The EDPS published Opinions today on the European Commission’s proposals for a Digital Services Act and a Digital Markets Act. Both Opinions aim to assist the EU legislators to shape a digital future rooted in EU values, including the protection of individuals’ fundamental rights, such as the right to data protection.
The EDPS welcomes the proposal for a Digital Services Act that seeks to promote a transparent and safe online environment. In his Opinion, the EDPS recommends additional measures to better protect individuals when it comes to content moderation, online targeted advertising and recommender systems used by online platforms, such as social media and marketplaces.
Wojciech Wiewiórowski, EDPS, said: “We note that the Proposal does not impose a general monitoring obligation, it confirms reasonable liability exemptions and supplements them with a pan-European system of notice and action rules, so far missing.”
The EDPS highlights that any form of content moderation should take place in accordance with the rule of law. Profiling for the purpose of content moderation should be prohibited unless the online service provider can demonstrate that such measures are strictly necessary to address the systemic risks explicitly identified in the Digital Services Act. Furthermore, the European legislators should consider a ban on online targeted advertising based on pervasive tracking and restrict the categories of data that can be processed for such advertising methods.
In his Opinion on the Digital Markets Act, the EDPS welcomes the European Commission’s proposal that seeks to promote fair and open digital markets and the fair processing of personal data by regulating large online platforms acting as gatekeepers.
Wojciech Wiewiórowski, EDPS, said: “Competition, consumer protection and data protection law are three inextricably linked policy areas in the context of the online platform economy. Therefore, the relationship between these three areas should be one of complementarity, not friction.”
The EDPS highlights the importance of fostering competitive digital markets so that individuals have a bigger choice of online platforms and services that they can use. Giving users better control over their personal data can reinforce contestability in digital markets. Increased interoperability can help to address user lock-in and ultimately create opportunities for services to offer better data protection.
To guarantee the successful implementation of the European Commission’s Digital Services Act package, the EDPS calls for a clear legal basis and structure for closer cooperation between the relevant oversight authorities, including data protection authorities, consumer protection authorities and competition authorities.
The rules for data protection in the EU institutions, as well as the duties of the European Data Protection Supervisor (EDPS), are set out in Regulation (EU) 2018/1725.
Processing of personal data: According to Article 3(3) of Regulation (EU) 2018/1725, processing of personal data refers to “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction". See the glossary on the EDPS website.
The legislative consultation powers of the EDPS are laid down in Article 42 of Regulation (EU) 2018/1725 which obliges the European Commission to consult the EDPS on all legislative proposals and international agreements that might have an impact on the processing of personal data. Such an obligation also applies to draft implementing and delegated acts. The statutory deadline for issuing an EDPS opinion is 8 weeks.
The EDPS opinions are published on our website, and later on in the Official Journal of the EU, and officially transmitted to the European Parliament, the Council and the Commission.
The EDPS also has the power to issue opinions on any issue of relevance to the protection of personal data, addressed to the EU legislator or to the general public, in response to a consultation by another institution or on his own initiative.