Sarah Edwards
Manager, Wellness + Resiliency
Related Expertise
Related Insights
It is important to understand whether you are a passive host or an active platform as it can determine your legal obligations under the Digital Services Act (DSA). This distinction is crucial and can greatly impact the way you operate your digital service.
In this article, we aim to guide you through the difference between hosting services and online platforms in relation to DSA intermediary services and whether they are just storing user content or actively engaging with it, as this will require specific hosting services obligations or online platforms obligations. Following these guidelines ensures that you are compliant with the law and helping make the internet safer for everyone.
Hosting services are digital warehouses that store information upon a user's request. Some examples of these services include cloud storage platforms and web hosting services for websites. It's important to note that these services do not actively share the information with the public, as they lack the element of dissemination. In other words, they only store and do not distribute the data.
Online platforms not only store information but also share it with the public. These platforms include social media giants, online marketplaces, and any service that allows users to share content with a potentially unlimited audience. According to the EU DSA, "dissemination" means making information readily available to anyone, not just a specific group.
Understanding the distinction between hosting services and online platforms is important because the Digital Services Act (DSA) imposes different obligations on each. Hosting services have simpler requirements, mostly involving implementing takedown mechanisms for illegal content and reporting suspicious activity. On the other hand, online platforms face a much stricter set of obligations, which include implementing complaint-handling systems, giving preferential treatment to trusted flaggers, and conducting risk assessments for illegal content.
The distinction can get blurry when services offer both private and public features. Email services are a good example. Private messaging between specific individuals wouldn't qualify as dissemination. However, public forums or open channels within the service would fall under the online platform definition and trigger stricter DSA obligations.
Ultimately, service providers must carefully assess their features and identify if they will need to follow hosting services or online platform obligations. This will determine their responsibilities under the DSA and ensure they comply with the law. The DSA provides some examples and guidelines, but further interpretation and discussion are expected to refine the application of this crucial distinction.
| Aspect | Hosting Platforms | Online Platforms |
|---|---|---|
| Definition | Store and make content available upon user request | Actively disseminate information to the public |
| Examples | Cloud computing services, web hosting services | Social networks, online marketplaces, content-sharing platforms |
| Cooperation with authorities | ✔ | ✔ |
| Points of Contact and Legal Representative | ✔ | ✔ |
| Terms Of Service | ✔ | ✔ |
| Transparency Reporting | ✔ | ✔ |
| Notice and Action Mechanism for Content Removal | ✔ | ✔ |
| Reporting Criminal Offenses | ✔ | ✔ |
| Complaint and Redress Mechanism | Not Required | ✔ |
| Trusted Flaggers | Not Required | ✔ |
| Transparency in Recommendation Algorithms | Not Required | ✔ |
| Dark Patterns Prohibition | Not Required | ✔ |
| Advertising Transparency | Not Required | ✔ |
| No Targeted Advertising to Minors or based on Special Category of Data | Not Required | ✔ |
Whether you're creating the digital experience as an online platform or securely hosting data, mastering your DSA obligations is critical to your success.
At TaskUs, we confidently assist service providers of all sizes in navigating the new regulatory landscape. We offer comprehensive assessments and tailored compliance strategies. With our strong end-to-end solutions and exceptional combination of human + tech capabilities, you can rely on Us to help you:
Contact Us today to learn more about how we can help you navigate the DSA platform and build a resilient, compliant online presence.
References
We exist to empower people to deliver Ridiculously Good innovation to the world’s best companies.
NPC Seal of
Registration
Useful Links
| Cookie | Duration | Description |
|---|---|---|
| __q_state_ | 1 Year | Qualified Chat. Necessary for the functionality of the website’s chat-box function. |
| _GRECAPTCHA | 1 Day | www.google.com. reCAPTCHA cookie executed for the purpose of providing its risk analysis. |
| 6suuid | 2 Years | 6sense Insights |
| cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
| cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
| cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
| cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
| cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
| NID, 1P_JAR, __Secure-3PAPISID,__Secure-3PSID,__ Secure-3PSIDCC | 30 Days | Cookies set by Google. Used to store a unique ID for various Google services such as Google Chrome, Autocomplete and more. Read more here: https://policies.google.com/technologies/cookies#types-of-cookies |
| pll_language | 1 Year | Polylang, Used for storing language preferences on the website. |
| ppwp_wp_session | 30 Minutes | This cookie is native to PHP applications. Used to store and identify a users’ unique session ID for the purpose of managing user session on the website. This is a session cookie and is deleted when all the browser windows are closed. |
| viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
| Cookie | Duration | Description |
|---|---|---|
| _ga | 2 Years | Google Analytics, Used to distinguish users. |
| _gat_gtag_UA_5184324_2 | 1 Minute | Google Analytics, It compiles information about how visitors use the site. |
| _gid | 1 Day | Google Analytics, Used to distinguish users. |
| pardot | Until Cleared | Salesforce Pardot. Used to store and track if the browser tab is active. |
| Cookie | Duration | Description |
|---|---|---|
| bcookie | 2 Years | Browser identifier cookie. Used to uniquely identify devices accessing LinkedIn to detect abuse on the platform. |
| bito, bitolsSecure | 30 Days | Set by bidr.io. Beeswax’s advertisement cookie based on uniquely identifying your browser and internet device. If you do not allow this cookie, you will experience less relevant advertising from Beeswax. |
| checkForPermission | 10 Minutes | bidr.io. Beeswax’s audience targeting cookie. |
| lang | Session | Used to remember a user’s language setting to ensure LinkedIn.com displays in the language selected by the user in their settings. |
| pxrc | 3 Months | rlcdn.com. Used to deliver advertising more relevant to the user and their interests. |
| rlas3 | 1 Year | rlcdn.com. Used to deliver advertising more relevant to the user and their interests. |
| tuuid | 2 Years | company-target.com. Used for analytics and targeted advertising. |