DSA statement of reasons when to send one

A statement of reasons is triggered by the moderation decision, not by the label a team gives the workflow. Article 17 applies to providers of hosting services when they impose one of the listed restrictions because information provided by a recipient of the service is considered illegal content or incompatible with the provider's terms and conditions.

The covered restrictions include removing, disabling access to, demoting, or otherwise restricting visibility of specific information; suspending, terminating, or otherwise restricting monetary payments; suspending or terminating all or part of the service; and suspending or terminating the recipient's account.

Article 17 applies only where the provider knows the relevant electronic contact details, and it applies at the latest from the date the restriction is imposed. It does not apply to deceptive high-volume commercial content, and it does not apply to orders covered by Article 9.

Article 17 requires enough detail for the affected recipient to understand the decision and exercise available redress rights. The statement should identify the moderation measure, the territorial scope and duration where relevant, the facts and circumstances relied on, and whether the decision followed an Article 16 notice or voluntary own-initiative investigation.

If automated means were used, the statement should say so where applicable, including whether the moderated content was detected or identified using automated means. If the ground is alleged illegality, cite the legal ground and explain why the information is illegal on that ground. If the ground is terms incompatibility, cite the contractual ground and explain why the information conflicts with it.

Redress information is part of the statement itself. For platform decisions, that means the recipient-facing notice should connect the user to the internal complaint-handling route where available, out-of-court dispute settlement where applicable, and judicial redress.

The DSA Transparency Database does not collect every hosting-service statement of reasons. The Commission FAQ explains that it collects statements of reasons from online platforms, which are a subset of hosting services that store user-provided information and disseminate it publicly, such as online marketplaces, app stores, or social networks.

For online platforms, Article 24(5) requires submission of the Article 17 decisions and statements of reasons to the Commission without undue delay for inclusion in a publicly accessible, machine-readable database. The submitted information must not contain personal data.

The Commission FAQ says redress options are not included in the public database because they are relevant only for the addressee of the statement of reasons. Operationally, keep the recipient-facing statement with redress information separately from the public database payload, and keep a personal-data removal check before submission.

For online platforms, Article 20 requires an effective internal complaint-handling system for at least six months after the recipient is informed about covered moderation decisions. Complaints must be handled in a timely, non-discriminatory, diligent, and non-arbitrary manner, and complaint decisions must be supervised by appropriately qualified staff rather than made solely by automated means.

Users can also turn to certified out-of-court dispute settlement bodies for covered platform moderation disputes, without losing the ability to go to court. The Commission's dispute-settlement page states that users may select any certified body whose expertise covers the dispute and whose language coverage fits the case.

Keep records that let reviewers connect the original moderation decision, the recipient-facing statement, the Transparency Database submission where required, and any complaint or dispute outcome. The Commission database FAQ also gives retention context for public database access: statements become available from the following day after successful insertion, search retains them for six months, daily dumps retain them for 18 months, and dashboard aggregate statistics cover the last five years.