The Digital Services Act ("DSA") came into force on 16 November 2022, marking one of the European Union's most significant updates to its legal framework for digital regulation since the adoption of the e-Commerce Directive in 2000. The DSA reshapes the responsibilities and accountability of digital services providers. You can read our comprehensive blog post on DSA here.

Key date(s)

  • July 2019 - The DSA was announced as part of a broader legislative package for regulating the online environment in the EU.
  • June to September 2020 - The DSA was subject to a public consultation (see our blog post here for more details).
  • October 2020 - European Parliament approved two associated legislative initiative reports recommending to the European Commission that the DSA should contain tougher regulation on targeted advertising and the management of illegal content (see our blog post here for more details).
  • 19 October 2022 - The DSA was signed into law by the President of the European Parliament and the President of the European Council.
  • 27 October 2022 - The DSA published in the Official Journal of the European Union.
  • 16 November 2022 - The DSA came into force.


  • The DSA was originally announced by Ursula von der Leyen in her political guidelines in July 2019, and forms part of a legislative package for regulating the online environment in the EU and beyond. It is an element of the European Digital Strategy "Shaping Europe's digital future".
  • Up until now, the European Commission has sought to regulate digital services through a series of incremental and complementary legislative initiatives, aimed at reinforcing and building on some of the key principles of the e-Commerce Directive adopted in the year 2000 (for example the liability rules for providers of intermediary services).
  • A consistent aspect of this legislative package since its inception has also been the focus on those major technology companies and online platforms who are perceived to be the "gatekeepers" of the online world and the desire to introduce new "ex-ante" rules to foster competition and ensure that these companies treat their B2B customers fairly. This is addressed through a seperate piece of legislation called the Digital Markets Act. Please see our blog post here and here.
  • An implementing regulation on the DSA is expected in the fourth quarter of 2022, following a consultation process. It will lay down rules on all procedural practical arrangements in Article 83 of DSA, namely the exercise of delegated acts conferred on the Commission, hearings for 'very large online platforms' ("VLOPs") and 'very large online search engines' ("VLOSEs") relating to a non-compliance decision / fines or penalties and disclosure of certain information at those hearings

What it hopes to achieve

  • The DSA aims to create a safer online environment, define clear responsibilities for digital services providers, and deal with current digital challenges.
  • The European Council has described the DSA as a "world first in the field of digital regulation", and it has been touted by the Czech minister for industry and trade as having the potential to become the "gold standard for other regulators in the world".

Who does it impact?

  • The DSA is broad in reach and is intended to apply to a range of key players across the digital ecosystem. The DSA breaks these digital service providers down into four categories, each of which is a narrower subsection of the category before:
    • online intermediaries;
    • hosting services (such as cloud and webhosting services);
    • online platforms (bringing together sellers and consumers and disseminating information to the public at their request, such as online marketplaces, app stores, collaborative economy platforms and social media platforms); and
    • VLOPs/VLOSEs.
  • Some of the new measures apply to all four of these categories, and others apply only to some of them, with the narrowest, highest tier category (VLOPs/VLOSEs) being subject to the most stringent regulations under the DSA

Key points

1. Illegal content: notice and action mechanism

  • All online platforms that provide hosting services will be required to put in place user-friendly notice and action mechanisms, which will allow third parties to notify the platform of illegal content on their services.
  • The host will be required to implement a mechanism to facilitate the submission of detailed notices, which pinpoint the exact electronic location of the information (for example, by providing a URL).
  • The host will be required to make a decision on any notice it receives in a "timely, diligent, non-arbitrary and objective manner".
  • Hosting service providers that are also online platforms must offer an internal complaint handling procedure as one of the redress options following the takedown decision.
  • The DSA also envisages a regime of new out-of-court settlement bodies to deal with disputes relating to the removal of illegal content (that have not been resolved through the internal complaint handling process).

2. Strengthening online advertising transparency

  • All online platforms presenting advertisements online will be required to ensure that individuals using their services can identify "in a clear, concise and unambiguous manner and in real time"
    • that the information is an advertisement (including through prominent markings);
    • the natural or legal person on whose behalf the advertisement is presented (and the person who paid for it, where this differs); and
    • meaningful information about the parameters used to determine whom the advertisement is presented to (which should be directly and easily accessible from the advertisement itself) and, where applicable, how to change those parameters.
  • VLOPs and VLOSEs will be subject to additional advertising and transparency obligations, including a requirement to compile and make publicly available a repository of historic advertisements in a specific section of their online interface

3. Transparent recommender systems and algorithmic decision making

  • The DSA requires online platforms that use recommender systems to set out in their terms and conditions the main parameters used in the systems, as well as any options for the recipients to modify or influence those parameters that they may have made available. Recommender systems rely on previous choice that a user has made to predict other content the user might like.
  • For VLOPs and VLOSEs, this should include at least one option that is not based on profiling of the recipient.
  • The information should be set out in a clear, accessible and easily comprehensible manner, and options to modify parameters should include easily accessible functionality on their online interface.
  • More generally, providers of intermediary services are also required to include information in their terms and conditions on any restrictions that they impose on the use of their service by its recipients.

4. Reinforcing the liability shield

  • The DSA retains the so-called liability shield originally introduced under the e-Commerce Directive. This is the regime that effectively provides a defence against liability for illegal content in respect of online intermediaries who are merely providing a "conduit" for information, are carrying out routine "caching" of information, or are "hosting" information in circumstances where they have no knowledge of the illegal content.
  • The DSA appears to strengthen the liability shield with the introduction of the so-called "Good Samaritan" clause. This provision essentially means that intermediary service providers who decide in good faith and in a diligent manner, to voluntarily implement measures to detect and remove illegal content will not be prevented from availing themselves of the liability shield.
  • This new provision appears to provide a degree of comfort that any voluntary monitoring mechanisms will not count against them in this way. The Commission clearly hopes to incentivise more voluntary activity in this area, however, it remains to be seen how this rule will apply in practice.

5. Enforcement and fines

  • EU Member States will each be required to appoint a 'Digital Services Coordinator' which will be responsible for supervising the intermediary services established in their Member State.
  • In addition, a new body (known as the European Board for Digital Services) will be created at an EU level to coordinate compliance and enforcement and act as an advisory board. It will comprise the Digital Services Coordinators from each Member State and will be chaired by the Commission.
  • Failure to comply with the DSA can result fines of up to 6% of the worldwide annual income or turnover of the provider or platform. The size of the fine will be linked to the severity of the breach, as well as the duration and frequency of the violation. The Member States or the Commission may also impose fines of up to 1% of annual income or turnover of the provider or platform for providing incorrect, incomplete, or misleading information in response to a request for information and failure to submit to an inspection.
  • Recipients of a service regulated under the DSA also have a right to lodge a complaint against an intermediary service provider with the Digital Services Coordinator of the Member State where the recipient of the service is located or established, alleging non-compliance with the DSA. The recipient is entitled to seek compensation from the intermediary service provider for damage or loss suffered due to the provider's non-compliance, in accordance with national or EU law.


DSA text

European Digital Strategy "Shaping Europe's digital future"

Publication of the DSA in the Official Journal of the European Union

HSF Blog Post on the DSA

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.