Cross-border cooperation among Digital Services Coordinators
Chapter 4|Competent Authorities and National Digital Services Coordinators|đ 30 min read
1. Unless the Commission has initiated an investigation for the same alleged infringement, where a Digital Services Coordinator of destination has reason to suspect that a provider of an intermediary service has infringed this Regulation in a manner negatively affecting the recipients of the service in the Member State of that Digital Services Coordinator, it may request the Digital Services Coordinator of establishment to assess the matter and to take the necessary investigatory and enforcement measures to ensure compliance with this Regulation.
2. Unless the Commission has initiated an investigation for the same alleged infringement, and at the request of at least three Digital Services Coordinators of destination that have reason to suspect that a specific provider of intermediary services infringed this Regulation in a manner negatively affecting recipients of the service in their Member States, the Board may request the Digital Services Coordinator of establishment to assess the matter and take the necessary investigatory and enforcement measures to ensure compliance with this Regulation.
3. A request pursuant to paragraph 1 or 2 shall be duly reasoned, and shall at least indicate:
(a) the point of contact of the provider of the intermediary services concerned as provided for in Article 11;
(b) a description of the relevant facts, the provisions of this Regulation concerned and the reasons why the Digital Services Coordinator that sent the request, or the Board, suspects that the provider infringed this Regulation, including the description of the negative effects of the alleged infringement;
(c) any other information that the Digital Services Coordinator that sent the request, or the Board, considers relevant, including, where appropriate, information gathered on its own initiative or suggestions for specific investigatory or enforcement measures to be taken, including interim measures.
4. The Digital Services Coordinator of establishment shall take utmost account of the request pursuant to paragraphs 1 or 2 of this Article. Where it considers that it has insufficient information to act upon the request and has reasons to consider that the Digital Services Coordinator that sent the request, or the Board, could provide additional information, the Digital Services Coordinator of establishment may either request such information in accordance with Article 57 or, alternatively, may launch a joint investigation pursuant to Article 60(1) involving at least the requesting Digital Services Coordinator. The period laid down in paragraph 5 of this Article shall be suspended until that additional information is provided or until the invitation to participate in the joint investigation is refused.
5. The Digital Services Coordinator of establishment shall, without undue delay and in any event not later than two months following receipt of the request pursuant to paragraph 1 or 2, communicate to the Digital Services Coordinator that sent the request, and the Board, the assessment of the suspected infringement and an explanation of any investigatory or enforcement measures taken or envisaged in relation thereto to ensure compliance with this Regulation.
Understanding This Article
Article 58 elevates Article 57 mutual assistance from voluntary cooperation to structured cross-border enforcement mechanism enabling destination DSCs (Member States where provider's users located but provider not established) to formally request establishment DSC (Member State where provider's main establishment located) initiate or intensify enforcement. While Article 57 establishes general cooperation duties and information exchange, Article 58 creates specific procedural framework for destination DSCs confronting systematic violations affecting their users by providers they cannot directly supervise under Article 56(1) country of origin principle. This provision addresses core tension in digital single market regulation: providers enjoy freedom to provide services EU-wide from single establishment (Article 56 TFEU, e-Commerce Directive principle), but user protection enforcement concentrated in establishment Member State may not adequately address harms in destination Member States where bulk of affected users reside. Article 58 balances: preserving country of origin principle (establishment DSC retains decisional authority, destination DSCs cannot unilaterally enforce), ensuring destination DSCs can escalate concerns requiring establishment DSC substantively engage (not merely noting complaints), enabling Board coordination when multiple destination DSCs raise similar concerns (amplifying enforcement pressure), maintaining Commission supremacy (Article 58 requests available only if Commission hasn't initiated proceedings preserving Commission Article 56 concurrent jurisdiction over VLOPs/VLOSEs).
Single DSC Request Mechanism - Paragraph 1: 'Unless the Commission has initiated an investigation for the same alleged infringement, where a Digital Services Coordinator of destination has reason to suspect that a provider of an intermediary service has infringed this Regulation in a manner negatively affecting the recipients of the service in the Member State of that Digital Services Coordinator, it may request the Digital Services Coordinator of establishment to assess the matter and to take the necessary investigatory and enforcement measures to ensure compliance with this Regulation.' Three components authorize single destination DSC request: (1) Commission pre-emptionâ'Unless the Commission has initiated investigation'âif Commission already investigating same alleged infringement (VLOP/VLOSE context given Commission Article 56 concurrent jurisdiction), Article 58 request mechanism unavailable. Rationale: avoid duplication and jurisdictional conflicts (Commission investigation proceeding, destination DSC request to establishment DSC about same matter creates confusion and wastes resources), respect Commission enforcement primacy when exercised, ensure single proceeding addresses infringement rather than parallel establishment DSC and Commission investigations. (2) Destination DSC suspicion thresholdâ'reason to suspect'ârelatively low evidentiary standard enabling early intervention. Destination DSC need not prove violation occurred but must have reasonable grounds for suspicion based on: user complaints received through Article 53 or directly, media reports or stakeholder intelligence about provider behaviors, destination DSC's own observations or preliminary inquiries, cross-border information suggesting pattern affecting multiple Member States. 'Reason to suspect' lower than 'probable cause' or 'balance of probabilities'âdestination DSC can request establishment DSC investigation based on credible allegations not yet fully evidenced, purpose is triggering establishment DSC's investigative apparatus not demonstrating violation already established. (3) Negative effects in destination Member Stateâinfringement must 'negatively affect recipients in destination Member State'ârequires showing harm to destination jurisdiction's users not merely theoretical violation. Negative effects may include: content moderation failures leaving illegal/harmful content accessible to destination users (hate speech persisting despite Article 16 notices, dangerous products on marketplace despite Article 30 verification failures), fundamental rights violations affecting destination users (privacy breaches, discriminatory algorithmic treatment, expression restrictions), consumer harm from dark patterns or unfair practices (Article 24-25 violations), minor protection deficiencies exposing destination children to inappropriate content/data processing (Article 28 failures). Harm need not be quantified precisely but must be described concretelyâdestination DSC explains which users affected, how violation manifests in their jurisdiction, what DSA obligations appear breached.
