cross-border cooperation and regulatory oversight
in the EU Digital Services Act
This non-paper summarises how the EU Digital Services Act (DSA) proposal suppo s the
country-of-origin (COO) principle, while including meaningful oversight mechanisms that
provide for enhanced cooperation amongst national regulators in their supervision of
intermediary service providers and enforcement of the DSA rules.
It also considers speci c provisions in the DSA proposal on regulatory oversight against the
Commission’s objectives of providing legal clarity, respect for fundamental rights,
harmonisation across the Single Market and clear responsibilities for di erent types of
intermediaries and authorities. We highlight the provisions that wil help achieve these
objectives, identify provisions that may fal sho of them and, where appropriate, set out
suggestions for ways to clarify the proposed rules. Those suggestions include:
Providing greater clarity in A icle 46 of the DSA on the process for, and
procedural safeguards applicable to, joint investigations
by Digital Service
Coordinators (DSCs) and on the actions resulting from such investigations, in order to
promote ce ainty for service providers and users.
Providing for a harmonised set of objectives and principles
in accordance with
which DSCs, other national competent authorities and the Commission should act
when exercising oversight functions, and listing the speci c tasks they are
empowered to carry out
, in order to promote consistent and coherent regulatory
oversight across the EU.
Providing for a consistent standard for the exercise of oversight powers
other national competent authorities and the Commission, such that each of these
bodies’ powers are exercised where necessary
for the pe ormance of the relevant
tasks and objectives.
Our feedback on the DSA proposal is aimed at promoting legal clarity and business ce ainty
for the responsibilities we and others in industry wil face, safeguarding data access and
ensuring respect for fundamental rights. Even where we suggest ce ain tweaks, we
understand that policymakers are looking for more scrutiny of our systems and processes by
regulators across the EU. We suppo
the objective of improving cooperation between
authorities, both cross-border and within each Member State.
The DSA provides impo ant legal ce ainty by making DSCs of home states
responsible for supervision and enforcement
The COO principle is one of the cornerstones of the Single Market. In the eCommerce
Directive,1 it applies so that information society services are, in general, subject to the law of
the member state in which they are established—the ‘home’ state. On this basis, member
states in which the services are received—‘host’ states—cannot restrict the freedom of
service providers to provide them, unless they rely on speci ed public policy exceptions.2
In the same spirit, the DSA generally places supervisory responsibility with the Digital
Services Coordinator (DSC) of the home state, which acts as a single point of contact for
application of the DSA to providers established in its state.
The DSA requires al DSCs to be
independent, transparent and impa ial. As the explanatory memorandum to the DSA proposal
states, this approach “ensures the swi est and most e ective enforcement of rules and
protects al EU citizens. It aims at providing the simple and clear processes for both citizens and
service providers to
nd relief in their interactions with supervising authorities.
Commission is also given a role in supervision and enforcement, pa icularly in relation to very
large online pla orms (VLOPs), where systemic risks are suspected of emerging across the EU.
Giving the home state DSC primary oversight responsibilities aligns with the COO principle in
the eCommerce Directive. However, the DSA also establishes enhanced mechanisms for
cooperation and coordination between DSCs and other competent authorities across
the Member States, that go well beyond the cooperation mechanisms in the eCommerce
1 Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on ce ain legal
aspects of information society services, in pa icular electronic commerce, in the Internal Market.
2 In a previous non-paper, we outlined our suppo for the COO principle in the eCommerce Directive
and explained what impact it has for digital services and EU citizens in practice. We addressed three
misconceptions around the current operation of the COO principle within the EU regulatory framework,
clarifying that: (i) the scope of rules fal ing under the COO principle in the eCommerce Directive is not
al -encompassing; (i ) there is an impo ant role host states may play through procedures for
cooperation with the home state; and (i i) Google would stil respect national de nitions of il egal
3 DSA Proposal, Explanatory Memorandum, page 3, available at:h ps://ec.europa.eu/info/sites/info/ les/proposal_for_a_regulation_on_a_single_market_for_digital_servic
The DSA gives DSCs of host states an expanded role in the oversight of
intermediary services across the EU
There are a number of areas where the DSA grants DSCs of host states meaningful oversight
powers. Although we believe some provisions may need tweaks or clari cations to suppo
smooth functioning and legal ce ainty, we consider them to be a key pa of the legislation.
