The Digital Services Act proposal and Ireland
Ronan Ó Fathaigh
(Institute for Information Law, University of Amsterdam)
Disclaimer: Dear reader, please note that this commentary was published before the DSA was finalised and is therefore based on an outdated version of the DSA draft proposal. The DSA’s final text, which can be here, differs in numerous ways including a revised numbering for many of its articles.
The purpose of this report is to provide a brief overview of the Irish government’s position on the European Commission’s proposal for a Digital Services Act (DSA). It first sets out Ireland’s position based on publicly-available documents and media reporting; then provides the broader legal, political and institutional context to the question of platform regulation in Ireland; and finally, concludes with recent legal developments in Ireland related to platform regulation.
The position of the Irish government on the DSA proposal
In the run-up to the publication of the DSA proposal in December 2020, the Irish government ministry taking the lead on the DSA (the Department of Business, Enterprise and Innovation) published Ireland’s position of the DSA (which was broadly in line with the position of the D9+ group of Member States, including Ireland, published in June 2020). First, on the e-Commerce Directive, Ireland considered that the “main principles” of the Directive have “stood the test of time,” and that the framework “does not need to be changed but to be added to,” with “specific requirements” relevant to the types of services and issues that now present themselves in the online environment. Second, on the country of origin principle, Ireland is “particularly supportive of its role” in providing businesses with the “necessary certainty and understanding as to the rules and regulations to which they must adhere.”
Crucially, however, Ireland was “concerned” with the “potential impact” of principle’s operation on “relationships between Member States” and “regulators within those Member States.” In this regard, Ireland considered that an appropriate governance framework has “at its head a European oversight entity,” which was capable of ensuring “cohesion and collaboration between Member States,” and that no Member State should have a “disproportionate administrative and regulatory burden.” Third, Ireland supported a “Good Samaritan principle” in the DSA, allowing for online services to “deal proactively with objectionable material on their services without running the risk of incurring liability for doing so.” Fourth, on harmful content, Ireland argued that the revised Audiovisual Media Services Directive, which has rules on harmful content for minors, should be “given time to bed down before further regulation of legal yet potentially harmful online content is introduced.” Finally, Ireland was supportive of a “systemic approach” to online content regulation, focusing on “identifying the risks” posed by certain online services, developing “targeting measures to minimise those risks,” and reviewing the effectiveness of those measures with a view to creating a “cycle of harm minimisation.”
Following publication of the DSA proposal, the Irish government opened a public consultation on 4 January 2021, with a deadline for submissions three weeks later on 22 January 2021. No submission were received from civil society, but submissions were received from some regulators, and Apple, Facebook, and Google (and published online). Notably, the Irish Independent newspaper, following a request for release of documents under freedom of information (FOI) laws, published a report on the Irish prime minister’s meeting with Google officials in January 2021 to discuss the DSA proposal. Notes from the meeting stated that the prime minister told Google officials that Ireland would liaise with other Member States to ensure the DSA package “do[es] not inhibit innovation.” Further, Ireland would have “significant responsibilities” under the DSA, and that Ireland’s position would be that “any enforcement measures” based on risk-assessments “must be based on legal clarity and certainty.”
Notably, in June 2021, Ireland joined a joint non-paper with Sweden and Finland on the DSA, entitled “Safeguarding freedom of speech online.” The non-paper makes a number of proposals to ensure the risk of “over-removal” by platforms “must be reduced to a minimum.” Crucially, it is proposed that DSA provisions dealing with expectations on platforms to assess and act against illegal content, such as notice-and-action mechanisms, should “only” apply to content that is “manifestly illegal.” This would be “less restrictive on the fundamental right of freedom of speech,” “increase legal certainty,” “ease the administrative burden on platforms” and the “national Digital Service Coordinators themselves.”
Further, in September 2021, it was reported that Ireland had coordinated, with 10 Member States, a joint non-paper “on the effective supervision under the Digital Services Act.” The purpose of the non-paper was to push back against a “French initiative against the country of origin principle,” which is “trying to change to the country of destination.” The non-paper argues that any change to the country of origin principle would “inherently undermine the development of digital services in Europe.”
Finally, it must be mentioned that in mid-November 2021, the Business Post newspaper reported that an Irish government minister had a meeting with a number of technology companies to “discuss Ireland’s position” on the DSA proposal, and the companies requested that “no detailed notes be taken at the meeting,” over “concerns that any records of what was discussed” would be subject to FOI requests. The Irish government was accused by opposition politicians of “working hand in glove with big tech to undermine regulation of their activities at a European level.” Notably, Irish media have been making further FOI requests over Irish government meetings with technology companies, and in late November, the Irish Independent published a report on a government minister’s meeting with TikTok over the DSA. The meeting notes state that the Irish government expected the creation of a Digital Services Coordinator would impose a “heavy administrative burden” on national authorities, and would “prove exacting for Ireland with the number of businesses headquartered” there.
