Notice: Further to the position paper of their respective European associations1, this document constitutes the Luxembourg Chamber of Commerce's and FEDIL's additional contribution to the proposal for a regulation on a Single Market for Digital Services ("Digital Services Act") and amending Directive 2000/31/EC (hereafter referred to as the "DSA").
Before exposing our priority concerns, supported by an in-depth analysis (II), we would like to outline our general overview of the European Commission's proposal (I).
I. GENERAL OVERVIEW OF THE PROPOSAL
The Luxembourg Chamber of Commerce and FEDIL fully support the overall objective of the proposal to "(a) contribute to the proper functioning of the internal market for intermediary services; (b) set out uniform rules for a safe, predictable and trusted online environment, where fundamental rights enshrined in the Charter are effectively protected."
We particularly endorse the proposed maintenance of the core principles of the eCommerce Directive with a proven track-record, such as the country-of-origin principle and the absence of general monitoring obligations, as well as the tailored approach to requirements for different types of digital services.
We also support the decision to extend the scope of the proposed regulation beyond the borders of the Union by targeting providers established in third countries when they offer services on the territory of the Union. Still, the DSA's "level playing field" remains to be confirmed by the ability of national authorities to enforce the measures as set out in the DSA. For instance, the text at present refers only to the point of contact of the representative of a European company, without also referring to the legal representative of a third country company. Even though the recitals of the DSA indicate that "[i]t should be possible for the legal representative to also function as point of contact, provided the relevant requirements of this Regulation are complied with", we think that this needs to be rectified in order to avoid significant disadvantages for European companies.
We would like to note however, that the DSA will add on to an increasing complexity of legislation affecting businesses, requiring them to enact new policies, processes and reporting frameworks. While some businesses have the resources to quickly adapt to the changing regulatory landscape and thereby benefit from a real market advantage, European SMEs may find it more burdensome, for instance, to publish annual content moderation reports. In the current context, companies face an important challenge to overcome the COVID-19 pandemic rapidly and effectively. Businesses are already grappling with increasingly complex regulations and especially SMEs, are spending most of their resources to apply new rules rather than investing in innovation and jobs. We can hardly estimate the implementation costs for SMEs but anticipate that many will require the help of specialized legal counsels to determine into which category some of their services might fall and, as a consequence, which additional obligations will apply to them. The right balance needs to be stricken between the difficult situation in which many companies find themselves and the introduction of additional financial or administrative burdens. Therefore, we believe it is essential that the DSA does not establish obligations that could lead to unnecessary administrative burdens.
II. PRIORITY CONCERNS
CROSS BORDER ORDERS
A) General : the provisions of articles 8 & 9
Article 8 of the DSA requires all providers of intermediary services falling under the scope of the DSA to cooperate with competent national judicial or administrative authorities and to follow-up on any instruction from them to act against illegal content. Article 9, in its turn, provides for the obligation of such providers to communicate, to these same authorities, the information relating to a user that may be requested of them in accordance with national or European legislation.
In practice, these articles shall mainly allow the relevant authorities of a Member State to address orders to a provider of intermediary services established in another Member State, without first requesting from the Member State of establishment to take measures in this respect.
B) The considerations of the European Commission and its proposal
The European Commission has laid out in the recitals of the DSA the rationale behind these two articles and it has further elaborated on this subject matter in the context of multilateral meetings with the different Member States and also via communications of its officials involved in this dossier.
The European Commission has outlined its considerations and objectives in respect of those articles, which were inter alia as follows:
Article 8 in particular "should constitute the appropriate basis for the development of robust technologies to prevent the reappearance of illegal information, accompanied with the highest safeguards to avoid that lawful content is taken down erroneously2", it being noted that this article is expected to encourage Member States to develop -on a voluntary basis- agreements which would ultimately allow reaching the above goals.
The conditional liability regime of the intermediary services providers should not affect the possibility of orders by courts or administrative authorities requiring the removal of illegal content specified in such orders.
The national laws on the basis of which orders are issued by national judicial or administrative authorities differ considerably.
