keyboard_tab Digital Service Act 2022/2065 EN
BG CS DA DE EL EN ES ET FI FR GA HR HU IT LV LT MT NL PL PT RO SK SL SV print pdf
- 1 Art. 30 Traceability of traders
- 1 Art. 37 Independent audit
- 1 Art. 51 Powers of Digital Services Coordinators
- 1 Art. 57 Mutual assistance
- 1 Art. 86 Representation
CHAPTER I
GENERAL PROVISIONS
CHAPTER II
LIABILITY OF PROVIDERS OF INTERMEDIARY SERVICES
CHAPTER III
DUE DILIGENCE OBLIGATIONS FOR A TRANSPARENT AND SAFE ONLINE ENVIRONMENT
SECTION 1
Provisions applicable to all providers of intermediary services
SECTION 2
Additional provisions applicable to providers of hosting services, including online platforms
SECTION 3
Additional provisions applicable to providers of online platforms
SECTION 4
Additional provisions applicable to providers of online platforms allowing consumers to conclude distance contracts with traders
SECTION 5
Additional obligations for providers of very large online platforms and of very large online search engines to manage systemic risks
SECTION 6
Other provisions concerning due diligence obligations
CHAPTER IV
IMPLEMENTATION, COOPERATION, PENALTIES AND ENFORCEMENT
SECTION 1
Competent authorities and national Digital Services Coordinators
SECTION 2
Competences, coordinated investigation and consistency mechanisms
SECTION 3
European Board for Digital Services
SECTION 4
Supervision, investigation, enforcement and monitoring in respect of providers of very large online platforms and of very large online search engines
SECTION 5
Common provisions on enforcement
SECTION 6
Delegated and implementing acts
CHAPTER V
FINAL PROVISIONS
- information society service
- recipient of the service
- consumer
- to offer services in the Union
- substantial connection to the Union
- trader
- intermediary service
- mere conduit
- caching
- hosting
- illegal content
- online platform
- online search engine
- dissemination to the public
- distance contract
- online interface
- Digital Services Coordinator of establishment
- Digital Services Coordinator of destination
- active recipient of an online platform
- active recipient of an online search engine
- advertisement
- recommender system
- content moderation
- terms and conditions
- persons with disabilities
- commercial communication
- turnover
- Mere conduit
- Caching
- shall 51
- information 29
- services 27
- audit 24
- provider 24
- very 20
- request 20
- large 20
- referred 20
- have 19
- pursuant 18
- infringement 17
- digital 17
- traders 16
- trader 15
- paragraph 15
- period 14
- measures 14
- regulation 13
- intermediary_services 12
- powers 12
- concerned 12
- authority 12
- providers 12
- online_platforms 11
- audits 11
- online_platform 11
- judicial 11
- consumers 11
- allowing 10
- article 10
- service 10
- member state 10
- power 9
- coordinators 9
- report 9
- necessary 9
- including 9
- they 9
- coordinator 9
- distance_contracts 9
- conclude 9
- specific 8
- competent 8
- respect 8
- without 8
- take 8
- order 8
- from 8
- within 8
Article 30
Traceability of traders
1. Providers of online_platforms allowing consumers to conclude distance_contracts with traders shall ensure that traders can only use those online_platforms to promote messages on or to offer products or services to consumers located in the Union if, prior to the use of their services for those purposes, they have obtained the following information, where applicable to the trader:
| (a) | the name, address, telephone number and email address of the trader; |
| (b) | a copy of the identification document of the trader or any other electronic identification as defined by Article 3 of Regulation (EU) No 910/2014 of the European Parliament and of the Council (40); |
| (c) | the payment account details of the trader; |
| (d) | where the trader is registered in a trade register or similar public register, the trade register in which the trader is registered and its registration number or equivalent means of identification in that register; |
| (e) | a self-certification by the trader committing to only offer products or services that comply with the applicable rules of Union law. |
2. Upon receiving the information referred to in paragraph 1 and prior to allowing the trader concerned to use its services, the provider of the online_platform allowing consumers to conclude distance_contracts with traders shall, through the use of any freely accessible official online database or online_interface made available by a Member State or the Union or through requests to the trader to provide supporting documents from reliable sources, make best efforts to assess whether the information referred to in paragraph 1, points (a) to (e), is reliable and complete. For the purpose of this Regulation, traders shall be liable for the accuracy of the information provided.
As regards traders that are already using the services of providers of online_platforms allowing consumers to conclude distance_contracts with traders for the purposes referred to in paragraph 1 on 17 February 2024, the providers shall make best efforts to obtain the information listed from the traders concerned within 12 months. Where the traders concerned fail to provide the information within that period, the providers shall suspend the provision of their services to those traders until they have provided all information.
