EU Digital Services Act - Data Readiness

As a CDO or Data Leader is your organisation ready for the Digital Services Act ?

Earlier this week, the EU Commission made its first set of designation decisions under the Digital Services Act (DSA). Specifically, the Commission designated 17 online platforms of very large size (VLOPs - including Amazon, Google Shopping and YouTube) and 2 online search engines of very large size (VLOSEs - Google Search and Bing), which collectively have a minimum of 45 million monthly active users.

The DSA will apply to most businesses providing digital services from 17 February 2024 - and VLOPs and VLOEs will need to comply earlier than this - with the EU targeting the end of August 2023.

UK regulated organisations conducting business within the EU area will need to comply with the Digital Services Act - CDOs and data leaders will need to ensure their organisations have the right data provision and data capability in place to support these regulatory requirements.

Broadly the DSA covers the following areas with the associated data impacts:

• Enhanced user control over data: The DSA aims to give customers greater control over their personal data and how it is collected, processed, and used by digital services providers. This includes provisions for obtaining users' consent before collecting and processing their data, as well as giving users the right to access and delete their data.

• Greater transparency and accountability: The DSA requires digital services providers to be more transparent about how they collect and use data, and to be accountable for any violations of data protection rules. This covers requirements for providing clear and concise information about data processing activities, as well as establishing procedures for reporting and investigating data breaches.

• Increased regulation of online advertising: The DSA includes provisions for regulating online advertising, which is a major source of data collection and processing by digital services providers. This includes requirements for providing more information about the use of targeted advertising, as well as restrictions on the use of sensitive data for advertising purposes.

• Harmonization of data protection rules: The DSA aims to harmonize data protection rules across the European Union, which currently has a patchwork of national regulations. This is targeted to provide greater clarity and consistency for digital services providers operating across the EU.

Quaylogic has a DSA assessment framework to help you establish an approach to ensure your organisation's data is ready to be DSA compliant. We also have have the data delivery expertise to help you build the required data assets, tooling and data management disciplines.

Quaylogic can provide you with the right advice and delivery skills to ensure your organisation has the data capability in place to be Digital Service Act ready.

Contact us now on info@quaylogic.com or contact the author: Campbell Paterson (Quaylogic Data Management Expert) campbell.paterson@quaylogic.com