Broader legal, political and institutional context
In terms of the broader context of the Irish government’s position on the DSA proposal, the most important issue is the current debate, and trenchant criticism, of Ireland in relation to enforcement of the General Data Protection Regulation, especially as Ireland is the European headquarters for some of the largest technology companies, including Apple, Google, Facebook, and Twitter. In particular, the Irish Data Protection Commission has been subject to considerable criticism, including from Germany’s Federal Commissioner for Data Protection (here), an Advocate General from the Court of Justice of the EU (here), and a European Commission vice-president (here), over delays and enforcement action under the GDPR against large technology companies. Notably, in May 2021, the European Parliament passed a resolution calling on the European Commission to open an infringement procedure against Ireland for failing to enforce the GDOR. Indeed, in September 2021, a leading Irish human rights organisation, the Irish Council for Civil Liberties (ICCL), published an important report on deficient data protection enforcement in the EU and Ireland. The ICCL argued that GDPR enforcement against technology companies is “paralysed” by Ireland’s “failure to deliver draft decisions on major cross-border cases,” describing Ireland as “Europe’s Wild West when it comes to data protection,” and urged the European Commission to take action against Ireland and other Member States that “jeopardise the protection of personal data.” Further, in November 2021, the ICCL filed a complaint with the European Ombudsman over the European Commission’s failure to initiate infringement procedures against Ireland over its application of the GDPR.
Notably, the Irish government’s position on the DSA seems to be influenced by the current criticism of the Irish Data Protection Commissioner as the lead regulator under the GDPR. As mentioned above, Irish government’s position explicitly states that Ireland is “concerned” with the “potential impact” of the county of origin’s operation under the DSA on “relationships between Member States” and “regulators within those Member States.” Indeed, the ICCL, in a letter to the Irish government, explicitly warned the Irish government that the deficiencies associated with the Irish Data Protection Commissioner will have implications for Ireland’s role under the DSA, and the Commission’s proposal “will not survive the trilogue process” unless there is “significant change in how other Member States view the Irish Data Protection Commission.” In this regard, in the European Council’s ‘general approach’ to the DSA, agreed in November 2021, the Council’s text ‘preserves the country-of-origin principle’, but now ‘confers exclusive enforcement powers to the European Commission, allowing it to deal with systemic infringements’ committed by very large online platforms. Finally, in late October 2021, the Irish government stated it was considering appointing two additional Data Protection Commissioners.
Recent legal developments
Finally, in terms of recent legal developments related to platform regulation in Ireland, one of the most important developments has been the Irish government’s proposal for an Online Safety Media Regulation Bill. The purpose of the Bill is to create a new regulatory framework for “online safety”, with an Online Safety Commissioner, as part of a new Media Commission, which would be empowered to issue “binding online safety codes,” and have compliance, enforcement and sanction powers. Notably, the Media Commission would have the power to “remove or restore individual pieces of content.” Crucially, the Bill would apply to not only “material which it is a criminal offence to disseminate under Irish [or Union law],” but also other “harmful content,” such as material “which is likely to have the effect of intimidating, threatening, humiliating or persecuting a person to which it pertains.” Most recently, in November 2021, a parliamentary committee (the Joint Committee on Tourism, Culture, Arts, Sport and Media) published a report on the Bill, and recommended that “disinformation be included as a category of harmful online content.”
However, there has been considerable criticism of the Bill. The ICCL argued that it created “vague new online-only offences”, and may not satisfy the “standards of legality, necessity and proportionality.” Further, it allowed for issuing notices for removal of content with a “threshold so low that it could seriously damage individuals’ constitutional rights to freedom of expression.” Indeed, in September 2021, parliamentary committee hearings were held on the Bill, with Facebook concerned that the Bill “could overlap” with the DSA proposal, while Twitter emphasised its concern some of the sanctions contained in the Bill could set an “unhelpful international precedent.” While another leading Irish civil society organisation, Digital Rights Ireland, arguing the Bill would create “a national regime for controlling content” on platforms that was “essentially unprecedented in Irish or European law”; and it was “not clear” the Bill was compatible with the DSA proposal.
This contribution is part of an independent research project on mapping the position of and situation in the Member States with respect to the Digital Services Act (DSA), for which the DSA Observatory has received a (partial) financial contribution from our partner in this project, EDRi.