You May Be Subject as Well!: Digital Services Act – What Companies Need to Know

The EU Digital Services Act (“DSA”) is in force and the first of its requirements will soon take effect. And yet, many businesses do not even know yet that they are subject to the DSA. The landmark legislation DSA has a large scope of application, covering a significant range of online services that target EU users. In particular, companies that make available to the public any third-party content, whether B2B or individual user content, may be subject to its rules. This article provides an overview of the DSA, including its scope of application, key obligations and when these take effect, and sanctions for violations. It will also identify some of the steps that organisations should be taking now to achieve compliance.

By Julia Apostle, Kelly Hagedorn, Christian Schröder & Adele Harrison^[1]

I. WHY SHOULD COMPANIES BE READING THIS?

Even though the new EU’s Digital Services Act (“DSA”) ^[2] will impose many new compliance and reporting requirements for many businesses, most businesses have not yet started preparing as they may consider the DSA to only apply to the Big Tech companies. This is a misunderstanding. The DSA applies to many more companies than just Big Tech. By February 2023, companies will need to demonstrate compliance with initial notification requirements.

This article provides a brief overview on “who should comply” with the DSA and we will summarize the main requirements.

II. WHO MUST COMPLY WITH THE DSA? JURIS