2. The Commission's proposal based on articles 8 & 9
The European Commission has introduced articles 8 and 9 as a solution to the above issues; the novelty of these articles consists in (i) expressly allowing the issuance of orders to intermediary services providers (to act against certain specific items of illegal content or to provide certain specific items of information) by national authorities of the country of destination concerning certain specific items of illegal content on the basis of their existing national laws or Union law without first soliciting the competent authority of the country of establishment of the relevant provider, and (ii) standardizing the formalities of issuance of orders relating to illegal content by national authorities.
C) Our considerations and suggestions
1. Harmonization of cross-border orders
On a preliminary note, we would wish to state that we welcome the European Commission's acknowledgment of the existence of legal and regulatory fragmentation and of the limitations imposed by it, and we fully support the intention to harmonize all relevant procedural aspects and encourage Member States to undertake actions ultimately leading to seamless tackling of illegal content across the European Union.
We would however wish to highlight certain issues and give our suggestions. In particular:
Articles 8 and 9 are not empowering provisions and the DSA should clearly indicate that: The European Commission clarifies in the recitals of the DSA that articles 8 and 9 do not constitute an additional legal basis for action of national authorities and that their objective is to merely harmonize the procedural aspects of any measures that are provided for under other legal acts in the various Member States. This is indeed consistent with the legal basis of the DSA, being article 114 TFUE.
We suggest slightly amending current articles 8 and 9 in order for the latter to clearly and unequivocally provide that no additional enforcement measures to the ones existing in virtue of other legal instruments currently in force are thereby introduced.
The DSA encourages full harmonization to tackle fragmentation of laws: The actual application of articles 8 and 9 of the DSA depends on whether national laws contain already empowering provisions allowing the issuance of the orders referred to therein against providers of intermediary services falling under the personal scope of the DSA. If this is not the case, then articles 8 and 9 simply cannot apply. This situation illustrates once again the fragmentation of substantive laws within the Union.
Consequently, it does not seem certain how the fragmentation issue will be resolved based on articles 8 and 9, which -as indicated above- merely harmonize the procedural aspects of any such national orders. The DSA aims at creating a framework so that any content defined by a national authority as illegal is treated in a uniform manner in the different countries of the Union by encouraging Member States to take measures to harmonize their proper substantive rules in virtue of bilateral or multilateral agreements in those cases where either the national laws diverge or a matter is not dealt with by EU law. While we do not preclude that Member States might in the future take such measures, nonetheless no solution to the fragmentation of national laws is offered by the DSA on a standalone basis, and as such we are not certain of whether articles 8 and 9 are the adequate or (especially) sufficient regulatory response to the problem.
Enforcement-related issues: As far as the territorial scope of the orders to act against illegal content is concerned, it also depends on the applicable Union or national law enabling the ? issuance of the order. As per recital (31) of the DSA, "where the order referring to the specific information may have effects beyond the territory of the Member State of the authority concerned, the authority should assess whether the information at issue is likely to constitute illegal content in other Member States concerned and, where relevant, take account of the relevant rules of Union law or international law and the interests of international community".
Considering the absence of a system for recognition of administrative decisions3 within the Union, the enforceability of orders issued from administrative authorities remains uncertain. Whilst we recognize the importance of this provision in tackling illegal content in a definite fashion, it seems that its efficiency is still fully dependent on international cooperation and common understanding of individual rights, rather than the simple and sole implementation of the DSA.
Additional orders issued by national authorities: The DSA sets out a list of formal requirements that the orders need to meet. Considering that a foreign authority can henceforth issue them directly to the intermediary services provider established in another Member State, as well as the possibility of a broad territorial scope, we suggest providing for a few additional requirements with the goal to allow recipients of the order to verify its provenance and legally binding nature, which shall in turn create more legal certainty for all parties and enhance compliance.
Further, intermediaries shall provide information upon receipt of the request to do so from a national judicial or administrative body. Such orders to provide information have also been proposed and are in the final stages of the negotiation of the e-evidence regulation. Hence, intermediary services providers would see the number of potential requests for information from other Member States increase. It is essential to avoid divergent requirements for service providers when responding to authorities' requests and orders to produce information. Therefore, article 9 of the DSA -if kept- should be perfectly aligned to future legislation.
2. Country of origin principle
How the country of origin principle is affected: The country of origin principle generally dictates that (i) each Member State shall ensure that the information society services provided by a service provider established on its territory comply with the national provisions applicable in the Member State in question which fall within the coordinated field, and (ii) Member States may not, for reasons falling within the coordinated field, restrict the freedom to provide information society services from another Member State.