Destination DSC 'may request'âdiscretionary not mandatory. Destination DSC exercises judgment deciding whether to invoke Article 58: severity and scope of suspected violations (serious fundamental rights infringement vs. technical transparency reporting deficiency), number of affected users and complaints received, establishment DSC's prior responsiveness to informal Article 57 cooperation (has establishment DSC been receptive to mutual assistance, or does formal Article 58 request necessary to secure attention?), resource costs of preparing detailed Article 58 request vs. alternative responses (direct user education, national law enforcement if applicable, accepting limitation of country of origin principle). Request directed to 'Digital Services Coordinator of establishment'âthe Article 56(1) authority with exclusive jurisdiction to supervise provider.
Board-Mediated Multi-DSC Request - Paragraph 2: 'Unless the Commission has initiated an investigation for the same alleged infringement, and at the request of at least three Digital Services Coordinators of destination that have reason to suspect that a specific provider of intermediary services infringed this Regulation in a manner negatively affecting recipients of the service in their Member States, the Board may request the Digital Services Coordinator of establishment to assess the matter and take the necessary investigatory and enforcement measures to ensure compliance with this Regulation.' Amplified mechanism when multiple destination DSCs share concerns: Numeric thresholdâ'at least three DSCs of destination'âensures Board involvement reflects substantial cross-border impact not isolated national complaint. Three-DSC requirement prevents single Member State's concerns (possibly idiosyncratic priorities) from triggering Board-level escalation, demonstrates pattern affecting multiple jurisdictions suggesting systematic provider non-compliance rather than jurisdiction-specific issue, balances accessibility (three is low enough that meaningful concerns can reach Board) with selectivity (higher threshold like five or seven might exclude legitimate cross-border issues). DSCs requesting Board involvement likely include: large Member States with significant user populations affected (Germany, France, Italy, Spain, Poland), Member States with common legal traditions or enforcement priorities facing similar provider behaviors, geographically or linguistically proximate Member States where provider targets similar markets. Board mediation roleâ'the Board may request'âBoard exercises discretion whether to forward destination DSCs' concerns to establishment DSC as formal request. Board evaluates: credibility and substance of three DSCs' suspicions (do allegations appear meritorious or speculative?), significance of cross-border impact (user numbers affected, severity of alleged harms), consistency with DSA priorities and Board enforcement strategies, establishment DSC's relationship with provider and prior enforcement record (is Board request needed to secure establishment DSC attention?). Board channeling request adds institutional weightâestablishment DSC receives not merely peer DSC request but Board-endorsed concern representing multiple Member States, signals EU-level significance of alleged violations, increases reputational and political pressure on establishment DSC to respond substantively.
Board procedures for paragraph 2 requests likely include: coordination among requesting DSCs to align allegations and evidence (avoiding contradictory descriptions of same violations), Board secretariat review of request for procedural compliance (paragraph 3 content requirements), Board plenary or working group discussion deciding whether to forward request to establishment DSC, notification to Commission (ensuring Commission aware of cross-border enforcement issue possibly warranting Commission own investigation under Article 56 concurrent jurisdiction). Commission pre-emption applies equallyâBoard cannot request establishment DSC investigate if Commission already initiated proceedings for same infringement.