They provide impo ant oppo unities for DSCs of host states to pa icipate in the oversight of
the provision of intermediary services in the EU:
Under A icle 35 of the DSA, DSCs are tasked with contributing to and facilitating the
dra ing of multi-stakeholder codes of conduct
and monitoring and evaluating the
achievement of their objectives, through the European Board for Digital Services (the
A icle 37 of the DSA enables DSCs to recommend through the Board that the
Commission develop crisis protocols
to address extraordinary circumstances
a ecting public security or public health. Member States’ authorities (be them DSCs or
other national competent authorities) may also be involved in drawing up, testing and
supervising the application of such crisis protocols.
A icle 43 of the DSA gives users the right to lodge a complaint
against providers of
intermediary services al eging an infringement of the DSA with their national DSC
National DSCs can transmit the complaints they receive to the DSC of the home state.
This provides an impo ant means for users to access redress and for DSCs to have
be er insights into the impact of intermediary services on users in their jurisdiction.
A icle 45 of the DSA enables DSCs of host states to request that the DSC of the
home state investigate a suspected infringement
. Host state DSCs may also request
that the home state DSC investigate suspected infringements of the additional
requirements imposed on VLOPs, either through the Board or by acting in conce with
two other host state DSCs (A icle 50 of the DSA). Where the DSC of a home state fails
to respond or the host state DSC considers the response to be unsatisfactory, the host
state DSC can refer the ma er to the Commission, which can require the home state
DSC to reassess the ma er and take the necessary investigatory and enforcement
A icle 46 of the DSA provides that DSCs may pa icipate in joint investigations
concerning providers of intermediary services operating in several Member States.
DSCs are involved in oversight activities through the Board
. A icle 47 of the DSA
establishes the Board as an advisory board, and tasks it with:
Contributing to the consistent application of the DSA and e ective cooperation
of the DSCs and the Commission;
Coordinating and contributing to guidance and analysis of the Commission,
DSCs, and other competent authorities on emerging issues; and
Assisting DSCs and the Commission in the supervision of very large online
In addition, a number of DSA provisions provide DSCs of host states with enhanced visibility on
the content moderation practices of intermediary service providers, and the approach of their
home state DSC towards them, which can inform use of their oversight powers mentioned
above. In pa icular:
Under A icle 8 of the DSA, DSCs are required to share with one another orders to
remove illegal content
that authorities in their jurisdiction addressed to intermediary
service providers across the EU.
Under A icle 9 of the DSA, DSCs are required to share with one another orders to
that authorities in their jurisdiction addressed to intermediary
service providers across the EU.
Under A icle 18 of the DSA, any DSC is empowered to ce ify out-of-cou dispute
se lement bodies in its jurisdiction
to hear disputes between users and intermediary
service providers, as regards the la er’s content moderation actions.
Under A icle 19 of the DSA, any DSC is empowered to evaluate and award the status
of trusted aggers to entities in its jurisdiction
, and, where appropriate, investigate
and assess whether those entities continue to meet the relevant conditions to be
awarded the status of trusted aggers.
Under A icle 27 of the DSA, DSCs may cooperate with the Commission to develop
and implement guidelines on reasonable, propo ionate and e ective mitigation
measures for speci c systemic risks
relating to VLOPs’ services.
Under A icle 44, al DSCs are required to publish annual repo s on their activities
under the DSA.
DSCs of host states therefore have a variety of avenues to monitor the activities of
intermediary service providers not established in their jurisdiction, and meaningful
oppo unities to pa icipate in enforcement of the DSA rules.
Clari cations that could aid the smooth functioning of the oversight regime
Processes and procedural safeguards for cross-border cooperation among DSCs
We appreciate the impo ance of cross-border cooperation to suppo an e ective regulatory
framework that protects users across the EU. In pursuing this aim, the DSA must also facilitate
greater legal ce ainty for intermediary services and users, and suppo consistent and robust
enforcement strategies from DSCs and other national competent authorities.
