Navigating the Complex World of Online Platforms and Classified Documents: EU Compliance Strategies

The recent arrest of a Massachusetts Air National Guard member for allegedly leaking classified documents on Discord has sparked intense discussion about the implications of such leaks on online platforms. The case has raised questions about the responsibilities and liabilities of these platforms in hosting and managing user-generated content. Historically, European platforms have not been held liable for illegal content on their sites, provided they had no knowledge of it and removed it promptly upon discovery. However, this legal stance dates back to June 2000, a time when digital development was in its infancy and online interactions were far less complex. The rapid evolution of technology has transformed the online landscape, with user-generated content and online interactions playing a crucial role in games, gaming platforms, and social media. As a result, online safety has become a pressing concern for governments and regulators across Europe. In the UK, the debate on regulating online safety continues, with the Online Safety Bill still in the parliamentary approval process. In contrast, the EU has established a clear framework with the Digital Services Act, published in October 2022, which requires compliance by February 17, 2024. The Digital Services Act applies to a broad range of digital services, including those in the games sector, such as in-game communications, user-generated content, live streaming services, and chat rooms. The Act takes a tiered approach to compliance, with escalating requirements based on the type of digital service and the perceived risk of disseminating illegal content. Non-compliance with the Act can result in fines of up to 6% of worldwide turnover. To prepare for the DSA, businesses can take the following steps: 1. Determine if their services are within the scope of the Act, considering factors such as the location of their users and the type of intermediary services they provide. 2. Identify the category of intermediary service they provide, as the Act creates different categories with varying requirements. 3. Report the number of active users if they are considered an online platform. 4. Implement measures to quickly remove illegal content upon discovery, as hosting services are still subject to the old rules. 5. Identify new obligations and take necessary compliance steps, which may include updating terms and conditions, implementing content moderation approaches, and establishing transparency reporting and notice and take-down obligations. Compliance with the Digital Services Act will require time and effort, but businesses have until February 17, 2024, to adapt. The Act is part of a broader regulatory landscape, with country-specific legislation emerging in areas like Germany and Ireland, and the UK's Online Safety Bill still in progress. As a result, businesses will need to navigate a complex patchwork of regulations across Europe, requiring careful consideration of their compliance strategies.