03 Fev Judicial Control of the Application of Undetermined Concepts by the European Public Administration: the Case of Systemic Risk in the Digital Services Act
Undetermined legal concepts embody vague ideas which are not further detailed in the law, thereby granting considerable flexibility in their application. When used to frame the conditions of administrative action, they raise particular concerns regarding arbitrary or unrestricted administrative decisions as possible outcomes, which make the judicial control of their application both essential and challenging.
Systemic risk as an undetermined concept within the DSA’s framework and the conflict with the principle of legality
The notion of systemic risk in the Digital Services Act (Regulation (EU) 2022/2065)[1] is a particular example of an undetermined concept that embodies an idea too complex or too broad to be clearly defined in the law. In the context of the DSA’s due diligence obligations addressed to Very Large Online Platforms (VLOPs) and Very Large Online Search Engines (VLOSEs), systemic risk emerges as a key concept to regulate the propagation of illegal content and other negative effects stemming from their services.[2]
These obligations, which consist of assessing and mitigating systemic risks, raise numerous questions regarding the uncertainty around their application and enforcement, for which the Commission alone is responsible. In particular, due to the lack of guidance on systemic risk-related procedures, enforcement can potentially threaten the rights of those subject to the obligations, and the effectiveness of the Regulation itself.
Despite undetermined concepts existing beyond administrative legislation, it is within this field that they become problematic. When undetermined concepts are employed in norms attributing powers to the administration, their vagueness compromises the ability to ensure the administration’s compliance with the legal provision, which lies at the heart of the principle of legality.
However, the traditional view of legality in this regard has been based on the preponderance given to national parliamentary law, propelled by its inherent democratic legitimation. Given that the EU’s law-making procedures and institutional dynamics are not equivalent to those of a national state, and due to the existence of other forms of public participation, the written law cannot be the only element to consider when applying undetermined concepts.
Rather, a suitable understanding of the application of undetermined concepts, which inevitably is also a suitable understanding of administrative discretion, should be guided by the principle of good administration and more particularly by the duty of care, as well as by the integration of other entities in the administrative enforcement process. In the DSA, that is attained by auditors,[3] researchers,[4] and civil society engagement,[5] whose inputs mitigate discretion and legitimise the process.
The CJEU and the control of administrative decisions applying undetermined concepts
The Court of Justice of the European Union’s (CJEU) jurisdiction to control administrative decisions consists of a legality review under article 263 TFEU, which excludes a review on the merits. However, the intensity of the review exercised by the EU Courts is not straightforward, since the Treaties do not provide for a fixed standard of review.
While in early case-law the review was limited to assess manifest errors and misuse of powers,[6] the Court’s approach evolved towards applying the duty of care as a standard of review. The formula developed in TU München[7] and elaborated in Tetra Laval[8] established a review of facts, namely by controlling (i) whether the evidence in which the Commission’s decisions relied on was factually accurate, reliable and consistent; (ii) whether that evidence contained all the information that must be taken into account in order to assess a complex situation; and (iii) whether it was capable of substantiating the conclusions drawn from it.
The Tetra Laval and the TU München line of case-law converge by enabling the reviewing court to scrutinise the information that served as a basis to the adoption of the act, the manner in which the decision-maker has collected and treated that information, and the plausibility of the conclusions drawn therefrom.[9]
Criticism of this approach arose from the German Constitutional Court (GCC). Following Weiss and Others,[10] concerning a discretionary decision of the European Central Bank, in PSPP[11] the GCC called for a more intense review, arguing that the CJEU had disregarded the principle of proportionality by failing to consider the economic effects of the programme at issue.[12]
In fact, this lack of consideration for public interests is reasoned on the judicial review being necessarily framed within a binary logic of legality versus illegality. Other EU bodies dedicated to the supervision of administrative action, such as the European Ombudsman and the Court of Auditors, are, by contrast, better placed to conduct balancing exercises of competing factors and interests that require complex policy assessments, thereby contributing to the improvement of administrative decisions in a more adequate setting.
The duty of care as a standard of review strikes a balance between preventing arbitrary decision-making and avoiding an overburdening judicial review, while giving effect to the principle of good administration. Against this background, the way in which systemic risks are identified and reviewed under the DSA is decisive for the effective control of the negative societal impacts of digital services.
Este blogpost enquadra-se no programa DigiForce, financiado pela União Europeia através do projeto 101240597.
[1] Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market For Digital Services and amending Directive 2000/31/EC (Digital Services Act)
[2] Articles 34 and 35 DSA
[3] Article 37 DSA
[4] Article 40 DSA
[5] Recitals 90 and 137 DSA
[6] Judgment of the Court (Fifth Chamber) of 11 July 1985, Remia BV and Others v Commission of the European Communities, case 42/84, ECLI:EU:C:1985:327, paragraph 34.
[7] Judgment of the Court of 21 November 1991, Technische Universität München v Hauptzollamt München-Mitte, case C-269/90, ECLI:EU:C:1991:438, paragraph 14.
[8] Judgment of the Court (Grand Chamber) of 15 February 2005, Commission of the European Communities v Tetra Laval BV., case C-12/03 P, ECLI:EU:C:2005:87, paragraph 39.
[9] Hofmann, Herwig. The Duty of Care in EU Public Law – A Principle Between Discretion and Proportionality (2020), pp. 98-102.
[10] Judgment of the Court (Grand Chamber) of 11 December 2018, Case C-493/17, Weiss and Others, ECLI:EU:C:2018:1000, paragraphs 36-42.
[11] German Constitutional Court (Bundesverfassungsgericht), Judgment of 5 May 2020, Joined Cases 2 BvR 859/15, 2 BvR 1651/15, 2 BvR 2006/15, 2 BvR 980/16.
[12] Public Sector Asset Purchase Programme, a monetary policy tool created by the European Central Bank to maintain price stability in the euro area.