As regards requests to the DSC of a home state to investigate a suspected
(A icle 45 of the DSA), we would welcome clari cation on the threshold
for triggering this mechanism (e.g. “reasonable grounds” to suspect that the service
provider has diverged from the compliance baseline) to ensure that it is used
propo ionately and meaningful y. We also recommend linking this threshold to a
de nition of systematic failure. The current reference to “an infringement” of the DSA
Regulation is too vague and too broad, and does not serve legal ce ainty or the DSA’s
focus on oversight of systems. For example, would one user al eging to its national DSC
that a service provider failed to provide it with a statement of reasons when removing
its content from the service (under A icle 15 of the DSA) trigger this mechanism? Such
an approach could result in an overwhelming number of requests being made to home
state DSCs, which would adversely impact the e ciency of their investigations and
impede their ability to address requests to investigate systemic failures.
In A icle 45(4), we would also recommend al owing for exibility in the time period in
which the DSC of the home state must reply to provide its assessment of a request to
investigate a suspected infringement. Depending on the al eged infringement, a time
period of two months may prove to be too sho in practice, and not al ow for
meaningful investigation and enforcement measures to be taken by the DSC of the
home state. For example, as pa of its assessment, the DSC of the home state wil likely
need to make information requests to the service provider. The time period should take
this into account, and be of su cient duration to al ow service providers to seek
clari cations if needed, carry out their own investigation and respond appropriately
and within the procedural safeguards applicable under national law.
On joint investigations
(A icle 46), we would suggest clari cations on the processes
and procedural safeguards applicable to such investigations, and, given the oversight
responsibility of the DSC of the home state, also on the expected nature of actions
resulting from any joint investigations. For example, it would be helpful to provide
fu her clarity in A icle 46 on:
The process for initiating a joint investigation, e.g. by specifying that such an
investigation may be commenced once a request has been made by the home
state DSC to other relevant DSCs to pa icipate in the investigation; and
The circumstances under which a joint investigation can be conducted, e.g. only
where the service provider subject to investigation has establishments in the
Member States of the jointly acting DSCs.
Tasks and objectives of competent authorities, DSCs and the Commission
Specifying the tasks of regulatory bodies and a harmonised set of objectives and principles to
underpin their work can suppo consistent application and coherence in regulatory strategy,
whether within Member States or across the EU. It can also suppo the propo ionate and
robust exercise of investigation and enforcement powers, as we explain in the section that
fol ows. For example, the European Electronic Communications Code achieves this in A icles 3
and 4 on objectives, and A icle 5 includes a list of speci c tasks for the national regulatory and
other competent authorities. Indeed, the bene t of specifying tasks in this way may be seen in
A icle 49, in which the DSA identi es the tasks of the Board.
We welcome the inclusion of the general overriding objectives of the DSA in A icle 1(2) and
Recital 4, namely to contribute to the proper functioning of the internal market for
intermediary services, ensure legal ce ainty, promote a “safe, predictable and trusted
environment and protect fundamental rights enshrined in the EU Cha er of Fundamental
We would recommend that the DSA specify fu her tasks and objectives, which the
DSCs or other competent authorities and the Commission should take into account
when pe orming oversight activities.
Given the aims of the DSA as set out in the recitals and the approach of the DSA more
general y, the statutory objectives of DSCs, other competent authorities and the Commission
suppo ing the exercise of EU fundamental rights and freedoms
contributing to the proper functioning of the internal market
by suppo ing the
consistent application of the DSA throughout the EU, as wel as by enabling trust and
growth in the provision of intermediary services;
promoting innovation in systems to reduce the presence and dissemination of
illegal content on intermediary services
, including by adopting risk-based
approaches to oversight and focusing on systematic infringements of the DSA; and
promoting the interests of the citizens of the EU
, by ensuring compliance with the
DSA and by promoting public awareness and understanding of the risks, rules,
safeguards and rights in relation both to the provision and receipt of digital services
provided by intermediary services.
