What is the Digital Services Act (DSA)?

The Digital Services Act is a legislative proposal put forth by the European Commission aimed at updating and regulating the digital services ecosystem within the European Union. Its primary objective is to create a comprehensive framework that governs digital platforms and services, ensuring a safer and more transparent online environment for users and businesses alike.

Key objectives of the DSA

  1. Enhanced responsibility: The DSA seeks to establish clearer responsibilities and obligations for digital service providers, including platforms, online marketplaces, and social media networks. These providers would be required to take measures to address illegal content, such as hate speech, terrorist propaganda, and counterfeit products.
  2. Accountability and transparency: The DSA aims to increase the transparency of online platforms, particularly concerning their content moderation practices. Platforms will be required to provide more information about their algorithms, content removal processes, and advertising practices to users and regulators.
  3. New rules for large online platforms: The DSA introduces specific obligations for “very large online platforms” that have a significant impact on the European market. These platforms would be subject to additional scrutiny and obligations, such as periodic risk assessments, independent audits, and more stringent content moderation requirements.
  4. Market access and fair competition: The DSA aims to promote fair competition in the digital market by addressing issues related to self-preferencing, unfair contractual clauses, and data access restrictions. It also introduces provisions to facilitate market entry for smaller competitors.
  5. User rights and remedies: The DSA aims to strengthen user rights and provide effective remedies for individuals affected by illegal content or harm caused by digital services. Users would have improved avenues for lodging complaints, redress mechanisms, and access to independent dispute resolution processes.
Ensure DSA Compliance Today

Rules for operating cross-borders

The DSA presents several key provisions to regulate online activities across borders including:

  1. Due diligence obligations: Online platforms are expected to fulfill specific responsibilities depending on their role. This may include activities such as monitoring content, implementing measures to prevent illegal activities, and providing mechanisms for users to report problematic content.
  2. Transparency requirements: Platforms must be clear about their terms and conditions, including content moderation policies and algorithms used for ranking and recommendation systems. They should also disclose targeted advertising practices and any sponsored content.
  3. Enhanced user rights: The DSA emphasizes user empowerment, ensuring that individuals have the right to contest content removal or take-down requests. It also promotes freedom of expression and aims to protect users’ fundamental rights online.
  4. Cooperation with authorities: Online platforms are expected to cooperate with national authorities, including sharing information and participating in regulatory oversight. This helps to enforce compliance with the DSA and other relevant laws.
  5. Increased oversight: The DSA proposes the creation of a Digital Services Coordinator at the European level to oversee the compliance of large online platforms. This coordinator would work closely with national authorities to ensure proper enforcement.
Cross Border Data Transfers
Download the solution brief.

“FAKE NEWS” – How does DSA address disinformation?

The Digital Services Act (DSA) seeks to establish regulations governing content moderation, advertising practices, algorithms, and risk management on digital platforms. Its primary goal is to hold platforms, especially the larger ones, accountable for their actions and the potential risks they pose.

This includes addressing issues such as disinformation and manipulation of electoral processes. By fostering a co-regulatory framework, which includes the updated Code of Practice on Disinformation and new Commission Guidance announced in the European Democracy Action Plan, the DSA aims to create a comprehensive system that promotes responsible platform behavior and safeguards democratic processes.

Here are some potential ways in which the DSA may address fake news:

  • Notice and action mechanisms: The DSA may require digital service providers, including online platforms, to establish clear notice and action mechanisms for addressing reports of illegal content, including disinformation. Users would be able to report instances of fake news, and platforms would need to respond and take appropriate action, such as removing or labeling the content.
  • Transparency of algorithms: The DSA may introduce requirements for platforms to provide greater transparency about their algorithms and how they prioritize and display content to users. By understanding the functioning of algorithms, users and regulators can assess how platforms handle the dissemination of potentially misleading or false information.
  • Cooperation with fact-checkers and trusted sources: The DSA may encourage or require platforms to cooperate with fact-checking organizations and trusted sources of information. Collaborating with credible sources can help platforms identify and label misleading or false content, providing users with more reliable information.
  • Accountability and content moderation: The DSA may impose additional responsibilities on platforms to address the spread of disinformation. This could include strengthening content moderation efforts, ensuring faster response times to reports of fake news, and implementing measures to minimize the reach and impact of such content.

