The Digital Services Act (DSA), introduced by the European Union, signals a significant shift in the regulation of online platforms. It aims to improve the online ecosystem's safety, transparency, and fairness by holding tech giants accountable for the content they host or promote.
In this article, we’ll explore how companies can navigate the impact of the DSA and how TaskUs can support you in your compliance efforts.
Who Does the Digital Services Act Apply To?
The DSA applies primarily to digital service providers, including social media platforms, online marketplaces, and other internet companies that connect consumers with goods, services, or content. It encompasses a wide range of online intermediaries and platforms within the European Union, and it also affects large online platforms and services that operate outside the EU but offer their services to EU residents. The DSA's obligations are particularly stringent for very large online platforms (VLOPs) and very large online search engines (VLOSEs).
What are DSA Intermediary Services?
Intermediary services, in the context of the DSA and digital regulation, refer to a wide range of online platforms, businesses, and service providers that facilitate the transmission, storage, or availability of third-party content or services over the Internet. These intermediary services play a crucial role in the digital ecosystem by enabling users to interact, share content, and conduct various activities online. There are several categories of DSA Intermediary services:
Mere Conduit Services: These passive intermediaries transmit information or data without being actively involved in its content. Examples include internet service providers (ISPs) and network infrastructure providers.
Caching Services: Caching services temporarily store data or content to improve data transmission efficiency. Content delivery networks (CDNs) are typical examples of caching services.
Hosting Services: Hosting services involve storing and making content available online. This category includes various online platforms, such as social media networks, content-sharing platforms, web hosting providers, and online marketplaces.
Online Platforms: This category of hosting services goes beyond basic storage. It includes online platforms, such as social networks, online marketplaces, and content-sharing platforms, that actively disseminate information to the public at users' requests.
Online Search Engines: These services enable users to search for information, websites, and online content. Examples include Google, Bing, and Yahoo.
Messaging Services: Messaging services facilitate user communication through text, voice, or multimedia messages. Messaging apps and email services fall under this category.
App Stores: App stores provide a marketplace for users to download and install applications on their devices. Examples include the Apple App Store and Google Play Store.
Depending on their services, DSA intermediary services may fall into one or more categories. The DSA aims to regulate these services to ensure transparency, accountability, and user safety in the digital environment while respecting fundamental rights and freedoms.
Tiered Categorization of DSA Intermediary Services
The DSA categorizes intermediary services into different tiers or levels based on their size, impact, and responsibilities. The DSA introduces these levels to tailor obligations and requirements to the specific characteristics of each type of service provider. The levels of intermediary services under the DSA include:
Tier 1 - Basic DSA Obligations: Tier 1 includes the basic obligations that apply to all intermediary services, regardless of their size or specific role. Primarily, these obligations ensure transparency and protection of fundamental rights. They include:
Cooperating with authorities, such as making information available for identification and communication
Designating and making public a single point of contact for service recipients
Including information regarding content moderation policies and procedures in the terms of service
Making comprehensive reports on content moderation activities publicly available at least once a year
Preserving liability exemptions for intermediary services while clarifying rules and responsibilities based on the nature of their activities
Tier 2 - Additional Obligations for Hosting Services: Tier 2 introduces additional obligations for hosting services, which include services that store and make content available online. These DSA obligations aim to ensure a safer online environment and include:
Implementing a notice and action mechanism to remove online content in response to user notifications
Reporting suspicions of criminal offenses involving threats to a person's life or safety to law enforcement
Tier 3 - Additional Obligations for Online Platforms: Tier 3 obligations apply to online platforms. The additional obligations include:
Providing a complaint handling system and redress mechanisms for users
Responding preferentially and expeditiously to notices from trusted flaggers regarding illegal content
Increasing transparency in recommendation algorithms by ensuring users have a choice not to receive recommendations based on profiling
Prohibiting the use of dark patterns in online interfaces to manipulate or deceive users
Enhancing transparency in advertising presentation and prohibiting targeted advertising to minors based on sensitive category data
Tier 4 - Additional Obligations for Very Large Online Platforms and Search Engines: Tier 4 imposes stricter rules on large online platforms and search engines in the EU with significant impact and user base. These DSA obligations are designed to mitigate risks and enhance accountability. They include:
Mandatory risk assessments and corresponding mitigation measures for addressing systemic risks, such as illegal content and human rights violations
Annual independent audits of compliance with the DSA and the adoption of audit recommendations
Appointment of a compliance officer or compliance function that reports directly to management
Mitigating measures to protect the rights of the child and prevent minors from accessing pornographic content online, including utilizing age verification tools
Transparency in advertising practices, including publishing a repository of detailed advertising information
Data access for authorities to monitor DSA compliance
Basic DSA obligations like transparency apply to all. However, hosting services face stricter content removal procedures, and influential online platforms must tackle systemic risks and algorithmic bias. Independent audits and stringent advertising transparency measures set the bar even higher for large platforms and search engines.
TaskUs: Your Compliance Partner
TaskUs is committed to staying at the forefront of these regulatory changes. We offer comprehensive solutions, helping businesses navigate the complexities of the new requirements and build robust strategies for outsourcing DSA compliance.
Through our robust end-to-end solutions and exceptional human + tech capabilities, you can count on Us to help you:
Assess and understand your regulatory obligations at an operational level
Identify and assess the risks stemming from the design or functioning of your service and deliver Risk Assessments if/when required
Review your existing content moderation processes, plan possible outsourcing content moderation solutions, spot the gaps with your regulatory obligations, assess the criticality and effort level for each gap, and lay out a mitigation plan that takes these factors and your available bandwidth into account
Scale and provide workforce across different countries and time zones
Provide an experienced team to test the implementation of pilot projects
Navigate the DSA and build a resilient, compliant online presence.
Wasbir Hazarika is a Trust and Safety professional with over half a decade of experience, specializing in policy research & formulation, operations and solutioning. His expertise also includes investigating trends across regions and platforms, enabling him to address potential risks effectively and bolster platform security
Cookies set by Google. Used to store a unique ID for various Google services such as Google Chrome, Autocomplete and more. Read more here: https://policies.google.com/technologies/cookies#types-of-cookies
Polylang, Used for storing language preferences on the website.
This cookie is native to PHP applications. Used to store and identify a users’ unique session ID for the purpose of managing user session on the website. This is a session cookie and is deleted when all the browser windows are closed.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Browser identifier cookie. Used to uniquely identify devices accessing LinkedIn to detect abuse on the platform.
Set by bidr.io. Beeswax’s advertisement cookie based on uniquely identifying your browser and internet device. If you do not allow this cookie, you will experience less relevant advertising from Beeswax.
bidr.io. Beeswax’s audience targeting cookie.
Used to remember a user’s language setting to ensure LinkedIn.com displays in the language selected by the user in their settings.
rlcdn.com. Used to deliver advertising more relevant to the user and their interests.
rlcdn.com. Used to deliver advertising more relevant to the user and their interests.
company-target.com. Used for analytics and targeted advertising.