you are being redirected

You will be redirected to the website of our parent company, Schönherr Rechtsanwälte GmbH :

27 September 2023

The EU Digital Services Act: 19 designated online platforms have completed their last-minute compliance preparations, Serbia is just looking over its shoulder

While most provisions of the EU Digital Services Act ("DSA") will not begin to apply until February 2024, the EU Commission has nevertheless designated 19 "very large online platforms" and "very large search engines" – so-called gatekeepers – for which the strictest rules under the DSA took effect on 25 August this year.

The gatekeepers

The 19 named platforms are: AliExpress, Amazon Store, AppStore, Bing, Booking, Facebook, Google Maps, Google Play, Google Search, Google Shopping, Instagram, LinkedIn, Pinterest, Snapchat, TikTok, Twitter, Wikipedia, YouTube and Zalando.

The criterion to be designated as a gatekeeper (i.e. a large online platform or large online search engine) is to have more than 45 million monthly active users in the EU. Platforms were required to report their numbers to the European Commission in February 2023. After that the European Commission began its work on designating the gatekeepers. The EU considers these large platforms and search engines as gatekeepers, as due to the number of their users they should set the example for the others. For this reason, the European Commission believes they have a huge responsibility when it comes to influencing other digital services providers.

Thus the gatekeepers were obliged to comply with stricter rules by 25 August 2023 or be exposed to fines of up to 10 % of their global annual turnover – considerably more than the fines introduced under the GDPR.

Strict rules for gatekeepers

The strict obligations applicable to gatekeepers include: (i) more user empowerment (e.g. users must be able to report illegal content easily, and companies must react accordingly, the users must have mechanisms to opt out from the recommendation system based on profiling); (ii) strong protection of minors (e.g. targeted advertising to minors is prohibited); (iii) more diligent content moderation, less disinformation (e.g. platforms must have mechanisms for users to flag illegal content); and (iv) more transparency and accountability (e.g. platforms must ensure that risk assessments of their platforms are externally audited).

Extraterritorial application

Like the GDPR, the DSA has an overreaching effect. First, it applies to all EU Member States, and second, it applies to online service providers who are not established in the EU but offer their services to persons/entities who are established or located in the EU. In that sense, the DSA has the same principle of extraterritorial application as the GDPR and could also be applicable to online service providers located outside the EU, hence even in Serbia.

Serbia is still far behind the EU's legislative framework for online services. The only legislation in force is the Act on Electronic Trade, which superficially regulates the services of online society. Irrespective of the Act on Electronic Trade, online service providers who are offering services in the EU should pay attention to the DSA, especially considering the shocking level of fines they could face.