top of page
gradientbg2.png
Trust%20Lab%20Logo%20horizontal_edited.png

DSA Readiness Checklist

The Digital Services Act is here. You've got dozens of articles to go through, but no time to translate them into actual tasks?

 

We’ve compiled an easy-to-navigate checklist to equip Trust & Safety and Compliance teams before the DSA comes into full effect. 

Find out how you can get DSA Compliant, step by step.

Get a copy for Google Sheets!

Filter, add team members and deadlines, edit, and make it your own! 

Thanks for submitting!

spread2.png

Before you start...does the Digital Services Act apply to you?

The DSA applies to organizations that provide online intermediary services in the EU.  What does this mean? 

 

Here are a few key questions you can ask:

  1. Does my platform host any user-generated content such as images, text, video, or audio?

  2. Does my platform allow for users to interact and share messages or other types of content?

  3. Does my platform have any users in the European Union?

If you answered yes to questions 1 or 2, and yes to 3, the DSA very likely applies to your platform.

 

However, not all intermediaries are created equal, and certain rules won't apply to you. 

As you go through the checklist, watch out for the colored tags on the corner of each section - scroll through and make sure you're going through the items that you need to handle, and skip those you don't.

What's an intermediary service?

The legislative text describes an intermediary service as all providers of intermediary services (including ‘mere conduits’ and providers of ‘caching’ and ‘hosting’ services), regardless of further sub-classification under any other tier. Not that clear, right? 

 

You can interpret this to mean platforms that transmit or store third-party content for EU-based users, spanning a broad range of activities in the digital sphere. This includes social media services, messaging services, cloud infrastructure services, content delivery networks, etc.  The EU states that more than 10,000 companies are subject to the DSA, so if you store any user-generated content from EU users, you are likely subject to the DSA.

What's a hosting service?

The legislation describes a hosting service as a type of intermediary services that involves storing information provided by (and at the request of) a service recipient, e.g., web hosting and cloud services.  The key terms here being storage at the request of another party.

What's an online platform?

Online platform is defined as a type of hosting service that, at the user’s request, stores and makes publicly available user-provided information, e.g., social media platforms and online marketplaces.  

What's an online platform with 3P traders?
A sub-type of online platform in which the marketplace is open to peer-to-peer purchasing, meaning the products and services are not provided by the platform itself.

Note that there is another designation called a VLOP (very large online platform) or a VLOSE (very large online search engine). These platforms are specifically designated by the EU Commission.  There here are 19 of them at the time of this checklist, which you can find here.

If you're unsure about what some of the terms in the checklist mean, jump down to our 

Digital Services Act Key Terms list! [click here to jump] 

Electronic Point of Contact [2]

All intermediary services

User Communications [2]

All intermediary services

Single Point of Contact [3]

All intermediary services

Legal Representatives [2]

All intermediary services

Terms and Conditions [2]

All intermediary services

Transparency Reporting [4]

All intermediary services

Notice and Action [2]

All hosting services

Statement of Reasons [2]

All hosting services

Notification of Criminal Offenses [1]

All hosting services

Internal Complaint Handling System [3]

Online platforms

Out-of-court Dispute Settlement [1]

Online platforms

Measures and Protection Against Abuse [1]

Online platforms

Transparency Reporting [4]

Online platforms

Online Interface Design and Org. Audit [1]

Online platforms

Advertising Provisions [2]

Online platforms

Recommender Systems Transparency [1]

Online platforms

Online Protection of Minors [1]

Online platforms

Traceability of Traders [3]

Online platforms with 3P traders

Compliance by Design [1]

Online platforms with 3P traders

Right of Information [1]

Online platforms with 3P traders

Key Terms Guide for The DSA (Digital Services Act)

Transparency Report

A document that platforms are required to produce, detailing actions taken on illegal content, advertisement placements, and algorithmic decisions.

Trusted Flaggers

Recognized entities with a proven track record of accurately flagging illegal content. Platforms are expected to prioritize notices from trusted flaggers.

Very Large Online Platform (VLOPs)

Platforms with over 45 million monthly EU users. Subject to stricter regulations under the DSA.

Notice of Action Requirements

Obligations for platforms to inform users when they take action on content, explaining the reason for such action.

Illegal Content

Any online information or material that violates EU law, including hate speech, misinformation, counterfeit goods, etc

Digital Services Coordinator

National authorities in EU member states responsible for enforcing the DSA at the national level.

Country of Origin Principle

This means that digital service providers will generally only have to comply with the rules of their home EU country, making it easier for them to operate across borders.

Gatekeeper Platforms

Major online platforms with significant influence in the digital market. Subject to specific regulations to prevent unfair competition. DMA Gatekeepers

Risk Assessment

An annual review that very large platforms must conduct to identify and mitigate risks associated with their platform.

Algorithmic Transparency

Requirements for platforms to disclose the main parameters of their algorithms, particularly those that show personalized content.

Dispute Resolution Mechanism

A system for users and platforms to resolve disagreements about content moderation decisions.

User Redress

Mechanisms through which users can challenge platforms' decisions regarding content takedowns or account suspensions.

Ad Transparency Center

Requirements for platforms to disclose the main parameters of their algorithms, particularly those that show personalized content.

Data Sharing Obligations

Requirements for platforms to provide specific data to researchers and regulators, ensuring compliance and promoting understanding of platform practices.

Crisis Protocol

A set of procedures very large platforms must follow in case of network and information security risks that pose threats to public order or public safety.

Ancillary Obligations

These relate to platforms that are not main or core platforms but provide additional or supplementary services.

Know Your Business Customer (KYBC)

Obligations to understand and verify the identity of business users to prevent fraudulent activities.

Micro and Small Enterprises Exemption

Recognizing the operational constraints of smaller businesses, some DSA obligations might be lighter or exempted for these entities.

Cross-border Cooperation

Mechanisms that ensure EU Member States work together in enforcing the DSA, especially when illegal content affects multiple countries.

Order to Act

 Legal orders issued by national authorities or courts for platforms to take specific actions concerning illegal content or activity.

Learn More about TrustLab's Compliance Platform

Thanks for submitting!

bottom of page