3. Where the provider of the online_platform allowing consumers to conclude distance_contracts with traders obtains sufficient indications or has reason to believe that any item of information referred to in paragraph 1 obtained from the trader concerned is inaccurate, incomplete or not up-to-date, that provider shall request that the trader remedy that situation without delay or within the period set by Union and national law.
Where the trader fails to correct or complete that information, the provider of the online_platform allowing consumers to conclude distance_contracts with traders shall swiftly suspend the provision of its service to that trader in relation to the offering of products or services to consumers located in the Union until the request has been fully complied with.
4. Without prejudice to Article 4 of Regulation (EU) 2019/1150, if a provider of an online_platform allowing consumers to conclude distance_contracts with traders refuses to allow a trader to use its service pursuant to paragraph 1, or suspends the provision of its service pursuant to paragraph 3 of this Article, the trader concerned shall have the right to lodge a complaint as provided for in Articles 20 and 21 of this Regulation.
5. Providers of online_platforms allowing consumers to conclude distance_contracts with traders shall store the information obtained pursuant to paragraphs 1 and 2 in a secure manner for a period of six months after the end of the contractual relationship with the trader concerned. They shall subsequently delete the information.
6. Without prejudice to paragraph 2 of this Article, the provider of the online_platform allowing consumers to conclude distance_contracts with traders shall only disclose the information to third parties where so required in accordance with the applicable law, including the orders referred to in Article 10 and any orders issued by Member States’ competent authorities or the Commission for the performance of their tasks under this Regulation.
7. The provider of the online_platform allowing consumers to conclude distance_contracts with traders shall make the information referred to in paragraph 1, points (a), (d) and (e) available on its online_platform to the recipients of the service in a clear, easily accessible and comprehensible manner. That information shall be available at least on the online_platform’s online_interface where the information on the product or service is presented.
Article 37
Independent audit
1. Providers of very large online_platforms and of very large online_search_engines shall be subject, at their own expense and at least once a year, to independent audits to assess compliance with the following:
| (a) | the obligations set out in Chapter III; |
| (b) | any commitments undertaken pursuant to the codes of conduct referred to in Articles 45 and 46 and the crisis protocols referred to in Article 48. |
2. Providers of very large online_platforms and of very large online_search_engines shall afford the organisations carrying out the audits pursuant to this Article the cooperation and assistance necessary to enable them to conduct those audits in an effective, efficient and timely manner, including by giving them access to all relevant data and premises and by answering oral or written questions. They shall refrain from hampering, unduly influencing or undermining the performance of the audit.
Such audits shall ensure an adequate level of confidentiality and professional secrecy in respect of the information obtained from the providers of very large online_platforms and of very large online_search_engines and third parties in the context of the audits, including after the termination of the audits. However, complying with that requirement shall not adversely affect the performance of the audits and other provisions of this Regulation, in particular those on transparency, supervision and enforcement. Where necessary for the purpose of the transparency reporting pursuant to Article 42(4), the audit report and the audit implementation report referred to in paragraphs 4 and 6 of this Article shall be accompanied with versions that do not contain any information that could reasonably be considered to be confidential.
3. Audits performed pursuant to paragraph 1 shall be performed by organisations which:
| (a) | are independent from, and do not have any conflicts of interest with, the provider of very large online_platforms or of very large online_search_engines concerned and any legal person connected to that provider; in particular:
|
| (b) | have proven expertise in the area of risk management, technical competence and capabilities; |
| (c) | have proven objectivity and professional ethics, based in particular on adherence to codes of practice or appropriate standards. |
4. Providers of very large online_platforms and of very large online_search_engines shall ensure that the organisations that perform the audits establish an audit report for each audit. That report shall be substantiated, in writing, and shall include at least the following:
| (a) | the name, address and the point of contact of the provider of the very large online_platform or of the very large online_search_engine subject to the audit and the period covered; |
| (b) | the name and address of the organisation or organisations performing the audit; |
| (c) | a declaration of interests; |
| (d) | a description of the specific elements audited, and the methodology applied; |
| (e) | a description and a summary of the main findings drawn from the audit; |
| (f) | a list of the third parties consulted as part of the audit; |
| (g) | an audit opinion on whether the provider of the very large online_platform or of the very large online_search_engine subject to the audit complied with the obligations and with the commitments referred to in paragraph 1, namely ‘positive’, ‘positive with comments’ or ‘negative’; |
| (h) | where the audit opinion is not ‘positive’, operational recommendations on specific measures to achieve compliance and the recommended timeframe to achieve compliance. |
5. Where the organisation performing the audit was unable to audit certain specific elements or to express an audit opinion based on its investigations, the audit report shall include an explanation of the circumstances and the reasons why those elements could not be audited.