Request Content Requirements - Paragraph 3: Article 58 requests 'shall be duly reasoned, and shall at least indicate' three mandatory elements ensuring establishment DSC has sufficient information to assess and investigate: (a) Provider contact pointâ'the point of contact of the provider...as provided for in Article 11'âidentifies provider subject to request. Article 11 requires all intermediary service providers designate contact point enabling direct communication with authorities and users. Including Article 11 contact point in request ensures: establishment DSC can immediately engage provider about allegations, provider notified of concerns (transparency and procedural fairness), avoids ambiguity about request target if provider operates multiple services or subsidiaries. (b) Factual and legal descriptionâ'description of relevant facts, provisions concerned and reasons for suspicion, including description of negative effects'âcore substantive content. Requesting DSC (or Board) must provide: relevant factsâconcrete evidence supporting suspicion (user complaint summaries, content examples, platform policy documents, media reporting, statistical patterns), DSA provisions concernedâidentification of which articles allegedly violated (Article 16 notice-and-action, Article 24 dark patterns, Article 28 minor protection, Article 35 VLOP risk mitigation, etc.), reasons for suspicionâexplanation connecting facts to legal violations (why does evidence suggest DSA breach?), negative effectsâdescription of harm to destination Member State users (how many users affected, what types of harm experienced, impact on fundamental rights or safety). Requirement ensures request is substantive not merely conclusoryâestablishment DSC receives actionable intelligence not bare assertion 'provider violates DSA,' enabling informed assessment whether investigation warranted. (c) Additional information and suggestionsâ'any other information...considered relevant, including...information gathered on own initiative or suggestions for specific measures'âdiscretionary supplementary content. May include: investigative leads (specific witnesses, documents, technical systems to examine), suggested enforcement measures (interim measures to prevent ongoing harm, commitments provider could offer, sanctions appropriate if violations confirmed), cross-border coordination proposals (joint investigation, parallel proceedings, information sharing), legal or technical analysis (expert opinions, comparative law context, technical reports about algorithms or systems). This element transforms request from complaint to collaborative enforcement proposalâdestination DSC contributes expertise and evidence assisting establishment DSC investigation.
'Duly reasoned' requirement imposes quality standardârequests must demonstrate careful analysis not reflexive forwarding of user complaints. Establishment DSC entitled to refuse or deprioritize insufficiently reasoned requests, though paragraph 4 requires 'utmost account' of even imperfect requests.
Establishment DSC Response Obligations - Paragraph 4: 'The Digital Services Coordinator of establishment shall take utmost account of the request pursuant to paragraphs 1 or 2'âmandatory substantive engagement duty. 'Utmost account' means: establishment DSC must seriously consider request not perfunctorily dismiss, evaluate merits of suspicions and evidence provided, explain assessment and decision in paragraph 5 response, prioritize investigation if request credible and harm substantial. However, 'utmost account' doesn't mean automatic complianceâestablishment DSC retains discretion whether to investigate and how, applying own enforcement priorities and legal judgments, but must demonstrate reasoned consideration not arbitrary disregard. If insufficient informationâ'Where it considers that it has insufficient information to act upon the request and has reasons to consider that the DSC that sent the request, or the Board, could provide additional information'âestablishment DSC has two options rather than rejecting request: (1) Request additional information via Article 57 mutual assistanceâestablishment DSC asks destination DSC (or Board) provide further evidence, clarify allegations, conduct additional preliminary inquiries in destination jurisdiction providing results. Article 57 framework governs compliance with information request (two-month deadline, refusal grounds, cooperation duties). (2) Launch joint investigation under Article 60(1)âestablishment DSC invites requesting destination DSC(s) to participate in formal joint investigation examining alleged violations collaboratively. Joint investigation enables: pooling investigative resources and expertise (establishment DSC leads but benefits from destination DSC's user proximity and intelligence), greater legitimacy (multi-DSC cooperation demonstrates cross-border significance), comprehensive evidence gathering (destination DSCs can exercise Article 51 powers in their jurisdictions supporting joint proceeding). Destination DSC may refuse joint investigation invitation (resource constraints, prefer establishment DSC lead independently, legal or political obstacles), but refusal doesn't relieve establishment DSC of paragraph 4 'utmost account' dutyâestablishment DSC must still assess request and respond per paragraph 5 even if joint investigation declined. Timeline suspensionâ'period laid down in paragraph 5 shall be suspended until additional information provided or invitation refused'ârequesting information or proposing joint investigation pauses two-month response deadline (paragraph 5). Suspension prevents establishment DSC from running out clock requesting information indefinitely but requires eventual response once information provided or collaboration refused.
Establishment DSC Response Deadline and Content - Paragraph 5: 'The Digital Services Coordinator of establishment shall, without undue delay and in any event not later than two months following receipt of the request pursuant to paragraph 1 or 2, communicate to the DSC that sent the request, and the Board, the assessment of the suspected infringement and an explanation of any investigatory or enforcement measures taken or envisaged'âstructured accountability mechanism. Response recipientsârequesting DSC(s) and Boardâtransparency enabling oversight of establishment DSC responsiveness. Timingâ'without undue delay and in any event not later than two months'âfirm deadline preventing establishment DSC from indefinitely deferring response (contrasts with Article 57 mutual assistance where requested DSC may refuse on grounds including resource constraints). Two months runs from request receipt unless paragraph 4 suspension applies. Response content requirements: (1) Assessment of suspected infringementâestablishment DSC must evaluate whether suspicions appear credible (do allegations and evidence suggest potential DSA violations?), explain legal and factual analysis supporting assessment, address destination DSC's specific concerns and evidence. Assessment may conclude: suspicions credible, investigation warranted; suspicions have some merit but insufficient priority given other enforcement demands; suspicions appear unfounded based on establishment DSC's knowledge of provider or legal interpretation; need more information per paragraph 4 (triggering suspension). (2) Explanation of investigatory or enforcement measures taken or envisagedâestablishment DSC must describe action: measures already taken (investigation opened, information requested from provider under Article 51(1), interim measures imposed, enforcement decision issued), measures envisaged (planned investigation timeline, intended evidence gathering, contemplated sanctions or remedies if violations confirmed), reasons for non-action if applicable (suspicions assessed as unfounded, insufficient evidence, provider already addressing issues voluntarily, enforcement resources prioritized elsewhere). Explanation provides accountabilityâdestination DSC and Board can evaluate whether establishment DSC response adequate or whether escalation (Article 59 Commission referral) necessary.
