Direct answers to recurring DSA questions about service scope, online platform duties, VLOP and VLOSE designation, content moderation notices, statements of reasons, trader traceability, recommenders, risk assessments, transparency reports, penalties, and complaints.
Use the cited EU sources to separate baseline intermediary duties from extra obligations for hosting services, online platforms, marketplaces, and designated very large services.
Structured answer sets in this page tree.
Cited legal and guidance references.
This EU Digital Services Act FAQ explains the main DSA duties a website visitor is likely to search for: which services are covered, when platform-specific rules apply, what VLOP and VLOSE status changes, how illegal-content notices and statements of reasons work, what marketplaces must collect from traders, what recommender disclosures must say, what designated very large services must assess and report, how penalties are capped, and how users can complain.
These focused FAQ modules break this artifact into narrower answer sets so teams can move straight to the right source-backed guidance.
A grounded FAQ on average monthly active recipients under the EU Digital Services Act, including publication, EU recipient scope, the 45 million VLOP/VLOSE threshold, and evidence records.
A grounded FAQ on EU Digital Services Act illegal-content notices: Article 16 notice elements, acknowledgement, decision notices, trusted flagger priority, statements of reasons, and records.
Answer to what EU Digital Services Act Article 30 requires online marketplaces to collect, verify, display, retain, and evidence for trader traceability.
What EU Digital Services Act recommender transparency requires: main parameters, user options, VLOP/VLOSE non-profiling choices, and evidence to keep.
When DSA statements of reasons are required, what they must contain, when online platforms submit them to the DSA Transparency Database, and what appeal records to keep.
What VLOPs and VLOSEs must assess under the EU Digital Services Act, when to reassess, how Article 35 mitigation and annual audit evidence fit together, and what records to keep.
The DSA applies to providers of intermediary services offered to recipients in the EU where there is a substantial connection to the Union. The core service categories are mere conduit, caching, and hosting services.
The duties then build by service type. Hosting services store information provided by users. Online platforms are a subset of hosting services that also disseminate that information to the public at a user's request, such as marketplaces, app stores, and social networks. Very large online platforms and very large online search engines have additional obligations only after Commission designation.
An online platform or online search engine reaches the DSA very-large-service threshold when it has average monthly active recipients in the EU equal to or higher than 45 million. The Commission designates qualifying services as very large online platforms or very large online search engines.
Once designated, the service has four months to comply with the enhanced DSA duties. Providers of online platforms and online search engines must publish average monthly active recipient numbers for each service at least every six months.
Hosting providers must provide easy-to-access electronic notice-and-action mechanisms for information that a person or entity considers illegal content. A sufficiently precise and substantiated notice can give the provider actual knowledge or awareness for the specific item of information concerned.
When a hosting provider removes, disables access to, demotes, demonetises, suspends, terminates, or otherwise restricts content, service access, payments, visibility, or accounts because of alleged illegality or terms-and-conditions incompatibility, it must give the affected recipient a clear and specific statement of reasons. Online platforms must also send those statements of reasons to the Commission's public, machine-readable DSA Transparency Database without personal data.
Online platforms that let consumers conclude distance contracts with traders have trader-traceability duties. Before allowing traders to offer products or services, they must collect specified trader information, make best efforts to assess whether it is complete, design the interface so traders can provide required product and compliance information, and take steps when they become aware of illegal products or services.
Online platforms using recommender systems must explain the main parameters used by those systems and any options for recipients to modify or influence them. VLOPs and VLOSEs that use recommender systems must also provide at least one option that is not based on profiling.
Recipients can contest qualifying online-platform moderation decisions through internal complaint-handling systems. They can also use certified out-of-court dispute settlement bodies for content moderation disputes, and they retain access to courts.
Designated VLOPs and VLOSEs must identify, analyse, and assess systemic risks linked to their service design, functioning, algorithmic systems, and use. The DSA names systemic-risk areas including illegal content, fundamental rights, civic discourse and electoral processes, public security, gender-based violence, public health, minors, and serious effects on physical and mental well-being.
Those very large services must put in place reasonable, proportionate, and effective mitigation measures, maintain an internal compliance function, undergo independent audits at least annually, provide data access where required, publish six-monthly transparency reports, and make public risk assessment, mitigation, audit, and audit implementation reports within the Article 42 framework.
For penalties, Member States must set effective, proportionate, and dissuasive penalties for providers within their competence. The DSA caps maximum fines for obligation failures at 6% of annual worldwide turnover, caps certain information or inspection failures at 1% of annual income or worldwide turnover, and caps periodic penalty payments at 5% of average daily worldwide turnover or income per day. The Commission has separate enforcement powers for designated VLOPs and VLOSEs.
Digital Services Coordinators supervise and enforce DSA compliance for providers of intermediary services established in their territory, while the European Commission has exclusive competence for the enhanced due-diligence obligations imposed on designated VLOPs and VLOSEs.
For providers within Member State competence, the DSA requires Member States to ensure that the maximum fine for failure to comply with an obligation is 6% of the provider's annual worldwide turnover in the preceding financial year. Separate 1% and daily 5% caps apply to specified information, inspection, and periodic penalty-payment situations.
Sorena can help translate DSA scope, notice handling, statement-of-reasons, marketplace, recommender, VLOP/VLOSE, reporting, complaint, and penalty questions into cited controls and review records.
Ask source-linked questions about DSA scope, platform obligations, VLOP/VLOSE duties, reports, complaints, and enforcement.
Review your DSA service classification, notice flows, statements of reasons, marketplace controls, recommender disclosures, and reporting evidence.
"Trusted flaggers"
"publish user numbers"
"Users can contest moderation decisions by online platforms"
"clear and specific information, called statements of reasons"
"Very large online platforms and search engines are those with over 45 million users in the EU."
"enhances transparency"
"The Digital Services Act"
"investigative and sanctioning measures"
"transparency reporting templates"
"maximum amount of fines"