CENTR responds to the public consultation on the Digital Services Act
By Polina Malaja, Policy Advisor - CENTR has provided its feedback on an upcoming EU legislative reform - the Digital Services Act (DSA), as a response to the public consultation initiated by the European Commission.
The EU DSA is one of the top priorities on Europe's digital agenda for the 2019-2024 legislative term, as put forward by the European Commission. One of the DSA’s aims is to revise liability and safety rules for information society services in the EU, including digital platforms, services and products. According to the European Commission, “the sale of illicit, dangerous or counterfeit goods and dissemination of illegal content must be tackled as effectively as possible”. To this end, the EU is expected to revise its legal framework governing liability rules of online intermediaries, mainly enshrined in the e-Commerce Directive (ECD).
Whilst one of the main objectives of the DSA is to primarily “reinforce the oversight over platforms’ content policies in the EU”, the European Commission is also seeking views on the role of all digital services ('information society services') in keeping users safer online, including internet infrastructure actors such as ccTLDs and other domain name services.
CENTR is the association of European national top-level domain registries (ccTLDs), such as .si and .de. CENTR provides a forum to discuss matters of policy affecting ccTLDs and acts as a channel of communication for internet governing bodies and other organisations involved with the internet. It promotes the interests of ccTLDs and advocates on their behalf.
CENTR and its membership are committed to an open, reliable and robust internet infrastructure embedded in a sound and balanced internet ecosystem. As one of the objectives of the DSA is to clarify the responsibilities of all digital services in tackling illegal content online, CENTR members call on the European Commission to conduct an informed, well-balanced and careful assessment on whether enlarging the scope of “online intermediaries” to include actors of the internet infrastructure stack, such as ccTLDs, will effectively help this aim. Internet infrastructure actors, such as ccTLDs do not host, nor pass any content through their managed infrastructure (the Domain Name System), hence they cannot be perceived as “online intermediaries”, i.e. services that generally transport or intermediate content, goods or services made available by third parties. CENTR members call on the European Commission to adequately take into consideration their technical role and the importance of ccTLDs in maintaining essential service for the functioning of the internet.
CENTR members welcome the opportunity to establish more legal clarity on issues pertaining to the issue of illegal content. CENTR members call for a legal framework that takes into account differences in the roles, size and technical capabilities of service providers and establishes clear guidelines for a notice-and-action (N&A) procedure that considers the responsibilities of all actors involved (including notifiers and public authorities).
In its response to the public consultation, CENTR calls on the European Commission to consider the following key points when establishing and revising rules for digital services and their responsibilities for illegal content online:
- ccTLDs, as technical operators of the internet infrastructure are not considered to be ‘online intermediaries’ under the current valid legislative framework in the EU.
- The digital service provided by ccTLDs is to maintain a crucial part of the internet infrastructure underlying the provision of e-commerce and other digital services online, the DNS, yet ccTLD registries do not host any content and no content passes through their infrastructure at any point.
- Due to their limited technical role ccTLDs cannot remove illegal content, and there is little they can do to effectively respond to the availability of illegal content online, even if notified of its existence.
- ccTLDs, as technical actors responsible for crucial internet infrastructure, need to be explicitly exempted from the scope of the DSA and its potential liability rules. As operators without any control for content availability online, it is disproportionate and unnecessary to impose any content moderation obligations on ccTLDs.
- Actions available for ccTLDs to respond to online abuse do not remove content from the internet and require performing a drastic measure at infrastructure level that can have collateral disproportionate consequences on all end-users.
- When illegal content is linked to an underlying domain name, a valid court order is the only basis for a ccTLD to take action, as the illegality of specific content cannot be established by a ccTLD, nor any other private third party.
- In exceptional circumstances an administrative order by a competent public authority can mandate an action at ccTLD level. However, this measure can only be considered as a last resort, when all other more effective measures have been exhausted (i.e. reaching out to the content provider and hosting service provider) and there is a risk for serious harm.
- Some ccTLDs take proactive measures in order to detect and respond to ‘infrastructure abuse’ (e.g. malware, phishing, botnets etc). The voluntary measures taken by ccTLDs have proven to be successful against their objective. Therefore, we recommend keeping the voluntary nature of those measures.
- Cooperation with public competent authorities is of paramount importance to contribute to safety online. Specialised public competent authorities need to be adequately equipped, resourced and staffed to perform their public duties.
- Liability exemptions established in the ECD need to be maintained and where necessary, expanded to services not considered by legislators 20 years ago. The prohibition of the general monitoring obligation should encompass all digital services.
- The N&A procedure needs to be harmonised across the EU by establishing overarching general principles, such as transparency and the need to consider the liability of notifiers.
- There needs to be clear guidance for authorities, such as an adequate notification mechanism that takes into consideration the different roles and technical capabilities of service providers.