Inadequate response consequences: paragraph 5 doesn't specify sanctions for non-compliance but several pressures apply: reputational costs within Board (establishment DSC's non-responsiveness noted by peer DSCs, potentially affecting future cooperation and establishment DSC's Board influence), Article 59 escalation (destination DSC can refer matter to Commission if establishment DSC non-responsive, potentially triggering Commission own investigation or Article 50 assessment whether establishment DSC adequately resourced/independent), Commission infringement proceedings (systematic failure to respond to Article 58 requests may constitute Member State DSA implementation deficiency actionable under Article 258 TFEU), political and public accountability (destination DSC may publicize establishment DSC's non-responsiveness in Article 55 annual reports or other communications pressuring action).
Key Points
Destination DSC can request establishment DSC investigate violations affecting its users
Board can request on behalf of at least three destination DSCs
Commission investigation for same infringement pre-empts Article 58 requests
Requests must be duly reasoned with provider contact, facts, legal provisions, and negative effects
Establishment DSC must take 'utmost account' of requests
Establishment DSC can request additional information via Article 57
Establishment DSC can propose joint investigation under Article 60
Response deadline suspended if requesting information or proposing joint investigation
Establishment DSC must respond within two months with assessment and enforcement explanation
Response must go to requesting DSC(s) and Board
Assessment must address suspected infringement credibility
Explanation must describe investigatory or enforcement measures taken or envisaged
Enables destination DSCs overcome country of origin jurisdictional limits
Board mediation amplifies multi-DSC concerns to establishment DSC
Inadequate responses can trigger Article 59 Commission referral
Practical Application
Single Destination DSC Request - German Request to Ireland Regarding Meta: German BNetzA receives extensive user complaints about Facebook's recommender algorithm allegedly violating Article 27 transparency requirements and Article 35 VLOP risk mitigation obligationsâusers report algorithm opaquely promoting controversial political content, insufficient information provided about recommendation parameters, patterns suggesting amplification of divisive material inconsistent with Article 35 civic discourse risk mitigation. (1) BNetzA preliminary assessment: analyzes 1,200+ user complaints documenting algorithm behaviors, commissions technical expert study of Facebook's recommendation patterns in Germany, determines reasonable grounds to suspect Article 27 and 35 violations with substantial negative effects on German users (algorithm opacity impedes informed choices, potential civic discourse harm from divisive content amplification). (2) BNetzA invokes Article 58(1) request to Irish DSC (CoimisiĂșn na MeĂĄn): prepares formal request meeting paragraph 3 requirementsâMeta's Article 11 contact point, detailed description of complaints and expert findings, identification of Articles 27 and 35 as provisions concerned, explanation of negative effects on German users (millions affected, fundamental rights implications for expression and information access), suggestion that Irish DSC investigate Facebook's recommendation algorithm transparency and Article 35 mitigation adequacy, offers German technical expertise and evidence for Irish investigation. (3) Irish DSC response within Article 58(5) two-month deadline: acknowledges serious concerns raised by BNetzA, assesses German evidence as credible suggesting potential violations, initiates formal investigation examining Meta's Article 27 compliance (whether recommendation system information provided to users suffices) and Article 35 risk mitigation (whether civic discourse risks adequately addressed in risk assessment and mitigation measures). Irish DSC invokes Article 51 powers: requests Meta provide algorithm documentation, recommendation parameter descriptions, Article 35 risk assessment materials, civic discourse mitigation strategies; conducts interviews with Meta personnel; accesses Article 42 researcher data for algorithm analysis. (4) Investigation coordination: Irish DSC invites BNetzA continue providing intelligence via Article 57 mutual assistance (German user feedback, technical expert analyses, comparative assessment of recommendation transparency practices). BNetzA supports Irish investigation with ongoing evidence without formal joint investigation (paragraph 4 cooperation alternative). (5) Irish DSC enforcement decision: finds Article 27 violations (recommendation information insufficiently clear and accessible, users unable to understand why specific content promoted), Article 35 deficiencies (civic discourse risk mitigation inadequate, algorithm amplification patterns inconsistent with stated mitigation strategies). Imposes: âŹ120M fine for Article 27 and 35 violations (reflecting EU-wide impact including substantial German user harm), compliance order requiring enhanced recommendation transparency (user-accessible explanations of why content recommended, clear information about parameters influencing recommendations), revised Article 35 civic discourse mitigation (algorithm adjustments reducing divisive content amplification, improved risk assessment methodologies, regular external audits). (6) Outcome: German users benefit from enforcement they could not pursue directly (Meta established in Ireland, German DSC lacked jurisdiction), Article 58 mechanism channeled German enforcement intelligence to competent authority, Irish DSC leveraged German evidence conducting more comprehensive investigation than Irish complaints alone would support, EU-wide remedy addresses cross-border issue (algorithm changes apply to all EU users not just German). German BNetzA reports successful Article 58 cooperation in annual Article 55 report demonstrating cross-border enforcement effectiveness.
