The DSA started to apply on 17 February 2024.
On 17 February, the Digital Services Act (DSA), started to apply to online intermediaries in the EU with the exception of certain SMEs and micro-businesses.
The DSA aims to ensure that EU users are better protected against illegal goods and content and have their rights upheld on online platforms where they connect with other users, share information, or buy products.
New responsibilities for platforms and empowered users
All online platforms with users in the EU, with the exception of small and micro enterprises employing fewer than 50 people and with an annual turnover below €10 million, must implement measures to:
- Counter illegal content, goods, and services: online platforms must provide users with means to flag illegal content, including goods and services. In addition, online platforms are required to cooperate with ‘trusted flaggers’, specialised entities whose notices will have to be given priority by platforms.
- Protect minors: including a complete ban of targeting minors with ads based on profiling or on their personal data.
- Empower users with information about advertisements they see, such as why the ads are being shown to them and who paid for the advertisement.
- Ban advertisements that target users based on sensitive data, such as political or religious beliefs, sexual preferences, etc.
- Provide statements of reasons to a user affected by any content moderation decision, eg content removal, account suspension, etc and upload the statement of reasons to the DSA Transparency database.
- Provide users with access to a complaint mechanism to challenge content moderation decisions.
- Publish a report of their content moderation procedures at least once per year.
- Provide the user with clear terms and conditions, and include the main parameters based on which their content recommender systems work.
- Designate a point of contact for authorities, as well as users.
In addition to online platforms, the Digital Services Act also applies to hosting services (for example, cloud services or domain name systems, background services which connect users to requested website addresses), as well as to online intermediaries (eg internet service providers, or domain). Hosting services and online intermediaries are subject to a subset of obligations under the DSA.
Since August 2023, the DSA has applied to the 19 Very Large Online Platforms (VLOPs) and Search Engines (VLOSEs) designated in April 2023 (with more than 45 million monthly users on average). Three other platforms designated as VLOPs in December 2023 have until April to comply with the most stringent obligations under the DSA. However, they now have to comply with the general DSA obligations as of 17 February.
Digital Services coordinators in EU member states
Platforms not designated as VLOPs or VLOSEs are supervised at member state level by an independent regulator acting as the national Digital Services Coordinator (DSC). DSCs supervise and enforce the DSA for the platforms established on their territory. They:
- Are the first port of call for complaints by users on infringements against the DSA by any platform, including VLOPs and VLOSEs. The DSC will, when appropriate, send the complaint to the DSC of the platform’s member state of establishment, where appropriate, accompanied by an opinion.
- Certify existing out-of-court appeal mechanisms for users to address complaints and challenge content moderation decisions.
- Assess and award the status of trusted flaggers to suitable applicants, or independent entities that have demonstrated expertise in detecting, identifying, and notifying illegal content online.
- Process researchers’ requests for access to VLOPs and VLOSEs data for specific research. The DSCs will vet the researchers and request access to data on their behalf.
- Have investigation and enforcement powers, to ensure compliance with the DSA by the providers established in their territory. They are able to order inspections following a suspected infringement of the DSA, impose fines on online platforms failing to comply with the DSA, and impose interim measures in case of serious harm to the public sphere.
The European Board for Digital Services
The Digital Services Coordinators and the Commission will form an independent advisory group, the European Board for Digital Services, with the aim of ensuring that the DSA is applied consistently, and that users across the EU enjoy the same rights, regardless of where the online platforms are established.
The Board will be consulted on the enforcement of the DSA and advise on arising issues related to the DSA and can contribute to guidelines and analysis. It will also assist in the supervision of Very Large Online Platforms and Very Large Online Search Engines and will issue yearly reports on the prominent systemic risks and best practices in mitigating them.
The Board is due to meet for the first time on 19 February 2024.
What happens next? In March 2024, the Commission intends to adopt Guidelines on risk mitigation measures for electoral processes. A consultation on the data access delegated act is expected in April with adoption by July and entry into force in October 2024. In May, the Commission plans to adopt an Implementing Act on transparency report templates.