Share
The shift from physical to digital services has made user interactivity a cornerstone of many online platforms. From community forums to content-sharing apps, businesses increasingly rely on these features to enhance user engagement. However, the European Union’s Digital Services Act (DSA) introduces a comprehensive framework for regulating such interactive features, creating critical compliance obligations for businesses.
This article explores the implications of the DSA in two key areas:
- The scope and regulatory framework of the DSA, including its application to interactive features like online platforms and forums.
- Practical steps businesses must take to ensure compliance, from risk assessments to implementing governance and transparency measures.
The Digital Services Act – foundations and scope
The DSA, a key pillar of the EU’s digital regulation framework, entered into force on 16 November 2022, with the majority of its operative provisions becoming enforceable in 2024.
Although much attention has focused on the rules for “very large online platforms” (VLOPs) (e.g., Amazon, Temu) and “very large online search engines” (VLOSEs) (e.g., Google Search, Bing) serving over 45 million EU users monthly, the DSA applies to a broad array of intermediary services targeting users in the EU. The criteria for VLOPs and VLOSEs are set out in Section 5, Article 33 of the DSA.
Expansive scope and proportional application
The DSA governs many types of businesses providing information society services (as defined in Article 3(a) of the DSA) that act as intermediaries, regardless of their physical location. These include:
- Mere conduit services: Providers like virtual private networks (VPNs) and network carriers transmitting data without modification.
- Caching services: Content delivery networks (CDNs) that temporarily store content locally for efficiency.
- Hosting services: Cloud providers and platforms such as marketplaces, social networks, content-sharing platforms, app stores, and online travel platforms.
The DSA applies proportionally: VLOPs and VLOSEs face stringent requirements, while smaller platforms benefit from certain exemptions. These rules aim to:
- Protect users in the EU from illegal goods, content, or services.
- Safeguard fundamental rights and freedoms.
- Harmonise digital regulations across the EU, reducing the compliance burden for businesses.
Online platforms: broad definition, expanding liability
The DSA's broad definition of “online platforms”, a sub-set of hosting services, may catch businesses by surprise. Interactive features like forums, user review sections, or tools facilitating communication or content sharing can classify a service as an online platform under the DSA.
Recital 13 specifies that online platforms encompass services storing and publicly disseminating user-provided information. Examples include:
- Community interaction platforms
- Support forums
- Professional user networks
- Product review platforms
- Educational discussion boards
- Tip-sharing or discussion boards
Such features may unexpectedly subject businesses to DSA obligations. For instance, a platform enabling user comments or shared content tools must reassess its compliance measures.
The “minor and purely ancillary feature” exception
To avoid overregulation, Recital 13 excludes services where interactivity is:
- A minor and purely ancillary feature linked to a principal service.
- Technically inseparable from the main service.
- Not designed to circumvent DSA obligations.
For example, a comments section on a news website might qualify as ancillary, whereas a social network hosting user discussions would not. However, determining what constitutes a “minor and purely ancillary feature” is complex and may invite legal scrutiny.
Given penalties of up to 6% of global annual turnover, businesses should err on the side of caution when evaluating whether their interactive features qualify as ancillary.
Practical implications and compliance measures
The DSA introduces a structured compliance framework for online platforms. Businesses must assess whether their features fall within the DSA’s scope and take proactive steps to mitigate liability.
Key compliance obligations for online platforms
Online platforms must meet several core requirements:
- Transparent Terms and Content Moderation
- Clearly outline content moderation policies, including algorithmic decision-making tools.
- Notify users of significant changes to terms and conditions.
- Incorporate child protection measures, such as age-appropriate access restrictions.
- Recommender Systems Transparency
- Disclose how algorithms suggest content or search results.
- Offer users options to modify recommendation parameters.
- Consumer Protection Mechanisms
- Implement robust complaint and redress systems enabling out-of-court dispute resolution.
- Reporting and Contact Points
- Appoint a single point of contact for EU regulators and relevant member states.
- Publish annual reports on content moderation activities, including metrics like monthly active users.
- Harmonization with Existing Laws
- Ensure compliance with overlapping EU laws, including GDPR, consumer protection laws, and product safety regulations.
Risk Management and Transparency
To meet DSA obligations, businesses should:
- Conduct Risk Assessments: Identify potential compliance gaps.
- Maintain Auditable Records: Document user activities and moderation practices to ensure transparency.
- Establish Internal Controls: Monitor processes to align with DSA requirements and minimise risks.
Conclusion
The DSA’s extraterritorial scope means non-EU businesses targeting EU users must also comply. This underscores the global significance of the DSA, necessitating proactive adjustments for businesses worldwide.
Features like forums, reviews, and discussion boards enhance user engagement but introduce regulatory risks under the DSA. To navigate these challenges, businesses should:
- Assess Applicability: Determine whether their features qualify as online platforms or ancillary services.
- Conduct Compliance Audits: Identify and address gaps in DSA alignment.
- Update Practices: Revise terms, moderation policies, and interactive features to meet DSA requirements.
- Maintain Transparency: Ensure robust reporting, regulatory engagement, and auditable records of user activities.
Aviation
Banking and finance
Construction and engineering
Education
Healthcare
Information technology
Insurance and reinsurance
Life sciences
Public sector
Rail
Retail
Shipping and international trade
Sport
Transport and logistics
Travel and tourism
Denmark
France
Ireland
Israel
Spain
Sultanate of Oman
United Arab Emirates
United Kingdom