Demonstrates Article 58(1) single DSC request: destination DSC with significant user population affected by violation but lacking jurisdiction uses formal request mechanism to activate establishment DSC enforcement, substantive evidence and expert analysis supporting request increase credibility and establishment DSC responsiveness, cross-border cooperation achieves user protection outcome preserving country of origin jurisdiction while ensuring accountability.
Board-Mediated Multi-DSC Request - E-Commerce Marketplace Fraud: Luxembourg-established e-commerce marketplace faces Article 30 trader verification complaints from five Member States (France, Spain, Italy, Belgium, Netherlands)âfraudulent sellers exploiting verification gaps, fake business registrations, consumer fraud patterns affecting users across multiple jurisdictions. Each destination DSC receives hundreds of complaints but Luxembourg DSC (establishment authority) appears to deprioritize enforcement despite magnitude of cross-border fraud. (1) French, Spanish, and Italian DSCs coordinate: identify common Article 30 violation patterns (marketplace systematically failing best efforts verification, database cross-checks not performed, Article 30(4) information display deficient), document negative effects in their jurisdictions (French users: âŹ2.4M fraud losses, 340 complaints; Spanish users: âŹ1.8M, 280 complaints; Italian users: âŹ1.6M, 240 complaints), decide to invoke Article 58(2) Board-mediated request given Luxembourg DSC's limited prior responsiveness to informal Article 57 cooperation. (2) Three DSCs jointly request Board forward Article 58(2) request to Luxembourg DSC: prepare coordinated submission meeting paragraph 3 requirementsâmarketplace's Article 11 contact point, comprehensive description combining evidence from all three jurisdictions (complaint documentation, fraud examples, verification gap analysis), Article 30 provisions identified with cross-border negative effects detailed, suggestions for investigation (on-site inspection of Luxembourg headquarters, trader verification system audit, coordination with national business registries) and enforcement (enhanced verification requirements, compliance monitoring, sanctions). Belgian and Dutch DSCs join supporting request providing additional evidence from their jurisdictions (elevating to five-DSC concern though only three needed for paragraph 2 threshold). (3) Board evaluation: Board working group reviews five-DSC request, assesses credibility (extensive evidence, clear Article 30 deficiencies, substantial cross-border harm), notes Luxembourg DSC's prior limited engagement suggesting Board mediation warranted, Commission consulted confirming no Commission investigation initiated for same infringement (marketplace not VLOP so Commission Article 56 jurisdiction not engaged). Board plenary decides to forward request to Luxembourg DSC as Article 58(2) Board request (amplifying institutional weight beyond individual DSC requests). (4) Luxembourg DSC response to Board request: recognizes Board-endorsed multi-DSC concern requires serious engagement (reputational implications of dismissing Board request), initiates comprehensive Article 30 investigation within paragraph 5 two-month response timeline. Luxembourg DSC invokes paragraph 4 joint investigation option: invites five requesting/supporting DSCs participate in Article 60(1) joint investigation (recognizing cross-border fraud investigation benefits from multi-DSC collaboration, demonstrates Luxembourg commitment to thorough enforcement). France, Spain, Italy accept joint investigation; Belgium and Netherlands provide support through Article 57 mutual assistance but decline formal joint participation due to resource constraints. (5) Joint investigation: Luxembourg DSC leads with French, Spanish, Italian DSC participationâcoordinates evidence gathering across four jurisdictions, conducts on-site inspection at Luxembourg headquarters with joint DSC team, requires marketplace provide verification documentation and compliance records, interviews fraud victims in participating Member States, engages national consumer protection and business registry authorities. Joint investigation finds systematic Article 30 violations: verification relies on automated checks without manual review, database cross-checks against national registries not implemented, fraudulent documents regularly accepted, Article 30(4) display requirements inconsistently met. (6) Luxembourg DSC enforcement decision informed by joint investigation: âŹ75M fine for systematic cross-border Article 30 violations (magnitude reflects EU-wide impact demonstrated by five-DSC evidence), compliance order requiring: enhanced verification with manual review component, integration with Member State business registry databases, prominent Article 30(4) information display, quarterly compliance reporting to Luxembourg DSC with copies to joint investigation participants and Board. Decision coordinated with joint investigation DSCs ensuring remedies address concerns raised across jurisdictions. (7) Post-decision monitoring: Luxembourg DSC supervises implementation with ongoing input from joint investigation participants, marketplace's trader verification improvements monitored by destination DSCs in their markets, Board reviews case as model for multi-DSC Article 58(2) cooperation and joint investigation effectiveness. Users across five (and ultimately more) Member States benefit from coordinated enforcement overcoming establishment DSC's prior inattention.
