IFTAS Publishes DSA Guide for the Fediverse
Helping admins understand EU regulations.
IFTAS, the Trust & Safety organization dedicated to the Fediverse, published a guide on the EU’s Digital Services Act earlier this week. The guidance is primarily geared towards instance admins and moderation teams in the Fediverse, and spells out policy obligations for compliance.
Despite the fact that there are now new considerations in place for people who run Fediverse instances, there are a number of positive outcomes here:
- Most Fediverse servers are relatively small communities, and likely fall under the designation of “Small and Micro Enterprises” – if your server doesn’t employ 50 or more people, and doesn’t take an annual income of over 10 million Euros, you’re probably in this designation. Compared to Very Large Online Platforms, your obligations are fewer in comparison.
- Services are not considered liable for content unless they have been notified of its presence. Failure to take said content down is where the liability starts
- Platforms are not held liable for proactively searching for and removing illegal content.
Big Takeaways
Most of what’s listed in EU DSA requirements come across as simple, common sense, and already-adopted practices. The report published by IFTAS provides suggestions for best practices, and even includes templates for the bare minimum requirements for admins to use.
The biggest changes admins need to be aware of mostly relate to accountability: servers need to assign an EU representative for compliance, need to report on malicious content to local authorities, and needs to provide a notice mechanism (such as email) to inform suspended or banned users of a service of the action taken, as well as the reason.
On the matter of being required to assign an EU-based representative for compliance, IFTAS states the following:
If your service is accessible to users in the EU but you don’t have an establishment there, you’re required to designate either a legal or natural person as your legal representative within one of the Member States where you offer services.
Your legal representative will act on your behalf for interactions with the EU’s Member States’ authorities, regarding compliance with and enforcement of the DSA. You must notify the Digital Services Coordinator in the Member State of your representative’s name, postal address, email address, and telephone number. Ensure this information is public, easily accessible, accurate, and regularly updated. Most legal representative services do not offer an affordable option for donation-driven services.
IFTAS is researching ways to offer this service, but in the meantime, we strongly recommend you ensure you have added a designated contact for authorities to reach you
This will probably be the biggest hurdle for instance operators in the short term, as many instances are roughly the same size as a community group or forum, in terms of users. This is a new consideration for a lot of admins, and not necessarily one that anybody’s given thought to in the past fifteen years.
Regardless, IFTAS has produced a valuable service with lots of insight, advice, and examples for server admins. Hopefully, this will serve as a benefit to the Fediverse as many attempt to navigate compliance for the very first time.
Mentions