IDC Names Securiti a Worldwide Leader in Data Privacy


Insights into the Digital Services Act: Unveiling the First Designated Very Large Online Platforms and Search Engines

By Securiti Research Team
Published June 13, 2023 / Updated September 21, 2023

Listen to the content

The European Union’s Digital Services Act (DSA), which aims to improve consumer rights and protections in the digital realm and strengthen legal certainty, fairness, and harmonization of laws that apply to digital service providers, saw the adoption of the first designation decisions by the European Commission on April 25, 2023.

These rulings designated 17 Very Large Online Platforms (VLOPs) and 2 Very Large Online Search Engines (VLOSEs), which bring monthly traffic of at least 45 million active users. These are:

Very Large Online Platforms

Very Large Online Search Engines

Very Large Online Platforms

  1. Alibaba AliExpress
  2. Amazon Store
  3. Apple AppStore
  5. Facebook
  6. Google Play
  7. Google Maps
  8. Google Shopping
  9. Instagram
  10. LinkedIn
  11. Pinterest
  12. Snapchat
  13. TikTok
  14. Twitter
  15. Wikipedia
  16. YouTube
  17. Zalando

Very Large Online Search Engines

  1. Bing
  2. Google Search

New Obligations under the Digital Services Act

The designated services platforms are required to evaluate and reduce systemic risks and provide effective content moderation tools to empower and protect users online, including minors.

These companies will now have four months to comply with their new set of obligations under the DSA. Accordingly, they must modify their systems, resources, and processes for compliance, set up an independent compliance system, conduct their first annual risk assessment, and submit a report to the European Commission.

The following is an overview of the changes expected to be adopted by the designated entities.

Additional User Empowerment

  • Users will have the right to opt-out of recommendation systems based on profiling and will receive explicit information about why certain information is being recommended to them;
  • Platforms must rigorously process reports flagging illegal content as submitted by users;
  • Ads cannot be displayed based on a user's sensitive information (including racial or ethnic background, political opinions, or sexual orientation);
  • Platforms must clearly label all advertisements and let users know who is promoting them;
  • Platforms must, concisely and in plain and easy-to-understand language, describe their terms and conditions in the official languages of the Member States in which they conduct business.

Additional Protection of Minors

  • To guarantee a high level of privacy, security, and safety for children, platforms will now need to redesign their systems;
  • It is now prohibited to target children using profiling-based advertising;
  • Special risk assessments, which take into account adverse impacts on mental health, must be given to the European Commission four months after the designation of the platform and made public no later than a year;
  • To reduce risks, platforms must revamp their services, including user interfaces, recommender algorithms, and terms and conditions.

Additional Diligent Content Moderation, Less Disinformation

  • Platforms and search engines must take action to mitigate concerns related to the online spread of illicit content and detrimental consequences on freedom of expression and information;
  • Platforms must have clear terms and conditions that must be strictly complied with;
  • Platforms must provide a method for users to report illegal content and quickly act upon such reports;
  • Platforms must evaluate their specific risks and put mitigation strategies in place, such as addressing the spread of misinformation and unauthenticated service usage.

Additional Transparency and Accountability

  • Platforms must make sure that external and independent audits are conducted in relation to their risk assessments and compliance with all DSA requirements;
  • Researchers should be given access to publicly available data; in the future, a special system for verified researchers will be established;
  • Platforms must make available archives of all the advertisements shown on their interface;
  • Platforms must publish transparency reports on risk management and content moderation measures.

How Securiti Can Help

Securiti harnesses the power of AI-driven process automation, enabling organizations to comply with the EU’s Digital Services Act (DSA) with several automation modules such as data mapping, universal consent management, cookie consent management, data security, privacy notice, and risk assessment automation.

Whether you’re a Very Large Online Platform (VLOP), a Very Large Online Search Engine (VLOSE), or any other organization for that matter that falls under the application scope of DSA, Securiti has got you covered.

Operationalize EU Digital Services Act with Securiti.

Request a demo to see Securiti in action.

Join Our Newsletter

Get all the latest information, law updates and more delivered to your inbox


At Securiti, our mission is to enable enterprises to safely harness the incredible power of data and the cloud by controlling the complex security, privacy and compliance risks.


Gartner Cool Vendor Award Forrester Badge IAPP Innovation award 2020 IDC Worldwide Leader RSAC Leader CBInsights Forbes Security Forbes Machine Learning G2 Users Most Likely To Recommend