The Digital Services Act (“DSA”) is nearing final approval. The DSA imposes new rules on providers of intermediary services (e.g., cloud services, file-sharing services, search engines, social networks and online marketplaces). As we reported in July, the European Parliament voted to adopt the DSA on 5 July 2022. As we wait for the Council to adopt it, there have been a couple of updates in recent weeks, which we set out below. We will keep this blog updated as the finish line approaches.

Corrigendum to the DSA

On 12 September 2022, the European Parliament voted on a corrigendum to the DSA, which includes a number of edits to the text that was agreed in June. These edits primarily reflect changes introduced by lawyer-linguists to clarify and refine the text’s wording, and to fix numbering issues. Notably, the edits state that online search engines are “intermediary services.” The corrigendum was deemed approved on 14 September 2022.

Commission Announces Plans to Adopt Implementing Acts

The DSA empowers the Commission to adopt implementing acts concerning practical arrangements for:

  • the proceedings in Articles 69 (Power to conduct inspections) and 72 (Monitoring actions) (Article 83(a));
  • the hearings in Article 79 (Right to be heard and access to the file) (Article 83(b)); and
  • the negotiated disclosure of information provided for in Article 79(Right to be heard and access to the file) (Article 83(c)).

The Commission has announced that it is currently preparing an implementing regulation laying down rules on “all procedural practical arrangements in Article 83 of DSA,” and intends to adopt it in the fourth quarter of 2022.

Next Steps

The Council intends to adopt the DSA in a meeting of the Economic and Financial Affairs Council on 4 October 2022. Once adopted, the DSA will be published in the Official Journal of the EU. Companies won’t be expected to comply until 1 January 2024, or 15 months and 20 days after the date on which the DSA is published in the Official Journal of the EU, whichever is later. Very large online platforms will be required to comply 4 months after they are designated as such.

* * *

The Covington team is advising many clients on how to prepare for complying with the DSA and other legislative proposals affecting technology companies. Please reach out to a member of the team if you have any questions.

Photo of Lisa Peets Lisa Peets

Lisa Peets is co-chair of the firm’s Technology and Communications Regulation Practice Group and a member of the firm’s global Management Committee. Lisa divides her time between London and Brussels, and her practice encompasses regulatory compliance and investigations alongside legislative advocacy. For more…

Lisa Peets is co-chair of the firm’s Technology and Communications Regulation Practice Group and a member of the firm’s global Management Committee. Lisa divides her time between London and Brussels, and her practice encompasses regulatory compliance and investigations alongside legislative advocacy. For more than two decades, she has worked closely with many of the world’s best-known technology companies.

Lisa counsels clients on a range of EU and UK legal frameworks affecting technology providers, including data protection, content moderation, artificial intelligence, platform regulation, copyright, e-commerce and consumer protection, and the rapidly expanding universe of additional rules applicable to technology, data and online services.

Lisa also supports Covington’s disputes team in litigation involving technology providers.

According to Chambers UK (2024 edition), “Lisa provides an excellent service and familiarity with client needs.”

Read more about Lisa Peets
Show more Show less
Photo of Shona O'Donovan Shona O'Donovan

Shóna O’Donovan is an associate in the technology regulatory group in the London office. She advises clients, particularly in the technology industry, on a range of data protection, e-privacy, intermediary liability and online content issues under EU, UK, and Irish law.

Shóna provides…

Shóna O’Donovan is an associate in the technology regulatory group in the London office. She advises clients, particularly in the technology industry, on a range of data protection, e-privacy, intermediary liability and online content issues under EU, UK, and Irish law.

Shóna provides strategic advice to companies on complying with data protection, e-privacy and online content laws, as well as defending organizations in cross-border, contentious investigations and regulatory enforcement before EU and UK regulators. In this context, she has represented clients in responding to regulatory requests relating to their compliance with the GDPR, the ePrivacy Directive, the Digital Services Act, the Audiovisual Media Services Directive and the Online Safety Act 2023. She also regularly advises clients on how these laws intersect with one another.

In her current role, Shóna gained experience on secondment to the data protection team of a global technology company. In a previous role, she spent seven months on secondment to the European data protection team of a global social media company.

Shóna co-leads Covington’s pro bono work with the Schools Consent Project, and regularly delivers workshops on sexual consent in schools across London. She also regularly provides pro bono advice to non-profits on complying with data protection laws.

Read more about Shona O'Donovan
Show more Show less
Photo of Anna Sophia Oberschelp de Meneses Anna Sophia Oberschelp de Meneses

Anna Sophia Oberschelp de Meneses is special counsel in the Data Privacy and Cybersecurity Practice Group.

Anna is a qualified Portuguese lawyer, but is both a native Portuguese and German speaker.

Anna advises companies on European data protection law and helps clients coordinate…

Anna Sophia Oberschelp de Meneses is special counsel in the Data Privacy and Cybersecurity Practice Group.

Anna is a qualified Portuguese lawyer, but is both a native Portuguese and German speaker.

Anna advises companies on European data protection law and helps clients coordinate international data protection law projects.

She has obtained a certificate for “corporate data protection officer” by the German Association for Data Protection and Data Security (“Gesellschaft für Datenschutz und Datensicherheit e.V.”). She is also Certified Information Privacy Professional Europe (CIPPE/EU) by the International Association of Privacy Professionals (IAPP).

Anna also advises companies in the field of EU consumer law and has been closely tracking the developments in this area.

Her extensive language skills allow her to monitor developments and help clients tackle EU Data Privacy, Cybersecurity and Consumer Law issues in various EU and ROW jurisdictions.

Read more about Anna Sophia Oberschelp de MenesesAnna Sophia's Linkedin Profile
Show more Show less