The Digital Services Act: What You Need to Know

In May 2024, the European Commission initiated formal proceedings against Meta, the parent company of Facebook and Instagram, to determine if its measures to protect minors online comply DSA. This follows another investigation into Meta for different violations, two earlier investigations targeting TikTok, and an ongoing major investigation concerning X (formerly Twitter). Should these global tech giants be found in breach of regulations, they could be subject to fines of up to 6% of their global annual revenues.

These were among the first instances of enforcement actions taken since the DSA became effective across all 27 EU member states in February 2024, marking the initiation of severe enforcement measures. This demonstrates a serious commitment to ensuring compliance with regulations.

In this blog post, ActiveFence breaks down what you need to know about the DSA to remain compliant and ahead of the curve.

What is the DSA?

Since its enforcement in August 2023, the Digital Services Act (DSA) has become the European Union’s foundational rulebook for online safety. As one of the first sets of laws to mandate Trust & Safety as a requirement, not just a suggestion, it lays out guidelines for online user-generated content (UGC) platforms. These platforms are not required to prioritize user safety and take responsibility for harmful content.

Under the DSA provisions, online platforms must ban illegal and misleading content, implement content moderation processes, ensure transparency in moderation actions, and set guidelines surrounding appeals and flagging content, among other obligations.

Ever since the DSA took effect, the Trust & Safety industry has been actively discussing compliance and implementation of this comprehensive policy. While the primary obligations are outlined,  compliance efforts can take various forms, considering the unique requirements of each platform.

Moreover, the DSA’s application varies depending on the type of online entity. While the entire DSA framework strictly applies to very large online platforms (VLOPs) or very large search engines (VLOSEs), general obligations, such as submitting data for content moderation and transparency reporting, apply to all platforms, including smaller businesses such as hosting services and online marketplaces.

While compliance with the DSA demands a comprehensive approach and effort, failing to comply can lead to big financial risks for companies, and repeated violations could result in a ban from the EU. 

The DSA emphasizes three key areas: platform development and maintenance, transparency and accountability, and risk mitigation. In the upcoming sections, we’ll explore these focal points in detail.

1. Platform Development and Maintenance

Safety by design principles requires platforms to prioritize user safety when building a product or updating its features. This is crucial not just for new platforms but also for updating existing ones. Here are some DSA requirements related to platform safety:

• User reporting and appeal mechanisms: Platforms must let users report content they think is harmful and see the outcome of those reports. Users should also be able to complain if they disagree with moderation decisions.
• Compliance by design: Platforms must be designed to meet safety rules and make it easy for users to follow them.
• Bans on targeted ads: Ads can’t target minors or children, nor can they target people based on sensitive data like sexuality, race, or religion.

For a full list of DSA requirements and to whom they apply, download our guide to the Digital Services Act. 

2. Transparency and Accountability

Among other DSA-related obligations, all platforms are required to publish a transparency report at least once a year. This report is a publicly accessible summary of relevant data and information related to a platform’s online safety enforcement measures during the specified period.

What goes into these reports depends on the size of the platform and its Trust & Safety strategy. It may include details on how the platform responds to requests from authorities and law enforcement, as well as the actions taken based on its own policies and regulations.

Under the DSA, platforms are required to report:

• Number and type of content moderation actions taken
• Number of internal reports and the resulting actions taken in response
• Number of moderation appeals, platform responses and actions, and average response time
• Number of government-mandated take-down orders categorized by abuse
• Average time needed to action items
• Bi-annual updates on the number of active users in the EU

To learn more about transparency reporting requirements, download ActiveFence’s comprehensive guide to Transparency Reporting.

3. Risk Mitigation Measures

As mentioned, the DSA imposes extra responsibilities on VLOPs and VLOSEs. These obligations involve risk reduction and often require advanced methods, such as the use of AI, threat experts, and off-platform intelligence to detect and address harmful content. They include:

• External audits and sharing data: VLOPs must assess their risks and efforts to reduce them, both internally and externally. They also need to share data with authorities and trusted researchers upon request.
• Risk assessment, management, and crisis response: The DSA sets up new ways to evaluate and react to the spread of illegal content on platforms. VLOPs must formally assess their risks, establish procedures to handle them, and take care of any sudden problems.
• Overall risk reduction: The DSA holds all platforms responsible for the risks they create, especially in relation to false information and election manipulation. In 2022, the DSA proposed a risk mitigation strategy called the EU Disinformation Code of Conduct, which VLOPs must adhere to. While non-VLOPs are not required to follow the code, they should still adopt similar measures to reduce risks, as suggested by the DSA.
• Spotlight on AI-related risks: Alongside the passage of the EU AI Act in March 2024, DSA regulators are eyeing AI risks to online platforms, particularly VLOPs, even before the AI Act is fully operational. Considering the significant overlap between these two regulations, navigating between their distinct approaches may pose a challenge.

To stay ahead of new regulations and integrate compliance seamlessly into your platform, discover how ActiveFence collaborates with top Trust & Safety teams to ensure adherence to global standards.

ActiveFence’s Nuanced Approach to DSA Compliance

The DSA brings urgency and opportunity for platforms to prioritize user safety. Already in effect, companies must adopt a comprehensive approach to comply. This involves enhancing platform policies, improving content moderation, ensuring transparency, and more.

ActiveFence offers a Trust & Safety solution tailored to meet the unique needs of platforms. Here are some key features:

• Customized analytics: Easily generate transparency reports and share data with authorities and researchers.
• Risk prioritization: Automate moderation efforts based on specific rules, such as user strikes or high-risk content.
• Threat-specific solutions: ActiveFence specializes in tackling specific threats outlined in the DSA, such as disinformation, election manipulation, cyber violence against women, and harm to minors online. Our experts monitor over 10 million online sources across different platforms and content formats to identify and address potential harm.
• Insightful violation reports: Identify platform vulnerabilities and strengthen defenses.
• User notification: Use customized moderation workflows to inform users of moderation decisions automatically.
• Multilingual support: The DSA applies to all 27 countries in the EU. With coverage in over 100 languages, ActiveFence ensures global user protection.

As compliance landscapes evolve, organizations must adapt to stay up-to-date with laws and standards. The internet’s global nature adds complexity, requiring compliance with regulations across jurisdictions. Proactively addressing these challenges is crucial for platform success and user trust, particularly as regulatory demands continue to grow. Prioritize DSA compliance and user safety with ActiveFence.

 Request a free consultation with our Trust & Safety experts to learn how your organization can be compliant with all new regulations under one roof. 

 

Editor’s Note: The article was originally published on November 22, 2022. It has been updated with new information and edited for clarity.