Shows Article 58(2) Board-mediated request: multiple destination DSCs facing common violations but establishment DSC non-responsive use Board escalation, Board institutional weight pressures establishment DSC substantive engagement, joint investigation emerges from Article 58 request enabling comprehensive cross-border enforcement, Board coordination transforms isolated national complaints into effective EU-wide accountability mechanism.
Establishment DSC Requesting Additional Information - Swedish Request About Dutch Platform: Swedish DSC suspects Dutch-established social media platform violates Article 28 minor protection requirements based on complaints from Swedish parentsâage verification inadequate, inappropriate content accessible to minors, default settings not highest privacy level for minor accounts. (1) Swedish DSC Article 58(1) request to Dutch DSC: provides paragraph 3 required informationâplatform's Article 11 contact, description of Swedish complaints (30+ detailed parent reports about minor exposure to inappropriate content, age verification circumvention techniques), Article 28 provisions concerned, negative effects on Swedish minors. However, request lacks certain details: technical specifications of platform's age verification system (Swedish DSC couldn't access proprietary technical documentation), evidence of systematic violations beyond Swedish users (unknown whether issue isolated to Sweden or EU-wide pattern), platform's internal minor protection compliance assessments. (2) Dutch DSC preliminary review per paragraph 4: assesses Swedish concerns as potentially credible (Article 28 violations would be serious given minor safety), but determines insufficient information to decide whether investigation warrantedâneed technical understanding of platform's age verification to assess Article 28 'appropriate measures' compliance, uncertain whether Swedish user complaints reflect systematic failure or isolated incidents, unknown what evidence platform would provide if investigation opened. Dutch DSC considers paragraph 4 options: could request additional information from Swedish DSC (but Swedish DSC likely lacks technical access to Dutch-established platform's systems), alternative joint investigation would enable Dutch-Swedish collaboration but may be premature without clearer evidence. (3) Dutch DSC invokes Article 57 mutual assistance combined with Article 58 response timeline suspension: requests platform provide preliminary information about Article 28 compliance under Article 51(1)(a) (age verification system description, minor protection policies, usage statistics for underage accounts), simultaneously notifies Swedish DSC that paragraph 5 response suspended per paragraph 4 pending information gathering, invites Swedish DSC provide any additional complaints or evidence that emerge during Dutch preliminary inquiry. (4) Platform response to Dutch information request: provides age verification documentation (relying primarily on user self-declaration with some device-based signals), minor protection policy materials, acknowledges challenges with age verification circumvention but claims compliance with Article 28 'appropriate measures' standard. (5) Dutch DSC supplemented assessment: having reviewed platform information and additional Swedish intelligence, determines Article 28 investigation warrantedâage verification heavily reliant on self-declaration appears inadequate under Article 28(1), default settings review needed to verify highest privacy level for minors per Article 28(2), cross-border pattern suspected (Swedish complaints may reflect broader EU issue). Dutch DSC provides paragraph 5 response to Swedish DSC within reasonable time after information gathering: assesses Article 28 violation suspicions as credible based on enhanced information, initiates formal investigation examining age verification adequacy and minor account default settings, explains investigative measures planned (further information requests, possible on-site inspection, expert technical analysis of age verification), invites Swedish DSC continue providing intelligence via Article 57 as investigation proceeds. (6) Investigation outcome: Dutch DSC finds Article 28 violationsâage verification insufficient (self-declaration too easily circumvented, Article 28(1) requires more robust appropriate measures given service risks), default settings not highest privacy level (minor accounts default to public not private, inappropriate content recommendations not filtered adequately). Imposes: âŹ18M fine, compliance order requiring enhanced age verification (multi-factor approach beyond self-declaration, device signals and behavioral analysis), default highest privacy settings for all minor-age accounts, quarterly minor protection audits. Swedish minors benefit alongside all EU underage users. (7) Swedish DSC reports successful Article 58 cooperation in annual reporting: demonstrates cross-border enforcement achieving Swedish user protection despite jurisdictional limits, validates Article 58 mechanism even where initial request information incomplete (paragraph 4 framework enabled Dutch DSC gather necessary evidence rather than rejecting request), highlights value of destination DSC's user proximity generating enforcement intelligence for establishment DSC.
Illustrates Article 58 paragraph 4 information request process: establishment DSC faces request with insufficient evidence but credible concerns, rather than dismissing uses paragraph 4 authority to gather additional information suspending response deadline, platform required to provide preliminary information enabling establishment DSC informed assessment, ultimate investigation and enforcement vindicates destination DSC concerns and user protection objectives.
