Petter Nylander explores the EU’s proposal for the Digital Services Act and the implications for merchants, who will be responsible for keeping shoppers safe online
Online businesses and cyber criminals actually have a lot in common. They both rely on understanding user behaviour to ply their trade; they both have to stay on top of technological change to maintain a competitive advantage; and they both have to calculate what they afford to invest on the basis of the size of the opportunity before them.
All of this means that the supercharged growth in online retail through 2020 has also delivered an opening to fraudsters and other criminals seeking to exploit customers – and this fact has rarely been far from the headlines. Action Fraud, for instance, reported that over £16 million was lost to online shopping fraudsters in the first three months of lockdown alone. We’ve also seen Interpol warn the public about vaccine scams as fraudsters become increasingly sophisticated.
Navigating internet retail safely is a fast-growing challenge for shoppers, and businesses have a key role to play in helping them. Many brands are already trying to tackling the issue of harmful content appearing on their websites: Apple reportedly removed over one million listings for counterfeit and fake products in 2020, while Amazon currently employs more than 8,000 people to remove counterfeit products, false listings and identify intellectual property theft.
Here comes the DSA
From the consumer’s perspective, of course, it would be better for these kinds of policy and action to be universally applied in online selling. In December 2020, the European Commission submitted its proposal for the Digital Services Act (DSA), which may bring about just that change. The act is a wide-ranging initiative to combat harmful and fraudulent content on the internet, with the stated aim of improving safety, transparency, and innovation for all. Currently in draft, it will now be handed through the European Council and European Parliament before ultimately, if approved, becoming law.
The DSA represents a significant overhaul of the expectations the law currently has of digital businesses and will have huge implications for retailers. It will affect any company operating the EU area – regardless of where those businesses are based.
By legislating the responsibilities that online retailers and others have when safeguarding customers, the act will create new legal duties which might require significant operational changes to fulfil. With greater responsibility for the interactions they enable falling on their shoulders, businesses will need new approaches to managing the content that passes through their systems. That’s why, even though the act has a long road to travel before it becomes law, the time to start discussing it is now.
What to expect from the DSA
If they sell to European customers, UK-based retailers will be responsible for complying with new requirements around removing illegal or fraudulent content, while also creating routes for users to securely report such content.
This is going to have a monumental effect on marketplaces in particular, as they depend on third party sellers to serve their customers. They will be held responsible for the actions of their sellers – and with so many sellers to moderate, compliance will be a major undertaking.
This isn’t the first time regulation has shift the ground beneath retailers’ feet; the implementation of the GDPR a few years ago transformed everything from direct email marketing to fundamental business processes like sharing data with logistics partners. GDPR continues to cost businesses, with the law firm DLA Piper reporting that total fines levied under the GDPR are still growing year-on-year. Retailers should be ready for a similar shakeup of their responsibilities with the DSA.
How to prepare
Businesses won’t be able to get ready for the DSA overnight and the EU should give businesses plenty of time to prepare once the proposal has been passed. However, marketplaces can benefit now from auditing how they are assessing third party sellers and protecting shoppers from scams and fraud.
By setting up moderation systems that stop fraudulent sellers from even making it onto their platforms (let alone selling to customers) they can enhance their customer experience, brand reputation, and ultimately drive business growth. Focusing on customer safety increases customer lifetime value; when a website is trusted as a safe shopping destination, customers will return repeatedly.
Merchants need to be aware of the impact of bad actors on their business performance. If a customer is subject to fraud on a marketplace, they are unlikely to use it again – even if it was just a one-off bad seller. Driving trust in the online world is crucial to long term business health so it’s imperative retailers put a set of standards in place for what should and shouldn’t appear on their sites.
What do merchants think about the proposal for the DSA?
We surveyed 200 digital businesses to gather insights into their current understanding of the act. When asked, simply, what the DSA is, 63% of our sample chose the most accurate definition on offer: that the DSA is a wide-ranging, cross-EU set of rules affecting how online intermediary services must respond to illegal content. However, more than a third of respondents believe that the act is focused primarily on either social media or big tech, suggesting that many brands may not yet know they could be impacted by this proposal.
Of our respondents, retailers have the lowest level of confidence that the DSA will go far enough to protect users, with 69% agreeing against an average of 74%. Retailers are also cautious about what kinds of changes the act will require of their business, with just 35% reporting that they are confident that they already have everything they would need to comply in place.
A further worry is that although many retailers are ‘cautiously optimistic’ about complying with the act, only 7% have ‘no concerns’ about it. Their top concerns are the cost to comply (25%), reputational damage from failure to comply (22%), and concerns over the limitations to the services they will be able to provide customers (19%).