Information Technology

The Commission has published a draft delegated act on audits to be performed very large online platforms (“VLOPs“) and very large online search engines (“VLOSEs“) pursuant to Article 37 of Digital Services Act Regulation (“DSA“) for public feedback.

Continue Reading Commission publishes Draft Delegated Act in respect of Audits conducted under DSA

Following the first designation of Very Large Online Platforms (“VLOPS“) and Very Large Online Search Engines (“VLOSEs”) under the Digital Services Act Regulation (“DSA“) on 25 April 2023, the European Commission has now announced a call for evidence from stakeholders to inform proposed delegated acts on data access mechanisms.

Continue Reading Commission Calls for Stakeholder Views on Data Access Mechanism under DSA

Yesterday, 01 February 2023, the Commission published guidance on how online platforms and search engines within the scope of the Digital Services Act (DSA) should comply with their obligation to report user numbers in the EU.

As highlighted in our recent update, the DSA requires providers of online platforms and of online search engines to publish, by 17 February 2023, information on the average monthly active recipients of their services in the EU, on their publicly available online interfaces. The number must be calculated as an average over the period of the past six months.

Online platforms/search engines, whose numbers reach the threshold of 45 million average monthly active recipients in the EU, will be designated by the Commission as very large online service providers (VLOPs) or very large online search engines (VLOSEs). However, the Commission is not bound by information provided by online service providers, – it may use other available data or request additional information.

While the guidance is not ground breaking, it provides a helpful interpretation of certain provision of the DSA.

In relation to the calculation of active recipients of the service, the guidance stipulates the following:

Continue Reading DSA: Commission issues guidance on the requirement to publish user numbers in the EU

The first draft delegated regulation supplementing the Digital Services Act (DSA) was published by the European Commission yesterday.

The regulation outlines the criteria to be used when calculating the supervisory fees which will be charged on very large online platforms (VLOPs) and very large online search engines (VLOSEs) under Article 43 of the DSA.

In particular, it includes:

Continue Reading DSA: Delegated Regulation setting the methodology and procedure for determining the Supervisory Fee

On 19 December 2022, the Commissioner for Internal Market of the EU published an update on the date when very large online platforms (VLOPs) and very large online search engines (VLOSEs) will be required to comply with the provisions of the Digital Services Act (DSA).

The Commissioner noted that VLOPs / VLOSEs will be required to comply with the new rules by no later than 1 September 2023. To meet the deadline the Commission would need to designate VLOPs and VLOSEs by 28 April 2023. Based on this update the current timeline of the DSA application is as on the graphic below.

Continue Reading Digital Services Act: Timeline

Photo of John Cahir

The Government has published the long anticipated Online Safety and Media Regulation Bill 2022 which it has hailed as a “watershed moment as we move from self-regulation to an era of accountability in online safety”.

Online safety is one of the headline items, and it will be overseen by the newly-established Media Commission (Coimisiún na Meán). The Bill also seeks to implement a number of other key legislative reforms including the transposition of the revised Audiovisual Media Services Directive and the alignment of the regulation of video on-demand services with traditional broadcasting.

The publication of this Bill follows input from and engagement with key stakeholders from the public, NGOs, companies and government organisations over the course of the last three years.

We have summarised some of the key aspects of the Bill below.

Continue Reading Online Safety & Media Regulation Bill 2022

Photo of Davinia Brennan

The Government has published its legislation programme for Autumn 2021. We have set out below the status of key Bills of relevance to the data protection, commercial and technology sector.