Commission Pre-emption Blocking Article 58 Request: Multiple destination DSCs (Germany, France, Poland, Spain) observe TikTok (VLOP with Irish establishment) potential Article 35 risk mitigation violationsâalgorithm appears to amplify election disinformation despite civic discourse risk mitigation obligations, concerns intensify during national election periods in respective Member States. (1) Destination DSCs coordinate potential Article 58(2) Board request: would meet threshold (four DSCs, credible Article 35 concerns, substantial negative effects on civic discourse), prepare evidence documenting algorithm amplification patterns, disinformation spread, inadequate mitigation. (2) Before Board request finalized, Commission initiates Article 66 investigation of TikTok's Article 35 compliance: Commission's own intelligence (Article 40 audits, Article 42 transparency data, destination DSC informal intelligence) suggests Article 35 risk mitigation deficiencies, Commission exercises Article 56(2)-(3) powers (Section 5 includes Article 35, Commission has exclusive jurisdiction; even if argued Article 35 non-Section 5, Commission has concurrent authority), formal investigation opened examining TikTok's civic discourse risk assessment and mitigation adequacy. (3) Article 58 requests now precluded: paragraph 1 and 2 both conditioned on 'Unless the Commission has initiated an investigation for the same alleged infringement'âCommission's Article 35 investigation covers same subject matter as destination DSCs' concerns (TikTok algorithm amplification and disinformation risks), destination DSCs cannot proceed with Board Article 58(2) request because Commission already investigating. (4) Destination DSCs adapt strategy: cannot formally invoke Article 58, but provide intelligence to Commission investigation via Article 57 mutual assistance (Commission may request destination DSC information about TikTok in their markets), participate in Board discussions where Commission shares investigation updates (Board coordination function), communicate with Irish DSC about non-Section 5 TikTok compliance matters Irish DSC may supervise under Article 56(4) concurrent jurisdiction (Article 16 notice-and-action, Article 27 recommendation transparency separate from Commission's Article 35 focus). (5) Commission investigation outcome: Commission finds Article 35 violationsâTikTok's civic discourse risk assessment understated disinformation amplification risks, mitigation measures inadequate (algorithm changes insufficient, content moderation resources allocated to civic discourse too limited, transparency about political content insufficient). Commission imposes Article 74 periodic penalty payment (âŹ1.2M daily requiring revised risk assessment and enhanced mitigation within 90 days), initiates Article 52 fine procedure for original violations. Destination DSC users benefit from Commission enforcement addressing concerns they initially identified. (6) Lessons: Article 58 Commission pre-emption protects Commission enforcement supremacyâprevents destination DSC requests interfering with Commission VLOP investigations, ensures single authoritative proceeding rather than duplicative establishment DSC and Commission investigations, destination DSCs contribute to outcome through Commission cooperation channels even though formal Article 58 request unavailable.
Demonstrates paragraph 1-2 Commission pre-emption: Commission investigation of same alleged infringement blocks Article 58 requests, destination DSCs support Commission investigation through alternative cooperation (Article 57, Board), Commission's VLOP/VLOSE jurisdiction often means Article 58 more relevant for non-VLOP cross-border issues where Commission not engaged.
Establishment DSC Inadequate Response Triggering Article 59 Escalation: Irish DSC receives Article 58(1) request from German BNetzA about Apple App Store (Irish establishment) alleged Article 31 online platform marketplace violationsâconcerns about trader verification, compliance-by-design requirements, information provision to consumers. (1) German BNetzA request details: extensive evidence from German users and developers, Article 31 specific provisions allegedly violated, negative effects on German app users and developers, suggestions for investigation approaches. (2) Irish DSC paragraph 5 response within two months: brief assessment dismissing concernsâstates Apple App Store verification already robust, compliance-by-design adequate, German complaints appear isolated user misunderstandings not systematic violations, no investigation warranted given Irish DSC's ongoing supervisory relationship with Apple showing general compliance, enforcement resources prioritized elsewhere. Response lacks substantive engagement with German evidence: doesn't address specific complaints or technical analyses BNetzA provided, offers conclusory assertions rather than reasoned analysis, no explanation of investigative measures considered and rejected. (3) German BNetzA dissatisfied with Irish response: assesses Irish DSC failed to 'take utmost account' per paragraph 4 (dismissive response suggests perfunctory review not serious consideration), suspects Irish DSC's close relationship with Apple (major Irish employer, significant tax revenue contributor) may influence regulatory reluctance, determines Article 59 Commission referral appropriate given inadequate Irish engagement. (4) BNetzA invokes Article 59: refers matter to Commission explaining Article 58 request and inadequate Irish response, requests Commission assess whether Irish DSC response satisfies Article 58 obligations and whether Commission should investigate Apple App Store Article 31 compliance directly under Article 56(3)-(4) concurrent jurisdiction (if Apple App Store VLOP-designated) or review Irish DSC's Article 50 compliance (adequate independence and resources?). (5) Commission Article 59 review (discussed in Article 59 analysis): Commission evaluates Irish response adequacy, may investigate Apple directly, may assess Irish DSC's structural independence and capacity, may facilitate Board-mediated coordination improving Irish-German cooperation. Outcome depends on Commission's assessment of Irish DSC's response reasonableness and Apple's actual compliance. German users and developers potentially benefit from Commission intervention where Article 58 mechanism alone insufficient to secure establishment DSC accountability.
