EU dials up attention on larger platforms over data access for risk research | TechCrunch

The European Commission has sent requests for information (RFI) to a full 17 platforms subject to algorithmic transparency regulations under the bloc’s Digital Services Act (DSA), it said today. These asks are specifically in relation to requirements that platforms provide data access to researchers investigating systemic risks in the European Union.

The list of so-called very large online platforms (VLOPs) and very large online search engines (VLOSEs) that have been sent RFIs is as follows: AliExpress, Amazon Store, (iOS) App Store, Bing, Booking.com, Facebook, Google Search, Google Play, Google Maps, Google Shopping, Instagram, LinkedIn, Pinterest, Snapchat, TikTok, YouTube and Zalando.

“These VLOPs and VLOSEs are requested to provide more information on the measures they have taken to comply with the [DSA] obligation to give access, without undue delay, to the data that is publicly accessible on their online interface to eligible researchers,” the Commission wrote in a press release.

“Access to data by researchers is key to ensure accountability and public scrutiny of platforms’ policies. Researcher access to publicly available data greatly contributes to the goals of the DSA, which is particularly important in view of upcoming events such as elections at national and EU level, as well as for an ongoing monitoring of the presence of illegal content and goods on online platforms.”

It’s a lot quicker to list the VLOPs that haven’t been sent RFIs about data access for researchers at this point. So here you go: Those not listed in today’s announcement are: Pornhub, Stripchat, Wikipedia, X/Twitter and XVideos.

However it’s worth noting that X (Twitter) is already under investigation in the EU over data access as part of a formal investigation proceeding the Commission opened on it last month — which is also looking into other areas of concern for regulators, including X’s approach to content moderation and risk management, among others.

Meanwhile, the trio of aforementioned porn sites were only recently designated VLOPs so the EU is likely to be less advanced in its assessment of their compliance.

A total of 23 VLOPs have been designated by the Commission so far: 19 were named back in April last year, followed by a further three (the porn platforms) last month.

So, basically, step forward and take a bow Wikipedia — which might just be the only VLOP that’s getting things right (or, well, less wrong) when it comes to providing data access for researchers. Albeit, this may just reflect operational differences between the not-for-profit, which isn’t algorithmically driven and puts information about user contributions and edits out in the open by default, and a bunch of commercial platforms that use proprietary code and AIs to configure content and drive engagement for profit.

The latter group are unlikely to be keen to let outsiders probe how their money-making technologies may negatively impact society. But, under the DSA, they must facilitate data access for research into so-called systemic risks, such as disinformation, child safety issues, gender-based violence and mental heath concerns.

While 17 RFIs may sound like a lot of regulatory action we’re still at an early stage of the Commission’s oversight of the data access for research issue. Nor are the 17 VLOPs/VLOSE which received RFIs today even under a formal proceeding to investigate this element of their compliance as yet. But regulators evidently feel the need to get better answers than they’ve been given so far.

The platforms that received these RFIs have been given a deadline of February 8 to respond to the EU with the information requested. “Based on the assessment of the replies, the Commission will determine next steps,” it added.

As a reminder, confirmed breaches of the DSA could see offending platforms facing penalties of up to 6% of their global annual turnover. The Commission also has further powers it could use to crack down on repeat offenders. Although the EU only kicked off its DSA oversight on larger platforms toward the end of August — so it’s also still early days for its enforcement of the bloc’s new Internet governance regime.

Earlier RFIs sent by the EU to VLOPs have focused on a number of other areas — including disinformation risks attached to the Israel-Hamas war; child safety concerns; election security issues; and consumer protection.