Online advertising

The Digital Services Act (DSA) regulates online advertising by introducing new restrictions and requirements for transparency and user empowerment. Let’s take a closer look:

  1. Coverage: The DSA covers all types of advertising, including digital marketing, issues-based advertising, and political ads. It works alongside existing regulations like the General Data Protection Regulation (GDPR).
  2. Targeted advertising restrictions: The DSA imposes two restrictions on targeted advertising. First, it bans the targeting of minors based on profiling. Second, it prohibits targeted advertising based on profiling using sensitive personal data, such as sexual orientation or religious beliefs.
  3. User empowerment: The DSA aims to empower users by providing clear information about the ads they see. Users must be informed about why they are being targeted, who paid for the ad, and whether content is sponsored or organic. Additionally, users should be able to recognize when influencers are promoting commercial messages.
  4. Notice and action: The DSA establishes notice and action obligations for potentially illegal ads, similar to other types of content. Platforms are responsible for addressing these ads promptly.
  5. Obligations for large platforms: Very large online platforms face additional measures to mitigate risks and ensure oversight. They must maintain ad repositories, allowing researchers, civil society, and authorities to examine how ads were displayed and targeted. Platforms must also assess if their advertising systems contribute to societal risks and take steps to mitigate them.
  6. Complementary measures: The Digital Markets Act (DMA) complements the DSA by addressing economic concerns related to gatekeepers’ advertising models.

5 Digital Services Act Best Practices

When considering compliance with the Digital Services Act (DSA), here are five best practices that businesses should consider:

  1. Stay informed and updated: Keep track of the latest developments and updates related to the DSA. Regularly monitor official sources, such as the European Commission’s website, for guidance, guidelines, and any changes in the regulatory landscape.
  2. Review and update policies: Assess your existing policies and practices to ensure they align with the DSA requirements. Pay particular attention to areas such as content moderation, advertising practices, user rights, and transparency. Update your policies accordingly to meet the DSA standards.
  3. Enhance transparency: Implement measures to enhance transparency in your operations. Clearly inform users about how their data is collected, used, and shared. Be transparent about your content moderation processes, algorithms, and advertising practices. Provide users with clear information about targeted ads, sponsorship, and influencer promotions.
  4. Strengthen user control: Give users more control over their data and targeted advertising preferences. Ensure that users can easily access and manage their consent settings. Allow them to opt-out of targeted advertising if desired. Provide clear and user-friendly mechanisms for users to report content violations or seek redress.
  5. Monitor and mitigate risks: Regularly assess and mitigate risks associated with your digital services. Implement measures to identify and address potentially illegal or harmful content promptly. Monitor and analyze the impact of your advertising systems to identify and mitigate risks related to societal issues, manipulation, or unfair practices.
See BigID in Action

BigID’s Approach to DSA Compliance

BigID is the leading platform for data privacy, security, and governance— utilizing advanced AI and machine learning technologies to automate compliance with privacy regulations, the EU’s Digital Services Act (DSA). BigID can help your organization in the following ways:

  • Data Discovery and Classification: BigID helps organizations identify and classify personal data throughout their entire data landscape, both on premise and in the cloud. This capability enables businesses to understand the types of data they collect, process, and store, aligning with the DSA’s requirements for transparency and accountability.
  • Consent Management: The DSA emphasizes user consent for data processing. BigID’s Consent Governance App provides a centralized view to track and manage consent, ensuring compliance with DSA requirements regarding consent and users’ right to object to targeted marketing.
  • Data Subject Rights: BigID’s Data Deletion App provides mechanisms to handle data subject rights requests efficiently. It helps organizations manage and respond to user requests for data access, rectification, erasure, and portability, aligning with the DSA’s focus on strengthening user rights and providing effective remedies.
  • Data Protection Impact Assessments (DPIAs): The DSA mandates DPIAs for high-risk data processing activities. BigID’s PIA Automation App conducts DPIAs by automating the assessment process, identifying potential risks, and helping organizations implement necessary measures to mitigate them.
  • Data Governance and Security: BigID is the leading provider for DSPM solutions that assist organizations in implementing measures to protect personal data, prevent data breaches, and ensure ongoing compliance with DSA requirements related to data security and risk mitigation.

To get prepared for DSA compliance and other existing privacy regulations—schedule a free 1:1 demo with our experts today.