Digital Services Act Obligations: What Businesses Need to Do

The Digital Services Act (DSA) does not treat all online services the same, and that is intentional.

Instead of a one-size-fits-all approach, the DSA applies obligations in layers, depending on what a service does and how much influence it has in the online ecosystem. The more a service hosts content, facilitates transactions, or reaches large audiences, the more responsibilities it takes on.

What “tiered obligations” means in practice

Under the DSA, services generally fall into one (or more) of the following categories:

• Intermediary services, such as connectivity or caching services
• Hosting services, including cloud and content hosting providers
• Online platforms, where user content is made publicly available
• B2C online platforms, where traders sell goods or services to consumers
• Very Large Online Platforms (VLOPs) and Very Large Online Search Engines (VLOSEs), which reach at least 45 million users per month in the EU

Some obligations, like appointing an EU Representative and publishing transparency information, apply broadly. Others only apply once a service hosts user content, enables marketplaces, or reaches a scale that creates wider societal risks.

DSA obligations by service type

The table below shows how DSA obligations build across service categories:

How Prighter can help

Prighter helps organisations interpret the DSA’s tiered framework and turn legal obligations into practical, workable compliance measures. From assessing your service classification to supporting ongoing compliance as requirements scale, our experts help you stay aligned with the DSA as your business grows.

If you would like support understanding or managing your DSA obligations, speak to our experts today.