The implementation of the DSA will entail that (i) intermediary services providers will be subject to the laws of the country of destination as regards illegal content, and in addition to that, and as explained hereinabove, (ii) orders can be henceforth addressed directly to the intermediary services providers by the authorities of the country of destination without prior intervention of the authorities of the country of establishment. If the system of general derogations to the country of origin applied in this respect, the country of destination would be required to justify such measures based on article 3§4 of the eCommerce Directive, as currently in force.
However, in accordance with the recital (33) of the DSA, the action to take down illegal content does not necessarily imply that the whole service in question is restricted, and therefore the internal market clause does not need to apply. Based on the above analysis according to which the country of origin principle needs not apply, an order can be issued without its being justified for reasons of public policy, etc4., and without being mandatory to have the authorities of the country of establishment of the provider take such measures to tackle the illegal content beforehand. Providers have expressed their concerns. In particular:
a) Definition of a content as "illegal" and differences across the EU: As long as the issue of fragmentation of national laws is not properly addressed (and we believe that this is difficult to achieve in general), it is an extremely difficult task for certain categories of providers to have absolute legal certainty as to what is illegal and in which of the countries where services are rendered. The same content may not be illegal in the country of origin of the online intermediary, but it may be indeed illegal in the country where is established the court or national authority issuing an order. Should the provider remove such a content and if yes, in which country(ies)?
b) The limitations of tackling illegal content ex ante: The answer to the above queries is easy once an order has been already received; in such a case, the provider will abide by the order and thus remove the relevant content. The above queries however regain their importance as regards the strategy that intermediary services providers shall need to adopt in order to avoid issuance of such orders. In light of the legal and regulatory framework in question, what are the options available for providers without the appropriate resources, both in terms of personnel and infrastructure, to allow them to passively prevent illegal content from being transmitted or hosted by them and -at the same time- processing received orders in the most efficient manner for all parties involved. In this respect, we welcome that the liability exemptions remain intact when providers of intermediary services carry out voluntary own-initiative investigations (Article 6). Providers are thereby encouraged to actively engage in illegal content moderation before they receive actual knowledge thereof.
However, this should be made clearer to avoid the risk of geo-blocking and over-removal of content that might not be illegal in all the Member States:
In light of the fragmentation of substantive law and the DSA system of due diligence obligations, in order to avoid orders from being issued and ensure that the provider shall not incur any liability for illegal content, providers might have recourse to geo-blocking to control content ex ante. ?
In light of the costs of monitoring the illegality of content in all the Member States, providers might remove ex ante the content from all Member States of destination upon a first order (or upon notification/flagging of content under other provisions of the DSA) being addressed to them by one national authority. Lawful content may thus be removed in the process, perhaps even affecting fundamental rights of EU citizens such as freedom of speech. In our view, this is not a harmonization deemed fit.
In conclusion, sufficient level of predictability and certainty should be granted to intermediary services providers, in order to help them develop appropriate strategies to tackle illegal content online. Allowing for more certainty in this respect, the DSA will better achieve its objectives.
CODES OF CONDUCT AND HARMFUL CONTENT
A) The considerations of the European Commission and its proposal in respect of articles 26 and 35
Article 26 proposes a specific additional due diligence obligation for VLOPs. VLOPs would have to conduct risk assessments on the systemic risks in relation with the functioning and use of their online services.
Article 35 foresees the possibility to develop codes of conduct to contribute to the application of the DSA. The codes of conduct shall take into account the challenges linked to systemic risks and to tackling illegal content.
B) Our considerations and suggestions
In accordance with the results of the Commission's public consultation prior to the adoption of its proposal as well as the European Parliament INI report on the Digital Services Act (MEP AGIUS SALIBA Alex), we believe that "harmful content" should not be covered by the DSA and welcome that the proposal has not introduced any removal obligations for it.
In our view, tackling so-called "harmful content" could lead to restricting freedom of expression within the Union. In this respect, and while we support the idea of codes of conduct to reduce "systemic risks" on very large online platforms (VLOPs) under article 35, as well as the criteria of the risk assessment to be carried out by such platforms per article 26 § 1, we have identified the following issues:
In situations where clear and universally accepted definitions of illegal content are not available, VLOPs may cover "harmful content" in their terms and conditions as they deem fit.
