It has been almost a year since the EU’s Digital Services Act (DSA) was adopted, but companies and policymakers are still deciding on who has to follow which rules laid down by the law. The European Commission has designated 19 tech companies as being either “very large online platforms” (VLOPs) or “very large online search engines” (VLOSEs); meaning that, as of last month, they must fulfill additional obligations to safeguard freedom of expression and access to information, and to stop the spread of illegal online content.
One of these requirements is for companies to understand, assess, and mitigate any risks to fundamental rights stemming from their services – but ensuring and enforcing this work in a meaningful way will be challenging. For example, the DSA does not set harmonised rules for risk assessments and there is still no consensus on what constitutes a high-quality impact assessment. ECNL and Access Now have worked together to prepare a new policy paper "Towards meaningful fundamental rights impact assessments under the DSA" to support efforts so that impact assessments do not become merely a formality.
Effective, meaningful, and comprehensive fundamental rights impact assessments (FRIAs) are essential for ensuring VLOPs and VLOSEs adequately evaluate the fundamental rights impacts stemming from their services. But for these to be more than a “tick-box” exercise, policymakers and companies alike must implement safeguards and baselines, particularly when it comes to assessing the specific risks of automated content moderation for civic freedoms – a growing concern in the AI era. It is especially vital that the people and communities impacted by these tools have the chance to input into the impact assessment process.
To learn more about this, and our other recommendations for making FRIAs more than simply an exercise in compliance, read the full publication below.