EU DSA Transparency Calendar

Start the calendar with four lanes: annual transparency reports, statement-of-reasons database operations, average monthly active recipient publications, and VLOP/VLOSE audit and enhanced-reporting work. Keep each lane service-specific because the DSA applies different duties to intermediary services, hosting services, online platforms, and designated very large services.

For every calendar entry, store the legal trigger, covered reporting period, publication or submission channel, evidence source, approving owner, and the public link or database confirmation. Do not create a date unless it is tied to the DSA text, an implementing regulation, a designation event, or a published Commission source.

For providers covered by Article 15, the calendar should collect content-moderation reporting data throughout the year rather than assemble it at publication time. The implementing regulation aligns ordinary annual reporting with a 1 January to 31 December reporting period from the first full harmonised annual cycle, while also describing transition periods before that cycle.

The report workstream should cover orders from Member State authorities, notice-and-action volumes, own-initiative content moderation, internal complaints, automated moderation information, and the specific online-platform additions where Article 24(1) applies. The control owner should confirm that the published report uses the required template, is machine-readable, remains easy to access, and preserves prior published versions when updates correct errors or methodology changes.

The DSA transparency database lane is operational, not annual. Hosting services must provide clear and specific statements of reasons to users when they remove or otherwise restrict content; online platforms must send those statements to the Commission's public, machine-readable DSA Transparency Database under Article 24(5).

The calendar should therefore track onboarding, sandbox testing, production submission readiness, daily error review, and redaction checks. The Commission FAQ states that statements become available from the following day after successful insertion, search data is retained for six months, daily dumps are retained for 18 months, and aggregated dashboard statistics remain available for five years.

The active-recipient lane should run even for services that are not designated very large services. Article 24(2) requires providers of online platforms and online search engines to publish information on the average monthly active recipients of the service in the Union, calculated as an average over the past six months, and to update it at least once every six months.

The Commission explains that platforms and search engines with more than 45 million monthly users in the EU may be classified as VLOPs or VLOSEs. Once designated, the service has four months to comply with the DSA obligations for designated services, and the Commission may revoke designation if the service no longer reaches the threshold during one full year.

Designated VLOPs and VLOSEs need a separate audit calendar because Article 37 independent audits and Article 42 publication duties create evidence deadlines that are not the same as ordinary annual report preparation. The audit cycle should complement the prior audit period, allow the auditor to conclude at least once per year, and support prompt transmission of audit reports to the Commission and Digital Services Coordinator.

Article 42 requires VLOPs and VLOSEs to make audit-related reports publicly available at the latest three months after receiving each audit report, while allowing limited removals from the public version for specified confidentiality, security, public-security, or recipient-harm reasons. That means the calendar needs both a confidential-regulator package and a public-redaction package.