As regards tasks of DSCs and other competent authorities, we recommend that they are
clearly identi ed in a new A icle of the DSA, along the lines of the list in Annex I to this
Powers of DSCs and the Commission
In line with good regulatory practices and fundamental principles of EU law, the exercise of any
oversight powers (in pa icular those outlined in A icles 41 and 50 to 54 of the DSA) should be
clear in scope, transparent and propo ionate to the objectives of the DSA. We have four
recommendations in this regard:
First, as noted above, we recommend an approach similar to that of the European
Electronic Communications Code, whereby the DSCs, other national competent
authorities and the Commission may exercise their oversight powers to pursue a
clear and harmonised set of objectives and tasks
Second, we recommend aligning the standards for the exercise of oversight
powers by DSCs, other national competent authorities and the Commission to
that of “necessity” for the pe ormance of relevant tasks and objectives
. The DSA
proposal currently includes di erent standards for the exercise of oversight powers
between DSCs, other national competent authorities and the Commission. We are
pa icularly concerned by the standard proposed in A icles 52 to 54 of the DSA for the
exercise of the Commission's powers, which is at a lower threshold (“[i]n order to carry
out the tasks assigned to it under this Section”). We recommend changing this to
“where necessary to carry out its tasks and achieve the objectives of the DSA”.
Third, given the scale of content moderation and the DSA’s focus on the management
of systemic risks (under A icle 26), we recommend that oversight powers of DSCs,
other national competent authorities and the Commission be exercised to
address systematic failures by an intermediary service provider
– and not in
relation to individual content moderation outcomes.
Fou h, we recommend provisions in the DSA to suppo a risk-based approach to
enforcement by DSCs, other national competent authorities and the Commission, as
well as a more harmonised approach to appropriate penalties
. To this end, we
would welcome (i) clari cation that Digital Services Coordinators and the Commission
may only apply penalties for systematic violations of due diligence obligations, (i )
clari cation that any nes for procedural violations may only be applied where the
service provider engaged in the violation in bad faith, as wel as (i ) clear guidance by
the Commission on what methodology should be used to calculate nes.
We recommend that the DSA add a new a icle to explicitly specify the tasks that DSCs or
other competent authorities are empowered to carry out under the DSA in order to promote
consistent and coherent regulatory oversight across the EU.
Proposed tasks of DSCs in addition to the ones already included in the DSA
Monitor the application of and assess compliance with the DSA in accordance with the
relevant jurisdictional provisions and cooperation mechanisms.
Monitor relevant developments and emerging issues on the impact of il egal content on
intermediary services, in pa icular the development of and innovation in content
moderation and recommender technologies and practices, and, in respect of very large
online pla orms, on the mitigation measures in relation to systemic risks.
Promote public awareness and understanding of the risks, rules, safeguards and rights
in relation both to the provision and receipt of digital services provided by intermediary
Existing tasks of DSCs already included in the DSA
Transmit copies of orders to act against il egal content and orders to provide
information to al other DSCs in accordance with A icles 8 and 9 of the DSA Regulation,
Establish and maintain a list of noti cations in relation to the requirements in A icle 11
of the DSA for providers of intermediary services which do not have an establishment
in the Union.
Conduct ce i cation processes for out-of-cou
dispute se lement bodies in
accordance with A icle 18 of the DSA.
Evaluate and award the status of trusted aggers, and, where appropriate, investigate
and assess whether entities awarded the status of trusted aggers continue to meet
the relevant conditions, in accordance with A icle 19 of the DSA.
Conduct veri cation processes, where appropriate, for the designation of online
pla orms as very large online pla orms in accordance with A icle 25 of the DSA.
Cooperate with the Commission to develop and implement guidelines on reasonable,
propo ionate and e ective mitigation measures for speci c systemic risks in
accordance with A icle 27 of the DSA.
Monitor repo s from Code of Conduct pa icipants in accordance with A icle 35 of
Handle complaints lodged by recipients of a service in accordance with A icle 43 of
Publish annual repo s on their activities under the DSA and on orders issued to act
against il egal content or to provide information in accordance with A icle 44 of the
Handle requests lodged by DSCs in other Member States or recommendations by the
Board in accordance with A icle 45 of the DSA, and assess the ma er and take the
necessary investigatory and enforcement measures to promote compliance with the
Cooperate with, including sharing information and providing mutual assistance to,
other DSCs or competent authorities with a view to ensuring the consistency of
application and enforcement of the DSA, including pa icipating in joint operations in
accordance with A icle 46 of the DSA.
Conduct investigations on the application of the DSA, including on the basis of
information received from a DSC in another Member State.
Contribute to the activities of the Board.