The DSA is aimed against illegal and harmful content and goods as well as the spread of disinformation in the digital world. It shall ensure user safety, protect fundamental rights, and create a fair and open online platform environment.

The DSA is an EU regulation and therefore directly applicable in all EU Member States without any additional transposition into national law. The regulation was established on the Union level to harmonise diverging national law and to avoid regulatory fragmentation which adversely affects the single market.

On a national level there is not one competent authority, but multiple authorities may be granted competences for subjects matters covered by the DSA under national law. To streamline and coordinate these authorities each Member State designates a Digital Services Coordinator as the single point of contact (for a list see here).

On an EU level the European Commission as well as the European Board for Digital Services have a broad set of competences under the DSA which range from issuing implementation guidelines to supervisory functions.

The DSA together with the Digital Markets Act (DMA) forms part of the Digital Services Act package (learn more) which again is embedded in the Digital Agenda for Europe (learn more).

The DSA applies to online intermediary services with additional rules for hosting services, online platforms and very large online platforms and search engines (VLOPs and VLOSEs) when offering intermediary services, irrespective of where the providers have their place of establishment.

The DSA applies irrespective of where the providers have their place of establishment. This means that also non-EU providers are caught by the extra-territorial scope of the DSA when offering intermediary services to business users, consumers and other users (recipients of the service).

To qualify as an "offering", an intermediary service needs to be accessible by EU recipients and needs to have a substantial connection to the EU. Besides an establishment a substantial connection results from specific factual criteria such as:

• a significant number of recipients of the service in the EU;
• the targeting of activities towards the EU.

Whether the number of recipients in one or more Member States is significant depends on the relation to the whole population.

To determine, if a provider is targeting its activities towards recipients in the EU, all circumstances are relevant. Especially the use of a language or a currency generally or the possibility of ordering products or services, or the use of a relevant top-level domain indicate the targeting of recipients. Furthermore, the availability of an application in the relevant national application store, local advertising or advertising in a language used in that Member State, or the handling of customer relations in such language are factors which may result in a targeting. In contrast, mere technical accessibility of a website from the Union cannot, on that ground alone, be considered as establishing a substantial connection to the Union.

Regardless of any additional classification under another type of business regulated by the DSA Intermediary Services include “Mere Conduit” Services (e.g. Internet Service Provider „ISP“), "Caching” Services (e.g. Content Delivery Networks "CDNs"), “Hosting” Services (e.g. cloud computing, web hosting, paid referencing services or services enabling sharing information and content online, including file storage and sharing.)

Hosting Services involve the storage of information provided by users (e.g. cloud computing, web hosting, paid referencing services or services enabling sharing information and content online, including file storage and sharing.)

Online Platforms bring together sellers and consumers. (e.g. online marketplaces, app stores, collaborative economy platforms and social media platforms).

Online platforms and search engines reaching more than 10% of 450 million consumers in Europe are classified as very large. Because of the particular risks associated with the dissemination of illegal content and societal harms, specific rules apply for VLOPs and VLOSEs.

First and foremost the legal representative shall facilitate the communication with competent national authorities, the European Commission as well as the European Board for Digital Services. The legal representative can also act as the point of contact for recipients of the service and trusted flaggers. For operational purposes the legal representative can also act as the electronic point of contact which again facilitates the communication with the various stakeholders.

The obligation to appoint a legal representative should allow for the effective oversight and, where necessary, enforcement of the DSA. This is the reason that the legal representative may be held liable for non-compliance with obligations under the DSA, without affecting the liability and legal actions that could be initiated against the provider of intermediary services.

Providers of intermediary services should ensure that the designated legal representative has the necessary powers and resources to cooperate with the relevant authorities. This also means that the legal representative needs to have sufficient qualifications and experience to handle proceeding with national and European authorities.