EU legislators approve proposed DGA and progress DSA, DMA and Digital Finance Package proposals
06 December 2021
Digital Markets Act
On 23 November 2021, the European Parliament (EP) confirmed that the International Market and Consumer Protection Committee had approved the European Commission’s (the Commission) Digital Markets Act (DMA) proposal, which was initially presented in December 2020 and sets out a series of new obligations and prohibitions applicable to big platforms acting as “gatekeepers”. For background on the initial proposal, see our publications here and here.
The Commission’s proposal covers companies that provide “core platform services” (including social networks, search engines, online advertising, cloud computing and video-sharing services) that meet the relevant criteria to be designated as “gatekeepers”. The EP expanded this scope by including providers of browsers, virtual assistants and connected TV, while proposing to increase the thresholds for entities to fall under the DMA to EUR 8 billion in annual turnover in the EEA (previously EUR 6.5 billion) or a having an average market capitalisation of EUR 80 billion (previously EUR 65 billion). In particular, the proposed amendments:
- include new provisions that prohibit gatekeepers from combining personal data for their own commercial purposes or for delivering targeted and micro-targeted ads unless there is a GDPR-compliant user’s consent;
- prohibit processing of personal data of minors for commercial purposes, such as direct marketing, profiling and behaviourally targeted advertising;
- expand the powers of the Commission to impose restrictions on gatekeepers from making digital or data-related acquisitions (including ‘killer-acquisitions’); and
- increases the maximum amount of fines that can be imposed by the Commission for violations to 20% (previously 10%) of a “gatekeeper’s” annual worldwide turnover.
The amended DMA proposal is subject to a vote in the next EP plenary session on 15 December 2021, and if approved, will obtain the EP’s mandate for trilogue negotiations with the Council of the EU and the Commission, expected to take place during the first half of 2022. The press release on the DMA proposal is available here, the amended DMA proposal here, the ITRE Committee Opinion here and the legislative file here.
Digital Services Act
On 25 November 2021, the Council of the European Union (Council) announced that it had agreed the general approach on the Commission’s proposal for a Digital Services Act (DSA) that aims to change the rules for handling of illegal or potentially harmful content online, address the liability of online providers for third party content, introduce vetting obligations of third party suppliers and ensure the protection of users' fundamental rights online. For background on the initial proposal, see our publications here and here.
The Council’s main changes include:
- explicitly including online search engines into the scope of the DSA;
- providing enhanced protection of minors online;
- extending the obligation to notify the suspicion of serious criminal offences to all hosting services, not only to online platforms; and
- allowing national authorities to issue orders regarding illegal content directly to service providers.
The Council also provided a mandate to the Presidency of the EU to start trilogue negotiations about the DSA proposal, expected to commence in 2022. The EP is still working on its approach to the DSA.
Data Governance Act
On 30 November 2021, the negotiators for the Council and the EP reached a provisional agreement on the proposed Data Governance Act (DGA) following the trilogue negotiations that took place over the past two months.
As previously reported, the DGA is a regulation that seeks to facilitate data-sharing mechanisms with the aim to promote availability of public-sector data to drive innovation and advanced solutions, including in artificial intelligence, smart manufacturing, mobility, and healthcare.
The DGA will enable the reuse of certain categories of protected public-sector data (such as trade secrets, personal data and data protected by intellectual property rights), provide a framework for so-called data intermediation services for data sharing between companies and facilitate data altruism for the common good. You can find our high-level overview of the original European Commission’s proposal here and on the Council’s work on the DGA here.
Although the compromise text is not available yet, the key provisions are reported to remain unchanged. Press releases of the EP and Council clarify that the compromise text will provide for establishment of a European Data Innovation Board and include powers for the Commission to adopt “adequacy decisions” declaring that specific non-EU countries provide appropriate safeguards for the use of non-personal data transferred from the EU, similar to the adequacy decisions for personal data transfers under the GDPR.
Digital Finance Package
On 24 November 2021, the Council announced that it had agreed its position in relation to the proposed Regulation on Markets in Crypto Assets (MiCA) and the proposed Digital Operational Resilience Act (DORA), both part of the proposed Digital Finance Package (the DFP). Once the EP forms its position on the proposals, the Council and the EP will enter into negotiations.
The purpose of the DFP is to align the EU’s digital finance strategy, introduce proposals on markets in crypto-assets, digital operational resilience and distributed ledger technology. It aims to create a regulatory framework that encourages the adoption of new financial instruments that comply with all financial regulations and operational risk management policies.