The European Union’s Digital Services Act (DSA) came into full effect last Saturday. The law is intended to combat illegal content, misleading advertising and misinformation on the internet by placing obligations on service providers. There is a particular focus on protecting children.
The DSA has applied to the largest service providers – so called Very Large Online Platforms and Very large Online Search Engines – with more than 45 million users in the EU since August last year, but as of this week it applies to all service providers.
As with the EU rules on data protection, responsibility for implementing the legislation falls in the first instance to national regulators in member states. Responsibility for its implementation in Ireland will fall to Coimisiún na Meán, which was established almost a year ago.
The experience of the Data Protection Commission (DPC) is instructive. As the number and size of the large service providers with European head offices in Ireland grew over the last 30 years an asymmetry of power between the DPC and the entities it was charged with regulating became apparent. Their importance to the Irish economy also created a perceived risk of regulatory capture. The DPC saw a number of its decisions regarding large service providers challenged by other European regulators.
This time round the European Commission has reserved the right to directly investigate and prosecute large service providers in the EU. This week, it flexed its muscles in this regard opening proceedings on Monday against Tik Tok – which has its European head office in Dublin – for breaching the DSA in areas linked to the protection of minors, advertising transparency, data access for researchers, as well as the risk management of addictive design and harmful content.
The timing was no doubt coincidental, but it makes it clear where the commission sees the role of Coimisiún na Meán beginning and ending. Perhaps it is no harm given the international scale of the companies involved.
The Online Safety Commissioner Niamh Hodnett – one of four commissioners at Coimisiún na Meán – told the Joint Oireachtas Committee on children this week that it had the regulatory powers and the will to stand up to “big tech”. She also spoke about the difficulties of getting companies to come up with better systems for verifying the age of users and to counter the amplification of harmful content by recommender systems which push content.
These are very serious problems that cut to the very heart of the business models of the large online platforms. They are unlikely to concede ground willingly. Nobody doubts Coimisiún na Meán’s sincerity and ambition in this area, but it is taking on some industry giants.