By adding that VLOPs shall "[...] take into account [...] the dissemination of [...] information that is incompatible with [the VLOPs] terms and conditions" (art 26 § 2 in fine) when conducting their risk assessments, the DSA allows VLOPs to monitor harmful content. Combined with article 35, it all boils down to the conclusion that codes of conduct could be drafted and enforced at Union level based on input from the terms and conditions which could be potentially very restrictive for fundamental rights. This situation should be rectified by at least amending current article 26 § 2 to remove the afore-mentioned phrase.
Further, article 35 does not clearly state that codes of conduct developed through a process of self-regulation to tackle illegal content and reduce systemic risks cannot be used within the framework of the powers of implementation and enforcement laid down in Chapter IV. To prevent harmful content from becoming mandatory, it should be specified that the codes of conduct can be used for the VLOPs risk assessments as laid down in article 26(1) only.
LIABILITY IN COMBINATION WITH THE NOTICE AND ACTION MECHANISMS
A) The considerations of the European Commission and its proposal
1. The provisions of articles 3, 4 & 5
Through articles 3, 4 and 5, the liability of "intermediary services" of the eCommerce Directive is harmonized in a regulation. To benefit from the immunity provided and not be automatically held responsible for illegal content circulating on their medium, service providers must meet certain specific conditions. While the conditions for exemption from liability for "mere conduit" and "caching" services remain the same, the conditions for exemption from liability for hosting services have slightly changed.
Indeed, hosting services shall not be liable for the information stored at the request of a recipient of their service if it "does not have actual knowledge of illegal activity or illegal content" (Art 5 (a)). Moreover, they shall not benefit from exemptions for matters related to consumer protection when conclusions of distance contracts are made and under certain conditions specifically laid down in the text (Art 5(3)).
2. The provision of article 14
Article 14 harmonizes the notice and action mechanisms in the Union, notably by establishing specific criteria needed in a notice (Art 14 (2)). According to the proposal, hosting service providers, including online platforms, will have to put in place a "notice and action mechanism" that shall allow "any individual" or "entity" to electronically submit a notification when they "consider" information or items, present on the online service, to be illegal.
B) Our considerations and suggestions
The Chamber of Commerce and FEDIL support maintaining the exemptions from liability of intermediary service providers in articles 3, 4 and 5.
Further, we also support article 14 in that it will harmonize requests for removal of illegal content as it will generally contribute to a safer online environment. Indeed, this practice of "flagging", already exists and has been used differently by online service providers across Member States.
However, we believe that article 14 as currently drafted could have a serious negative impact on the digital economy. We remain deeply concerned that under subsection (3) "notices [...] shall be considered to give rise to actual knowledge or awareness for the purposes of Article 5 in respect of the specific item of information concerned.". However, while in some cases it is obvious that the notified content is indeed illegal, it is unreasonable to expect that a digital platform will always be able to correctly judge whether the submitted content or item is indeed illegal, and even more so since "any individual" or "entity" can submit a notification while it merely "considers" the content to be illegal.
According to the Commission's proposal, hosting service providers, including online platforms, risk being held liable for any misinterpretation of the legality of content stored on their services. In practice, this could risk over removal of goods and content online as liability is otherwise automatically opened.
In addition, we believe that this provision needs to be amended to provide that a simple notification should not suffice to reverse the burden of proof. An alternative would also be to simply remove the presumption of actual knowledge. In addition, it would be useful that the DSA formally foresees a possibility for the hosting provider that has a genuine doubt to seek assistance and clarification with a relevant authority.
1- FEDIL is a member of BusinessEurope; the Luxembourg Chamber of Commerce is a member of EUROCHAMBRES.
2 - Explanatory Memorandum of the DSA, page 4.
3 - There is no general rule on the recognition of foreign administrative decisions, either in public international law or in European Union law. Oftentimes, such an obligation is provided for in national legislation, in international conventions and, for the European Union, in some secondary acts, which implies that the rules of recognition may significantly vary.
4 - Please kindly refer to article 3, § 4 of the eCommerce Directive, as currently in force.