05 Feb 2025
At Privacy Minders, we continuously adapt our services to meet evolving regulatory requirements. We are pleased to announce the launch of our Legal Representative Service for non-EU providers under the Digital Services Act (DSA), which is a valuable addition to our expanding portfolio.
Privacy Minders stands out due to our extensive expertise in representative roles under EU regulations, backed by the legal strength of our affiliated law firm, Raphael Legal.
The Digital Services Act (DSA), effective from 17 February 2024, introduces new obligations for digital service providers acting as intermediaries for consumers, goods, services, and content within the EU. The regulation aims to combat illegal and harmful online activities, limit the spread of disinformation, and enhance user safety while ensuring the protection of fundamental rights and fostering a transparent and fair online ecosystem.
All online intermediaries offering their services in the single market, whether they are established in the EU or outside, have to comply with the new rules.
The DSA applies to:
1. Intermediary services (Internet access providers and domain name registrars).
2. Hosting services (cloud and web hosting services).
3. Online platforms (online marketplaces, app stores, collaborative economy platforms and social media platforms).
4. Very large online platforms and search engines (platforms reaching more than 10% of 450 million consumers in Europe).
Role of the Legal Representative
Article 13 of the DSA mandates that intermediary service providers offering services in the EU without establishment in the Union must appoint a Legal Representative within the EU. The Legal Representative serves as the point of contact for regulatory compliance, enforcement actions, and communications with the relevant authorities.
As your Legal Representative, Privacy Minders will be authorized to be addressed, in addition to or instead of the service provider in all matters related to the receipt, compliance and enforcement of decisions issued by the DSA by:
· Member States' competent authorities
· The European Commission, and
· The European Board for Digital Services
Th Legal Representative's name, postal address, email address, and telephone number must be provided to the Digital Services Coordinator (DSC) of the Member State where the Legal
Representative is established and the Providers shall ensure to keep those contact information publicly available, easily accessible, accurate, and kept up to date.
Cyprus’ Competent Authorities
In Cyprus, where Privacy Minders is established, the designated Digital Services Coordinator is the Cyprus Radiotelevision Authority. Additional competent authorities include:
· The Office of the Commissioner for Electronic Communications and Postal Regulation
· The Ministry of Energy, Commerce, and Industry
· The Office of the Commissioner for Personal Data Protection
The Legal Representative’s Location Determines the Competent Enforcement Authority
While appointing a Legal Representative does not create an EU establishment, it determines which Member State has enforcement authority over the provider’s compliance with the Digital Services Act (DSA). Specifically, the Member State where the Legal Representative is located assumes responsibility for supervision and enforcement under the DSA.
However, if a provider fails to appoint a Legal Representative, enforcement powers extend to all EU Member States and the European Commission, provided that the provider is not subject to enforcement proceedings by any other Member State or the Commission for the same facts.
By appointing a Legal Representative, non-EU providers benefit from a single point of regulatory oversight, ensuring a clearer and more predictable enforcement process under the DSA.
However, for Very Large Online Platforms (VLOPs) and Very Large Online Search Engines (VLOSEs), enforcement is shared between the European Commission and national competent authorities for their due diligence obligations. The Commission may take over enforcement in cases of systemic infringements, while Member States retain authority over individual, non-systemic violations. Additionally, the Commission has exclusive enforcement powers over the additional obligations imposed on VLOPs and VLOSEs to manage systemic risks, regardless of where their Legal Representative is located.
Fines for non-compliance
The DSA outlines strict penalties for non-compliance, which vary depending on the severity of the violation and can go up to 6% of a company’s global annual turnover.
Consultation & Compliance Services for the DSA
Beyond Legal Representation under article 13 of the DSA, Privacy Minders provides consultation and compliance services to assist businesses in understanding and meeting their DSA obligations.
Complimentary Applicability Assessment
The Privacy Minders team stands ready to assess whether your organization falls within the scope of the Digital Services Act (DSA) and to assist you with your classification under the DSA, which determines the obligations applicable to your services.
Next Steps
You can contact us by filling out our website form or emailing us at info@privacyminders.com. Our team is ready to support you on your DSA compliance journey. Learn more about our Legal Representative Service here.