Leveling Up Compliance: The Tiered DSA Obligations for Intermediary Services

DSA obligations are tiered mandates under the Digital Services Act to ensure digital safety, transparency, and user rights.

Published on January 26, 2024
Last Updated on February 13, 2024

The Digital Services Act (DSA), introduced by the European Union, signals a significant shift in the regulation of online platforms. It aims to improve the online ecosystem's safety, transparency, and fairness by holding tech giants accountable for the content they host or promote.

In this article, we’ll explore how companies can navigate the impact of the DSA and how TaskUs can support you in your compliance efforts.  

Who Does the Digital Services Act Apply To?

The DSA applies primarily to digital service providers, including social media platforms, online marketplaces, and other internet companies that connect consumers with goods, services, or content. It encompasses a wide range of online intermediaries and platforms within the European Union, and it also affects large online platforms and services that operate outside the EU but offer their services to EU residents. The DSA's obligations are particularly stringent for very large online platforms (VLOPs) and very large online search engines (VLOSEs).

What are DSA Intermediary Services?

Intermediary services, in the context of the DSA and digital regulation, refer to a wide range of online platforms, businesses, and service providers that facilitate the transmission, storage, or availability of third-party content or services over the Internet. These intermediary services play a crucial role in the digital ecosystem by enabling users to interact, share content, and conduct various activities online. There are several categories of DSA Intermediary services:

  1. Mere Conduit Services: These passive intermediaries transmit information or data without being actively involved in its content. Examples include internet service providers (ISPs) and network infrastructure providers.
  2. Caching Services: Caching services temporarily store data or content to improve data transmission efficiency. Content delivery networks (CDNs) are typical examples of caching services.
  3. Hosting Services: Hosting services involve storing and making content available online. This category includes various online platforms, such as social media networks, content-sharing platforms, web hosting providers, and online marketplaces.
  4. Online Platforms: This category of hosting services goes beyond basic storage. It includes online platforms, such as social networks, online marketplaces, and content-sharing platforms, that actively disseminate information to the public at users' requests.
  5. Online Search Engines: These services enable users to search for information, websites, and online content. Examples include Google, Bing, and Yahoo.
  6. Messaging Services: Messaging services facilitate user communication through text, voice, or multimedia messages. Messaging apps and email services fall under this category.
  7. App Stores: App stores provide a marketplace for users to download and install applications on their devices. Examples include the Apple App Store and Google Play Store.

Depending on their services, DSA intermediary services may fall into one or more categories. The DSA aims to regulate these services to ensure transparency, accountability, and user safety in the digital environment while respecting fundamental rights and freedoms.

Tiered Categorization of DSA Intermediary Services

The DSA categorizes intermediary services into different tiers or levels based on their size, impact, and responsibilities. The DSA introduces these levels to tailor obligations and requirements to the specific characteristics of each type of service provider. The levels of intermediary services under the DSA include:

Tier 1 - Basic DSA Obligations: Tier 1 includes the basic obligations that apply to all intermediary services, regardless of their size or specific role. Primarily, these obligations ensure transparency and protection of fundamental rights. They include:

  • Cooperating with authorities, such as making information available for identification and communication
  • Designating and making public a single point of contact for service recipients
  • Including information regarding content moderation policies and procedures in the terms of service
  • Making comprehensive reports on content moderation activities publicly available at least once a year
  • Preserving liability exemptions for intermediary services while clarifying rules and responsibilities based on the nature of their activities

Tier 2 - Additional Obligations for Hosting Services: Tier 2 introduces additional obligations for hosting services, which include services that store and make content available online. These DSA obligations aim to ensure a safer online environment and include:

  • Implementing a notice and action mechanism to remove online content in response to user notifications
  • Reporting suspicions of criminal offenses involving threats to a person's life or safety to law enforcement

Tier 3 - Additional Obligations for Online Platforms: Tier 3 obligations apply to online platforms. The additional obligations include:

  • Providing a complaint handling system and redress mechanisms for users
  • Responding preferentially and expeditiously to notices from trusted flaggers regarding illegal content
  • Increasing transparency in recommendation algorithms by ensuring users have a choice not to receive recommendations based on profiling
  • Prohibiting the use of dark patterns in online interfaces to manipulate or deceive users
  • Enhancing transparency in advertising presentation and prohibiting targeted advertising to minors based on sensitive category data

Tier 4 - Additional Obligations for Very Large Online Platforms and Search Engines: Tier 4 imposes stricter rules on large online platforms and search engines in the EU with significant impact and user base. These DSA obligations are designed to mitigate risks and enhance accountability. They include:

  • Mandatory risk assessments and corresponding mitigation measures for addressing systemic risks, such as illegal content and human rights violations
  • Annual independent audits of compliance with the DSA and the adoption of audit recommendations
  • Appointment of a compliance officer or compliance function that reports directly to management
  • Mitigating measures to protect the rights of the child and prevent minors from accessing pornographic content online, including utilizing age verification tools
  • Transparency in advertising practices, including publishing a repository of detailed advertising information
  • Data access for authorities to monitor DSA compliance

Basic DSA obligations like transparency apply to all. However, hosting services face stricter content removal procedures, and influential online platforms must tackle systemic risks and algorithmic bias. Independent audits and stringent advertising transparency measures set the bar even higher for large platforms and search engines.

TaskUs: Your Compliance Partner

TaskUs is committed to staying at the forefront of these regulatory changes. We offer comprehensive solutions, helping businesses navigate the complexities of the new requirements and build robust strategies for outsourcing DSA compliance. 

Through our robust end-to-end solutions and exceptional human + tech capabilities, you can count on Us to help you:

  • Assess and understand your regulatory obligations at an operational level
  • Identify and assess the risks stemming from the design or functioning of your service and deliver Risk Assessments if/when required 
  • Review your existing content moderation processes, plan possible outsourcing content moderation solutions, spot the gaps with your regulatory obligations, assess the criticality and effort level for each gap, and lay out a mitigation plan that takes these factors and your available bandwidth into account
  • Scale and provide workforce across different countries and time zones
  • Provide an experienced team to test the implementation of pilot projects
Navigate the DSA and build a resilient, compliant online presence.


Wasbir Hazarika
Policy Lead, Trust & Safety Practice
Wasbir Hazarika is a Trust and Safety professional with over half a decade of experience, specializing in policy research & formulation, operations and solutioning. His expertise also includes investigating trends across regions and platforms, enabling him to address potential risks effectively and bolster platform security