UPDATE – MAY 2025: This blog post was originally published before compliance for the Digital Services Act (DSA) took effect on February 17, 2024. The law is now fully enforceable across the EU. Very Large Online Platforms (VLOPs) must comply with risk assessments, transparency reporting, and independent auditing requirements. BABL AI supports organizations navigating DSA compliance with tailored audit services and risk governance strategies.
ORIGINAL BLOG POST:
What the Digital Services Act Means for Online Platforms
As the European Union works on the final touches of its AI regulation legislation, the Harmonised Rules on Artificial Intelligence, or the EU AI Act, we look at one regulation that has service providers scrambling to comply with before next year. The Digital Services Act (DSA) was submitted to the European Parliament in December 2020. After a year and a half of discussion, the European Council approved the DSA on October 4, 2022 and will be directly applicable across the EU on February 17, 2024.
What Is the Digital Services Act?
The DSA is designed to:
-
Create a safer and more open digital environment
-
Protect fundamental rights of users
-
Hold platforms accountable for harmful or illegal content
It applies to a wide range of digital services, including:
-
Social media platforms
-
Cloud services
-
Content delivery networks
-
App stores
-
Marketplaces
-
Search engines
If your service reaches EU users, the DSA likely affects you.
Core Compliance Requirements
The law imposes strict obligations on digital platforms. Key requirements include:
-
Removing illegal content promptly
-
Implementing child protection measures
-
Suspending accounts offering illegal goods or services
-
Disclosing how automated content moderation tools are used
-
Publishing transparency reports on flagged and removed content
-
Ensuring traceability of traders on online marketplaces
These rules apply to platforms of all sizes. But for larger players, the expectations go even further.
Who Is a Very Large Online Platform (VLOP)?
The DSA introduces a special category: Very Large Online Platforms (VLOPs). These are platforms with more than 45 million monthly active users in the EU.
VLOPs must meet additional obligations, including:
-
Performing systemic risk assessments
-
Undergoing independent audits
-
Publishing detailed transparency reports
-
Providing algorithmic access for oversight
-
Giving users choice in recommendation systems
-
Ensuring advertising transparency
Emerging platforms approaching VLOP scale may also face these requirements, even before formal designation.
Enforcement, Timelines, and Penalties
Unlike others, VLOPs designated under the DSA will have four months before next February to comply with obligations like risk assessment, transparency reporting and data access. That means there are staggered timelines based on platform size before the final date when the European Commission and national Digital Services Coordinators will oversee enforcement. The DSA establishes oversight and enforcement cooperation between the European Commission and EU countries. As for penalties for non-compliance, it includes fines of up to 6% of global turnover, which means some VLOPS could face hundreds of millions in fines if they’re found to be non-compliant.
Unsure If the DSA Applies to You?
If your organization falls under Digital Services Act requirements—or is unsure whether it qualifies as a VLOP—BABL AI provides audit support, risk assessments, and compliance guidance.