Priority legislation for publication and drafting this Autumn

  • Online Safety and Media Regulation (OSMR) Bill – This Bill will provide for the establishment of a multi-person Media Commission (including an Online Safety Commissioner), the dissolution of the Broadcasting Authority of Ireland, a regulatory framework to tackle the spread of harmful online content, and implementation of the revised Audiovisual Media Services (AVMS) Directive 2018/1808. The Heads of Bill were published on 9 January 2020, with additional provisions approved on 8 December 2020 and 18 May 2021. The government also approved the integration of the Broadcasting (Amendment) Bill into the OSMR Bill. Member States were due to implement the revised AVMS Directive in national law by 19 September 2020, so Ireland has missed this deadline. Pre-legislative scrutiny is ongoing. Further background information information on the proposed Bill is available here.
  • Consumer Rights Bill – This Bill will give effect to two EU Directives (770/2019 and 771/2019) on consumer contracts for the supply of digital content and digital services, and on consumer contracts for the sale of goods. It will also update and consolidate the statutory provisions on consumer rights and remedies in relation to contracts for the supply of non-digital services, unfair contract terms, and information and cancellation rights. The General Scheme of the Bill has been published for public consultation. The Heads of Bill were approved on 20 April 2021.


Continue Reading Government publishes legislation programme for Autumn 2021

Photo of Davinia Brennan

The Government has published its legislation programme for Summer 2021. We have set out below the status of key Bills of relevance to the data protection, commercial and technology sector.

Bills expected to undergo pre-legislative scrutiny this Summer Session 

  • Online Safety and Media Regulation (OSMR) Bill – This Bill will provide for the establishment of a multi-person Media Commission (including an Online Safety Commissioner), the dissolution of the Broadcasting Authority of Ireland, a regulatory framework to tackle the spread of harmful online content, and implementation of the revised Audiovisual Media Services (AVMS) Directive 2018/1808. The Heads of Bill were published on 9 January 2020, with additional provisions approved on 8 December 2020. The government also recently approved the integration of the Broadcasting (Amendment) Bill into the OSMR Bill. Member States were due to implement the revised AVMS Directive in national law by 19 September 2020, so Ireland has missed this deadline. Pre-legislative scrutiny is currently underway.


Continue Reading Government publishes Summer Legislation Programme

Photo of James McCarthy

On 6 April 2020, the Data Protection Commission (DPC) published a report on the use of cookies and other tracking technologies (Report) and an updated guidance note on cookies and other tracking technologies (Guidance).

The Report is based on a review carried out by the DPC of websites in various sectors in Ireland, including insurance, banking, media, retail and the public sector. The purpose of the DPC’s report was to examine whether organisations are complying with the law, and, in particular, how organisations are obtaining the consent of users for the use of cookies. The majority of the 38 organisations examined were found to have potential compliance issues, particularly in relation to reliance on implied consent for setting non-necessary cookies; lack of choice for users to reject all cookies; bundling of consent for all purposes; and the possible misclassification of cookies as “necessary” or “strictly necessary“.  The Report gives an overview of the responses received highlighting what the DPC considers to be both “good” and “bad” practices that it encountered on the websites, and the Guidance provides website operators with guidance on how to comply with the rules relating to cookies, which are set out in the Irish ePrivacy Regulations.

Continue Reading DPC publishes Report and Guidance on cookies following a “cross-sector and cross-size” sweep of website operators

Photo of Davinia Brennan

The Government Chief Whip, Seán Kyne TD, has published the Government’s legislation programme for Summer 2019.  The updated programme follows on from the special programme launched in January 2019 which focused on Brexit. We have set out below the key data protection and technology-related legislation coming down the tracks.

Priority Legislation

  • Communications (Retention of Data) Bill –  This Bill will repeal and replace the Communications (Retention of Data) Act 2011 which requires data generated by mobile phones to be retained by telecommunications service providers for two years, and allows An Garda Síochána and certain other State agencies to access such data for criminal investigative purposes. The Heads of Bill were published last October 2017, following publication of Mr Justice Murray’s Review of the Law on the Retention of and Access to Communications Data, which found that many features of the 2011 Act are precluded by EU law. The Irish High Court also recently held, in Dwyer v Commissioner of An Garda Siochána [2018] IEHC 685; [2019] IEHC 48, that certain sections of the 2011 act are incompatible with EU law.


Continue Reading Government publishes legislation programme for Summer 2019