Shows Article 58 limitations and escalation to Article 59: establishment DSC inadequate response frustrates Article 58 cross-border cooperation objectives, destination DSC referral to Commission creates accountability mechanism when establishment DSC non-responsive, Commission can investigate provider directly or assess establishment DSC's Article 50 compliance, Article 58-59 sequence provides graduated enforcement pressure from peer DSC request to Board mediation to Commission intervention.
For Destination DSCs - Effectively Using Article 58: (1) Build evidence before requesting: Article 58 requests more likely to secure establishment DSC attention if substantiveâcollect and analyze user complaints systematically, conduct preliminary investigations within destination jurisdiction (expert consultations, stakeholder engagement, technical analyses where feasible), document negative effects concretely (user harm quantification, fundamental rights impacts, economic losses). (2) Exhaust informal cooperation first: Try Article 57 mutual assistance before escalating to Article 58 formal requestâinformal intelligence sharing may prompt establishment DSC action without procedural formality, builds bilateral relationship improving future cooperation, reserves Article 58 for cases where informal engagement proves insufficient. (3) Craft comprehensive paragraph 3 submissions: Meet minimal requirements generouslyâdetailed factual descriptions with supporting documentation, precise DSA provision citations with legal analysis, concrete negative effects descriptions quantified where possible, helpful suggestions demonstrating constructive engagement not mere criticism. High-quality requests increase establishment DSC responsiveness and Board support if paragraph 2 escalation needed. (4) Consider multi-DSC coordination: If violations appear cross-border, coordinate with peer destination DSCs before requestingâaggregated concerns from multiple jurisdictions demonstrate systematic issues increasing establishment DSC prioritization, enables Article 58(2) Board request if needed amplifying institutional weight, shares evidence gathering costs and expertise across DSCs. (5) Engage Board strategically: Use Board as coordination forum discussing potential Article 58 requests, informal Board soundings may reveal whether other DSCs share concerns supporting multi-DSC approach, Board secretariat can advise on request quality and likelihood of success, Board mediation (paragraph 2) valuable when establishment DSC relationship strained or responsiveness questionable. (6) Monitor Commission jurisdiction: Check whether provider is VLOP/VLOSE and whether Commission investigating before investing resources in Article 58 requestâCommission pre-emption blocks Article 58 rendering request futile, if Commission investigation likely, contribute intelligence through Commission channels rather than establishment DSC request. (7) Prepare for escalation: If establishment DSC response inadequate, be ready to invoke Article 59 Commission referralâdocument establishment DSC's response deficiencies, articulate why Commission intervention needed, request specific Commission actions (direct investigation, Article 50 review, Board coordination facilitation).
For Establishment DSCs - Managing Article 58 Requests: (1) Take requests seriously per paragraph 4: 'Utmost account' obligation requires substantive engagementâallocate resources to evaluate requests thoroughly, consult internally and with provider about allegations, provide reasoned paragraph 5 responses demonstrating analysis not dismissal. (2) Recognize destination DSC value: Destination DSCs provide enforcement intelligence establishment DSC may lackâuser proximity generates complaint patterns and evidence, local expertise about how violations manifest in specific markets, political and media attention in destination jurisdictions revealing enforcement priorities. Smart establishment DSCs leverage destination DSC intelligence improving own supervision. (3) Use paragraph 4 tools: If request incomplete, invoke paragraph 4 optionsârequest additional information via Article 57 ensuring evidence adequate for investigation decision, propose joint investigation building multi-DSC collaboration and sharing resource burdens, suspend paragraph 5 deadline appropriately while gathering information but respond promptly once sufficient intelligence obtained. (4) Communicate proactively: Provide transparent paragraph 5 responses explaining assessment and actionsâif investigating, describe timeline and approach inviting destination DSC ongoing cooperation, if not investigating, explain reasons substantively addressing destination DSC's evidence and concerns, if deprioritizing, acknowledge validity but articulate competing enforcement demands and resource constraints. Transparency reduces destination DSC frustration and Article 59 escalation risk. (5) Coordinate with Board and Commission: Keep Board informed about Article 58 request handling especially for significant cross-border issues, consult Commission about VLOP/VLOSE matters ensuring alignment with Commission priorities and avoiding jurisdictional conflicts, participate in Board discussions about Article 58 precedents and best practices. (6) Monitor Article 59 escalation risk: If destination DSC dissatisfied with response, anticipate potential Commission referralâensure paragraph 5 response defensible to Commission scrutiny, consider whether investigation ultimately warranted even if initially deprioritized (Article 59 referral signals serious destination DSC concerns), engage destination DSC bilaterally resolving issues before Commission involvement necessary. (7) Balance sovereignty and cooperation: Establishment DSC retains Article 56 jurisdictional authorityânot obligated to investigate merely because destination DSC requests, but cooperation spirit and DSA effectiveness require genuine engagement, arbitrary dismissal of destination DSC concerns undermines DSA enforcement architecture and invites Commission intervention.