EU's Digital Services Act Now in Effect
The Digital Services Act (DSA) is now fully active across the EU, imposing new obligations on online intermediaries. Companies operating platforms like app stores and social networks must comply with stricter rules on content moderation, algorithmic transparency, and takedown processes. This adds another layer of regulatory complexity for major tech firms operating in Europe.
The Digital Services Act (DSA) became fully applicable to all online intermediaries on February 17, 2024. However, a set of "Very Large Online Platforms" (VLOPs) and "Very Large Online Search Engines" (VLOSEs), each with over 45 million monthly active users in the EU, have been subject to the rules since August 2023. This regulation modernizes the EU's two-decade-old e-Commerce Directive, aiming to create a single, harmonized set of rules for digital services across the Union. The core goal is to establish a safer online environment by preventing the spread of illegal content and protecting fundamental rights. The DSA was first proposed by the European Commission under Ursula von der Leyen's leadership in 2019. Enforcement is a dual-level responsibility. The European Commission directly supervises the largest platforms (VLOPs and VLOSEs) for systemic risks. For all other services, enforcement falls to a designated Digital Services Coordinator (DSC) in each EU member state. In Ireland, this role is held by Coimisiún na Meán, the Media Commission. Penalties for non-compliance are substantial, with potential fines reaching up to 6% of a company's global annual turnover for serious infringements. Periodic penalty payments of up to 5% of average daily worldwide turnover can also be levied for each day of delay in complying with orders. For VLOPs, the obligations are far more stringent. They must conduct systemic risk assessments related to illegal content, fundamental rights, and public security. These platforms are also required to undergo independent annual audits and provide vetted researchers with access to platform data to study systemic risks. The DSA works in tandem with the Digital Markets Act (DMA), which focuses on competition and market fairness by regulating "gatekeeper" platforms. While the DSA governs content and user safety, the DMA aims to ensure a level playing field. Both regulations interact with GDPR, which remains the central framework for personal data processing. VLOPs must also increase transparency around their advertising systems. This includes creating and maintaining repositories of all ads shown, which must be accessible for at least a year after the ad's last display. They are also required to offer users a content recommendation system that is not based on profiling.
