EU Digital Services Act (DSA)

EU rules for online platforms covering content moderation, transparency, and user safety obligations.

Applicable since 17 February 2024 for all in-scope entities, the Digital Services Act establishes a comprehensive framework for the responsibilities of digital intermediaries and online platforms operating in the EU. DSA modernises the foundational rules of the 2000 e-Commerce Directive, creating a tiered system of obligations based on the type and size of digital service provider. Its overarching goal is to create a safer digital space where the fundamental rights of users are protected while fostering innovation and competitiveness.

DSA applies to all providers of intermediary services offering their services in the EU, regardless of where they are established. This includes internet access providers, domain name registrars, hosting services, online platforms such as marketplaces and social networks, and very large online platforms (VLOPs) and search engines with more than 45 million monthly active users in the EU. The obligations scale with the size and societal impact of the service, with the most demanding requirements falling on VLOPs and very large online search engines.

All intermediary services must designate a point of contact for authorities and users, include transparency reporting obligations, and cooperate with national authorities. Hosting services must implement notice-and-action mechanisms for illegal content and provide clear statements of reasons when content is removed or restricted. Online platforms face additional obligations, including banning dark patterns, restricting targeted advertising to minors, and providing recommender system transparency. VLOPs and VLOSEs must conduct systemic risk assessments, implement risk mitigation measures, submit to independent audits, and provide data access to researchers.

Enforcement is split between national Digital Services Coordinators and the European Commission, which has direct supervisory authority over VLOPs and VLOSEs. Penalties for non-compliance can reach up to 6% of global annual turnover. The Commission has already opened proceedings against several major platforms since full application began in 2024.

DSA operates alongside the Digital Markets Act, which addresses the market power of gatekeeper platforms rather than content-related responsibilities. It also interacts with GDPR regarding data processing for content moderation and advertising, and with the AI Act where algorithmic systems are used for content recommendation or moderation. For businesses operating digital services in Europe, DSA compliance requires investments in content governance, transparency infrastructure, and risk management processes that reflect the EU's ambition to set global standards for platform accountability.

Select your company type for tailored compliance guidance.