Act on Electronic Trade, which superficially regulates the services of online society. Irrespective of the Act on Electronic Trade, online service providers who are offering services in the EU should pay attention to the DSA, especially considering the shocking level of fines they could face.