Digital Services Act DSA obligations for online platforms and intermediary services in the EU.

The Digital Services Act (DSA) is Regulation (EU) 2022/2065. It sets obligations for intermediary services, online platforms, marketplaces, social networks, search engines and large digital platforms that provide services in the European Union.

The Regulation is already applicable. Since 17 February 2024, its general obligations apply to the affected providers. The official text can be consulted in the Official Journal version published through BOE.

Its purpose is to create a safer digital environment, protect users’ fundamental rights and increase transparency in digital services.

Who does the DSA apply to?

The DSA applies to providers of intermediary services that offer services to recipients located in the EU, even if the provider is not established in the European Union.

The affected services include:

  • Mere conduit and network access services.
  • Caching services.
  • Hosting services.
  • Online platforms, such as marketplaces, social networks or app stores.
  • Online search engines.
  • Very large online platforms and very large online search engines, known as VLOPs and VLOSEs, when they reach at least 45 million average monthly active recipients in the EU.

Digital Services Act DSA obligations for online platforms and intermediary services in the EU.

Main obligations

The obligations depend on the type of service, size and risk profile of the platform. In general, the DSA requires measures such as:

  • Clear mechanisms to report illegal content.
  • Internal complaint-handling systems for content moderation decisions.
  • Transparency about terms of service and content moderation.
  • Information on online advertising and recommender systems.
  • Specific restrictions on advertising based on sensitive data.
  • Stronger protection for minors on services accessible to them.
  • Enhanced marketplace duties regarding trader traceability.

Very large platforms and search engines

VLOPs and VLOSEs have additional duties: systemic risk assessment and mitigation, independent audits, data access for supervision and research, advertising repositories and specific measures against disinformation, manipulation or risks to minors.

What companies should review

Digital businesses should first assess whether they act as an intermediary provider, online platform, marketplace or search engine. They should then adapt their terms, notice flows, moderation processes, advertising information, protection of minors, trader traceability and internal documentation.

The DSA does not replace the GDPR. If the service processes personal data, both frameworks must be coordinated: privacy, transparency, legal basis, cookies, behavioural advertising, automated decisions and user rights.

A preventive review helps reduce regulatory risk and demonstrate diligence before users, authorities and commercial partners.

Auratech can help you review DSA compliance.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *