Policy Briefing — EU Digital Services Act Fully Applies
The European Union's Digital Services Act became fully applicable on February 17, 2024, extending systemic risk, transparency, and notice-and-action obligations to all online platforms serving EU users.
Executive briefing: The Digital Services Act (DSA) entered full application across the European Union on . Very large online platforms (VLOPs) and online intermediaries must now evidence algorithmic risk assessments, user reporting workflows, and independent auditing.
Key obligations
- Risk management. Platforms must identify, assess, and mitigate systemic risks related to illegal content, fundamental rights, and civic discourse.
- Transparency reporting. Providers are required to publish content moderation statistics, advertising repositories, and recommender system disclosures.
- Auditing and access. Annual independent audits and vetted researcher data access become mandatory for VLOPs and VLOSEs.
Implementation guidance
- Governance readiness. Establish DSA compliance offices that coordinate legal, policy, trust and safety, and engineering teams.
- Data infrastructure. Build pipelines to capture notice-and-action metrics, recommender explanations, and ad targeting parameters for reporting.
- Audit preparation. Engage accredited auditors early, document control effectiveness, and remediate findings within the four-month deadline.
Enablement moves
- Update product roadmaps to expose user controls for recommender systems and advertising opt-outs.
- Integrate trusted flagger escalation paths and rapid response SLAs into incident management tooling.
- Review vendor and partner contracts to ensure downstream services support DSA-mandated transparency.