Act no. 5099/2024: Supplementary Measures for the Implementation of the Digital Services Act

Act no. 5099/2024, which supplements the implementation of the Digital Services Act in the Greek legal order, designates the supervisory authorities for the implementation of the provisions of the Act by providers of intermediary services and lays down the relevant sanctions in case of violations.

On 5 April 2024, Act no. 5099/2024 “Measures for the implementation of Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on the Single Market for Digital Services and amending Directive 2000/31/EC and other provisions” has entered into force.

The new Law supplements the implementation of Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market for Digital Services and amending Directive 2000/31/EC (Digital Services Act). The Digital Services Act, which came into effect on  17 January 2024, regulates intermediary services within the internal market.

The Act provides rules on the responsibility of providers of intermediary services for the content they host, as well as the due diligence obligations they should comply with.

The object of the Act no. 5099/2024 is:

• The appointment of the Digital Services Coordinator and other supervisory authorities.

• The provision of the minimum content for orders by competent authorities against illegal content.

• The provision of administrative sanctions by competent authorities and the judicial remedies against their decisions.

• The establishment and operation of a register of intermediary service providers established in Greece.

1. Scope

The provisions of Law 5099/2024 regulate the domestic market of information society intermediary services.

According to the definitions of the Act, providers of intermediary services are, inter alia, internet hosting providers, online content hosting providers, social media providers, search engine providers, digital platform providers and marketplace providers.

2. Digital Services Coordinator

Under the Act, the National Telecommunications and Post Commission (EETT) is appointed as the Digital Services Coordinator in Greece. As Coordinator, EETT is responsible for supervising and implementing the Act in the Greek market of intermediary service providers, with the powers outlined in articles 51-52 thereof. Indicatively, EETT's responsibilities include:

• Requesting information from providers of intermediary services and any third party.

• Conducting inspections at facilities and collecting data on investigated violations.

• Ordering the cessation of violations of the Act and imposing commitments and corrective measures to ensure compliance.

• Adopting interim measures and imposing administrative penalties.

• Serving as the central point for complaints against providers of intermediary services. EETT also participates with voting

•  rights in the European Digital Services Council, which coordinates the competent authorities of the Act at the EU level.

Finally, EETT collects an annual supervisory fee from providers of intermediary services to cover the costs of fulfilling its duties.

3. Competent Independent Authorities

In addition to EETT, other Authorities undertake more specific responsibilities for implementing the Act:

• The National Council for Radio and Television (NCRT) oversees and enforces the obligations of digital platform providers, ensuring that information presented as advertising is clearly marked, indicating the natural or legal person on whose behalf the advertisement is presented and who paid for it. It also ensures a high level of privacy, security, and protection of minors on these platforms.

• The Hellenic Data Protection Authority (HDPA) supervises digital platform providers, ensuring that recipients can easily access important information about the main parameters used to target them with advertisements. It also ensures that these providers do not target recipients based on profiling with sensitive personal data and that digital platforms accessible to minors take appropriate measures to prevent such targeted advertising.

These Authorities may participate in the European Digital Services Board without voting rights. In addition, the Digital Services Coordinator and competent authorities shall cooperate closely, exchanging information, assisting each other, and providing opinions on cases.

4. Competent Public Authorities

Other public authorities exercising powers under the Act include:

• The Cybercrime Prosecution Directorate of the Hellenic Police, responsible for law enforcement regarding the reporting of suspected criminal offenses.

• Judicial and public authorities in general, with the competence to issue orders for action against illegal content to providers of intermediary services. These orders must meet the criteria set out in the Act; otherwise, they are considered non-existent and are disregarded.

• Other Public Authorities, including the Ministry of Development, cooperate with the Digital Services Coordinator to promote the objectives of the Act and relevant law. They may conclude cooperation agreements and provide assistance and information as requested by the Digital Services Coordinator.

5. Administrative Sanctions and Redress

In case of non-compliance with the Act, the Digital Services Coordinator shall invite the provider of intermediary services to a preliminary hearing. After this hearing, the Coordinator may take the administrative measures provided for in the Act and impose fines of up to 6% of the annual worldwide turnover and periodic penalty payments of up to 5% of the average daily worldwide turnover. For violations within their scope of competence, the ΗDPA and the NCRT have the same powers to take administrative measures and impose sanctions.

The decisions of the Digital Services Coordinator or the competent authorities imposing sanctions may be appealed before the Athens Administrative Court of Appeal. The decisions of the Athens Administrative Court of Appeal may also be appealed to the Council of State.

An application for annulment may be brought before the Council of State against other individual administrative acts issued by the Digital Services Coordinator or the competent authorities.

6. Register of providers of intermediary services

Within six months of the Act's entry into force, an electronic Register of Intermediary Service Providers will be established and maintained. Within three months of the law taking effect, intermediary service providers that are either headquartered in Greece or have a legal representative residing or based in Greece must register.

This requirement applies to those providers that do not have an establishment within the European Union but offer services to the European Union market. The register will include the contact details of the designated contact points.

Providers are required to immediately inform the register of any changes in their data, and at the latest, within ten days from the date that such change becomes applicable.

7. Conclusion

With the implementation of the Digital Services Act and the Greek Act no. 5099/2024, intermediary services become regulated services, in the sense that they are now subject to a specific legislative framework overseen by public authorities. Such authorities are empowered with ensuring compliance and imposing sanctions for violations.

According to this regulatory framework, providers of intermediary services must:

• Submit their data in the relevant EETT register.

• Establish internal procedures for managing hosted content.

• Comply with public authority orders to take action regarding hosted content.

• Adhere to the due diligence measures of the Act, if applicable.

To define its role as the Digital Services Coordinator, EETT is expected to issue regulatory administrative acts to further regulate the domestic market for intermediary services.

Considering EETT's central role in supervising intermediary services, it is also deemed appropriate for EETT to oversee the implementation of Regulation (EU) 2019/1150 on promoting fairness and transparency for business users of online intermediation services ("P2B Regulation"). This responsibility aligns with the provisions of the Greek supplementary Law 4753/2020, which are currently managed by DIMEA.

The Act no. 5099/2024 is available here.