The Digital Services Act (“DSA”) is nearing final approval. The DSA imposes new rules on providers of intermediary services (e.g., cloud services, file-sharing services, search engines, social networks and online marketplaces). As we reported in July, the European Parliament voted to adopt the DSA on 5 July 2022. As we wait for the Council to adopt it, there have been a couple of updates in recent weeks, which we set out below. We will keep this blog updated as the finish line approaches.

Corrigendum to the DSA

On 12 September 2022, the European Parliament voted on a corrigendum to the DSA, which includes a number of edits to the text that was agreed in June. These edits primarily reflect changes introduced by lawyer-linguists to clarify and refine the text’s wording, and to fix numbering issues. Notably, the edits state that online search engines are “intermediary services.” The corrigendum was deemed approved on 14 September 2022.

Commission Announces Plans to Adopt Implementing Acts

The DSA empowers the Commission to adopt implementing acts concerning practical arrangements for:

  • the proceedings in Articles 69 (Power to conduct inspections) and 72 (Monitoring actions) (Article 83(a));
  • the hearings in Article 79 (Right to be heard and access to the file) (Article 83(b)); and
  • the negotiated disclosure of information provided for in Article 79(Right to be heard and access to the file) (Article 83(c)).

The Commission has announced that it is currently preparing an implementing regulation laying down rules on “all procedural practical arrangements in Article 83 of DSA,” and intends to adopt it in the fourth quarter of 2022.

Next Steps

The Council intends to adopt the DSA in a meeting of the Economic and Financial Affairs Council on 4 October 2022. Once adopted, the DSA will be published in the Official Journal of the EU. Companies won’t be expected to comply until 1 January 2024, or 15 months and 20 days after the date on which the DSA is published in the Official Journal of the EU, whichever is later. Very large online platforms will be required to comply 4 months after they are designated as such.

* * *

The Covington team is advising many clients on how to prepare for complying with the DSA and other legislative proposals affecting technology companies. Please reach out to a member of the team if you have any questions.

Photo of Lisa Peets Lisa Peets

Lisa Peets leads the Technology Regulatory and Policy practice in the London office and is a member of the firm’s Management Committee. Lisa divides her time between London and Brussels, and her practice embraces regulatory counsel and legislative advocacy. In this context, she…

Lisa Peets leads the Technology Regulatory and Policy practice in the London office and is a member of the firm’s Management Committee. Lisa divides her time between London and Brussels, and her practice embraces regulatory counsel and legislative advocacy. In this context, she has worked closely with leading multinationals in a number of sectors, including many of the world’s best-known technology companies.

Lisa counsels clients on a range of EU law issues, including data protection and related regimes, copyright, e-commerce and consumer protection, and the rapidly expanding universe of EU rules applicable to existing and emerging technologies. Lisa also routinely advises clients in and outside of the technology sector on trade related matters, including EU trade controls rules.

According to the latest edition of Chambers UK (2022), “Lisa is able to make an incredibly quick legal assessment whereby she perfectly distils the essential matters from the less relevant elements.” “Lisa has subject matter expertise but is also able to think like a generalist and prioritise. She brings a strategic lens to matters.”

Photo of Shona O'Donovan Shona O'Donovan

Advising clients on a broad range of data protection, e-privacy and online content issues under EU, Irish, and UK law, Shóna O’Donovan works with her clients on technology regulatory and policy issues.
With multi-jurisdictional and in-house experience, Shóna advises global companies on complying…

Advising clients on a broad range of data protection, e-privacy and online content issues under EU, Irish, and UK law, Shóna O’Donovan works with her clients on technology regulatory and policy issues.
With multi-jurisdictional and in-house experience, Shóna advises global companies on complying with data protection laws in the EU. In particular, she represents organizations in regulatory investigations and inquiries, advises on children’s privacy issues and provides strategic advice on incident response. Shóna also advises clients on policy developments in online content and online safety.

In her current role, Shóna has gained experience on secondment to the data protection team of a global technology company. In a previous role, she spent seven months on secondment to the European data protection team of a global social media company.

Shóna’s recent pro bono work includes providing data protection advice to the International Aids Vaccine Initiative and a UK charity helping people with dementia, and working with an organization specializing in providing advice to states involved in conflict on documenting human rights abuses.

Photo of Anna Oberschelp de Meneses Anna Oberschelp de Meneses

Anna Sophia Oberschelp de Meneses is an associate in the Data Privacy and Cybersecurity Practice Group.  Anna is a qualified Portuguese lawyer, but is both a native Portuguese and German speaker.  Anna advises companies on European data protection law and helps clients coordinate…

Anna Sophia Oberschelp de Meneses is an associate in the Data Privacy and Cybersecurity Practice Group.  Anna is a qualified Portuguese lawyer, but is both a native Portuguese and German speaker.  Anna advises companies on European data protection law and helps clients coordinate international data protection law projects.  She has obtained a certificate for “corporate data protection officer” by the German Association for Data Protection and Data Security (“Gesellschaft für Datenschutz und Datensicherheit e.V.”). She is also Certified Information Privacy Professional Europe (CIPPE/EU) by the International Association of Privacy Professionals (IAPP).  Anna also advises companies in the field of EU consumer law and has been closely tracking the developments in this area.  Her extensive language skills allow her to monitor developments and help clients tackle EU Data Privacy, Cybersecurity and Consumer Law issues in various EU and ROW jurisdictions.