There has been a lot of discussion about the EU's Digital Services Act (“DSA”) since it came into force. The focus is often on the extensive list of obligations that service providers must meet under the DSA (and, of course, the massive fines for non-compliance). In this article, we want to explore how the DSA can benefit IP owners.
The DSA aims to create a safe and transparent online environment by strengthening consumer protection and the safeguarding of fundamental rights in the digital space. This regulation, which applies to the provision of intermediary services since February 17, 2024, entails extensive due diligence obligations on hosting services and especially online platforms to regulate the handling of illegal content, disinformation and other digital risks.
Online platforms are, simplified, services that allow the publication of information provided by and stored for the user (the user can also be a business!), if that is not merely a subordinate function.
IP infringements are common on online platforms (think, for example, of online marketplaces) and other hosting services. Movies or music are uploaded to file-sharing sites, where they are freely available to other users them. Online marketplaces list unlicensed and counterfeit goods sold at low prices. A mobile clone of a popular video game is released in an app store, generating revenue from in-app purchases while exploiting the original game's IP. In many cases, uploaders do not use their real names or provide an address. Sometimes they are based in countries where intellectual property rights are difficult to enforce. The DSA is primarily a set of rules for the providers of these services used by uploaders. However, it also offers some help for taking action against infringing content and can facilitate access to information about its uploaders.
Under the DSA, hosting services and online platforms must provide an easily accessible and user-friendly notification mechanism that allows individuals or entities to notify them of illegal content on their services. Typically, this mechanism is accessible either in the footer or next to shareable content. Upon the receipt of this notice, it is deemed that service providers have actual knowledge of the existence of the specific content reported. As long as the provider of the service (e.g. the online platform) does not know about infringing content the content, it is generally not liable. This exception has been known for many years as the "host provider privilege" or "safe harbor" for hosting providers. It was established in the EU through the EU by Directive 2000/31/EC, also known as the E-Commerce Directive (and is pretty similar to the “safe harbor” under the DMCA in the United States). If providers are informed about an infringement, they must review and act in a timely, diligent, non-arbitrary, and objective manner. Otherwise, they might be liable for the infringing content themselves. This is nothing new, but it should be easier and there is additional pressure on the service provider. (As far as copyright infringements go, the ECJ and national courts such as the German Federal Supreme Court have established some other criteria when service providers can be liable for infringing content. This regime is not restricted by the DSA.)
Breaches of the DSA on their part can be reported to the competent Digital Services Coordinators (i.e., the authorities responsible for the DSA), which can lead to investigations and ultimately fines. (We won't mention the fines anywhere else in this blog article, but they're worth keeping in mind).
The DSA has even more specific rules for online platforms that allow consumers to enter into distance contracts with traders. We see these as potentially powerful tools to reduce counterfeit and pirated goods and other IP infringements. In the past, traders offering illegal products on online marketplaces often provided fake names and identities – IP owners could send take-down notices to online platforms, but did not get hold of the trader actually offering the goods.
Under the DSA, providers of online marketplaces now have to ensure what is called the “traceability of the traders” (aka “Know Your Business Customer”). The provider of the online marketplace must obtain the following information:
This information must be easily accessible and comprehensible to any user of the online marketplace.
Additionally, the provider of the online marketplace must obtain
This information must be collected before the trader can offer its products on the online marketplace, and the provider must use best efforts to assess whether the provided information is reliable and complete. For traders who were already active on the online marketplace before the DSA entered into force, the provider must obtain the relevant information until February 17, 2025. If the trader's information is inaccurate, incomplete or out of date, the online marketplace must ask the trader to rectify the situation. Otherwise, the service provider must suspend its service to the trader. These obligations are now starting to show an effect, and the information can be found on many online marketplaces where it wasn't available before. Recently, the online marketplace TEMU undertook to comply with the Know Your Business Customer obligations under the DSA after being sued by the Wettbewerbszentrale, a German organization for the enforcement against unfair commercial practices.
Providers of online marketplaces must also randomly check whether products or services offered have been identified as illegal through official, freely accessible and machine-readable online sources. If products or services are identified as being illegal, the provider of the marketplace must inform all the purchasers of the fact that they were illegal, along with the identity of the trader and any relevant means of redress.
Consequently, persistence can pay off. Traders who repeatedly offer infringing products mean a lot more work for online marketplaces. There is also an increased risk of personal liability. In addition to costly claims and court orders, reporting slow or inadequate DSA-compliance to the Digital Services Coordinators can be issues that make the online marketplace less attractive to bad actors.
Very Large Online Platforms (VLOPs) are online platforms with at least 45 million monthly active users in the EU on average, and are designated by the European Commission. These VLOPs must perform risk assessments on a regular basis to identify systemic risks in the EU stemming from the design or functioning of their service and related systems. The repeated violation of IP rights can be seen as such a systemic risk which must consequently be mitigated in the future. It remains to be seen how IP infringements on VLOPs will be mitigated if they are identified as a systemic risk. At least for VLOPs that repeatedly offer products and services in breach of EU law, the mitigation measures could become much stricter than what is already covered by the DSA to deal with such illegal offerings.
Trusted flaggers are special entities under the DSA that detect specific potentially illegal content and notify the online platforms. Providers of online platforms must prioritize reports from trusted flaggers and process them without delay. Trusted flaggers are designated by the competent Digital Services Coordinator in the state they have their establishment if they meet the respective criteria. They have particular expertise in their field of competence which is taken into account by the service providers who receive the notice. The European Commission has updated a list of trusted flaggers. The list will be updated regularly as more will be added in the future.
While the legal grounds for taking action against infringing products on the internet remain unaffected, the DSA is more than just a comprehensive set of difficult obligations to comply with. It is a robust framework designed to make it easier to take action against illegal content by simplifying notifications and putting appropriate pressure on online service providers. If they do not respond diligently and promptly, they may not only lose their liability privilege, but also be subject to enforcement by the authorities. One important aspect will be how rigorous the authorities are in ensuring compliance. Advocating for proper regulatory action is, therefore, crucial. If applied wisely, it can be a powerful tool for protecting intellectual property rights in the European Union.
![[Translate to English:]](/fileadmin/_processed_/c/b/csm_IT_Data_Header_Scott_05383565fe.jpeg "[Translate to English:]")