6. Providers of very large online_platforms or of very large online_search_engines receiving an audit report that is not ‘positive’ shall take due account of the operational recommendations addressed to them with a view to take the necessary measures to implement them. They shall, within one month from receiving those recommendations, adopt an audit implementation report setting out those measures. Where they do not implement the operational recommendations, they shall justify in the audit implementation report the reasons for not doing so and set out any alternative measures that they have taken to address any instances of non-compliance identified.
7. The Commission is empowered to adopt delegated acts in accordance with Article 87 to supplement this Regulation by laying down the necessary rules for the performance of the audits pursuant to this Article, in particular as regards the necessary rules on the procedural steps, auditing methodologies and reporting templates for the audits performed pursuant to this Article. Those delegated acts shall take into account any voluntary auditing standards referred to in Article 44(1), point (e).
Article 51
Powers of Digital Services Coordinators
1. Where needed in order to carry out their tasks under this Regulation, Digital Services Coordinators shall have the following powers of investigation, in respect of conduct by providers of intermediary_services falling within the competence of their Member State:
| (a) | the power to require those providers, as well as any other persons acting for purposes related to their trade, business, craft or profession that may reasonably be aware of information relating to a suspected infringement of this Regulation, including organisations performing the audits referred to in Article 37 and Article 75(2), to provide such information without undue delay; |
| (b) | the power to carry out, or to request a judicial authority in their Member State to order, inspections of any premises that those providers or those persons use for purposes related to their trade, business, craft or profession, or to request other public authorities to do so, in order to examine, seize, take or obtain copies of information relating to a suspected infringement in any form, irrespective of the storage medium; |
| (c) | the power to ask any member of staff or representative of those providers or those persons to give explanations in respect of any information relating to a suspected infringement and to record the answers with their consent by any technical means. |
2. Where needed for carrying out their tasks under this Regulation, Digital Services Coordinators shall have the following enforcement powers, in respect of providers of intermediary_services falling within the competence of their Member State:
| (a) | the power to accept the commitments offered by those providers in relation to their compliance with this Regulation and to make those commitments binding; |
| (b) | the power to order the cessation of infringements and, where appropriate, to impose remedies proportionate to the infringement and necessary to bring the infringement effectively to an end, or to request a judicial authority in their Member State to do so; |
| (c) | the power to impose fines, or to request a judicial authority in their Member State to do so, in accordance with Article 52 for failure to comply with this Regulation, including with any of the investigative orders issued pursuant to paragraph 1 of this Article; |
| (d) | the power to impose a periodic penalty payment, or to request a judicial authority in their Member State to do so, in accordance with Article 52 to ensure that an infringement is terminated in compliance with an order issued pursuant to point (b) of this subparagraph or for failure to comply with any of the investigative orders issued pursuant to paragraph 1 of this Article; |
| (e) | the power to adopt interim measures or to request the competent national judicial authority in their Member State to do so, to avoid the risk of serious harm. |
As regards the first subparagraph, points (c) and (d), Digital Services Coordinators shall also have the enforcement powers set out in those points in respect of the other persons referred to in paragraph 1 for failure to comply with any of the orders issued to them pursuant to that paragraph. They shall only exercise those enforcement powers after providing those other persons in good time with all relevant information relating to such orders, including the applicable period, the fines or periodic payments that may be imposed for failure to comply and the possibilities for redress.
3. Where needed for carrying out their tasks under this Regulation, Digital Services Coordinators shall, in respect of providers of intermediary_services falling within the competence of their Member State, where all other powers pursuant to this Article to bring about the cessation of an infringement have been exhausted and the infringement has not been remedied or is continuing and is causing serious harm which cannot be avoided through the exercise of other powers available under Union or national law, also have the power to take the following measures:
| (a) | to require the management body of those providers, without undue delay, to examine the situation, adopt and submit an action plan setting out the necessary measures to terminate the infringement, ensure that the provider takes those measures, and report on the measures taken; |
| (b) | where the Digital Services Coordinator considers that a provider of intermediary_services has not sufficiently complied with the requirements referred to in point (a), that the infringement has not been remedied or is continuing and is causing serious harm, and that that infringement entails a criminal offence involving a threat to the life or safety of persons, to request that the competent judicial authority of its Member State order the temporary restriction of access of recipients to the service concerned by the infringement or, only where that is not technically feasible, to the online_interface of the provider of intermediary_services on which the infringement takes place. |
The Digital Services Coordinator shall, except where it acts upon the Commission’s request referred to in Article 82, prior to submitting the request referred to in the first subparagraph, point (b), of this paragraph invite interested parties to submit written observations within a period that shall not be less than two weeks, describing the measures that it intends to request and identifying the intended addressee or addressees thereof. The provider of intermediary_services, the intended addressee or addressees and any other third party demonstrating a legitimate interest shall be entitled to participate in the proceedings before the competent judicial authority. Any measure ordered shall be proportionate to the nature, gravity, recurrence and duration of the infringement, without unduly restricting access to lawful information by recipients of the service concerned.
The restriction of access shall be for a period of four weeks, subject to the possibility for the competent judicial authority, in its order, to allow the Digital Services Coordinator to extend that period for further periods of the same lengths, subject to a maximum number of extensions set by that judicial authority. The Digital Services Coordinator shall only extend the period where, having regard to the rights and interests of all parties affected by that restriction and all relevant circumstances, including any information that the provider of intermediary_services, the addressee or addressees and any other third party that demonstrated a legitimate interest may provide to it, it considers that both of the following conditions have been met:
| (a) | the provider of intermediary_services has failed to take the necessary measures to terminate the infringement; |
| (b) | the temporary restriction does not unduly restrict access to lawful information by recipients of the service, having regard to the number of recipients affected and whether any adequate and readily accessible alternatives exist. |
Where the Digital Services Coordinator considers that the conditions set out in the third subparagraph, points (a) and (b), have been met but it cannot further extend the period pursuant to the third subparagraph, it shall submit a new request to the competent judicial authority, as referred to in the first subparagraph, point (b).
4. The powers listed in paragraphs 1, 2 and 3 shall be without prejudice to Section 3.
5. The measures taken by the Digital Services Coordinators in the exercise of their powers listed in paragraphs 1, 2 and 3 shall be effective, dissuasive and proportionate, having regard, in particular, to the nature, gravity, recurrence and duration of the infringement or suspected infringement to which those measures relate, as well as the economic, technical and operational capacity of the provider of the intermediary_services concerned where relevant.
6. Member States shall lay down specific rules and procedures for the exercise of the powers pursuant to paragraphs 1, 2 and 3 and shall ensure that any exercise of those powers is subject to adequate safeguards laid down in the applicable national law in compliance with the Charter and with the general principles of Union law. In particular, those measures shall only be taken in accordance with the right to respect for private life and the rights of defence, including the rights to be heard and of access to the file, and subject to the right to an effective judicial remedy of all affected parties.
Article 57
Mutual assistance
1. Digital Services Coordinators and the Commission shall cooperate closely and provide each other with mutual assistance in order to apply this Regulation in a consistent and efficient manner. Mutual assistance shall include, in particular, exchange of information in accordance with this Article and the duty of the Digital_Services_Coordinator_of_establishment to inform all Digital Services Coordinators of destination, the Board and the Commission about the opening of an investigation and the intention to take a final decision, including its assessment, in respect of a specific provider of intermediary_services.
2. For the purpose of an investigation, the Digital_Services_Coordinator_of_establishment may request other Digital Services Coordinators to provide specific information in their possession as regards a specific provider of intermediary_services or to exercise their investigative powers referred to in Article 51(1) with regard to specific information located in their Member State. Where appropriate, the Digital Services Coordinator receiving the request may involve other competent authorities or other public authorities of the Member State in question.
3. The Digital Services Coordinator receiving the request pursuant to paragraph 2 shall comply with such request and inform the Digital_Services_Coordinator_of_establishment about the action taken, without undue delay and no later than two months after its receipt, unless:
| (a) | the scope or the subject matter of the request is not sufficiently specified, justified or proportionate in view of the investigative purposes; or |
| (b) | neither the requested Digital Service Coordinator nor other competent authority or other public authority of that Member State is in possession of the requested information nor can have access to it; or |
| (c) | the request cannot be complied with without infringing Union or national law. |
The Digital Services Coordinator receiving the request shall justify its refusal by submitting a reasoned reply, within the period set out in the first subparagraph.
Article 86
Representation
1. Without prejudice to Directive (EU) 2020/1828 or to any other type of representation under national law, recipients of intermediary_services shall at least have the right to mandate a body, organisation or association to exercise the rights conferred by this Regulation on their behalf, provided the body, organisation or association meets all of the following conditions:
| (a) | it operates on a not-for-profit basis; |
| (b) | it has been properly constituted in accordance with the law of a Member State; |
| (c) | its statutory objectives include a legitimate interest in ensuring that this Regulation is complied with. |
2. Providers of online_platforms shall take the necessary technical and organisational measures to ensure that complaints submitted by bodies, organisations or associations referred to in paragraph 1 of this Article on behalf of recipients of the service through the mechanisms referred to in Article 20(1) are processed and decided upon with priority and without undue delay.
SECTION 6
Delegated and implementing acts
whereas