IFTAS is happy to announce the public availability of our DSA Guide for Decentralized Services – a practical guide for small and micro services that are subject to the EU’s Digital Services Act.
If your server has member accounts in the EU, or is publicly viewable in the EU, your service is most likely impacted by this regulation, even if you are not based or hosted in the EU.
Developed in collaboration with the great people at Tremau, our DSA Guide is designed to help independent social media service providers navigate these complex regulations and achieve compliance with these new rules without compromising the unique qualities of federated, open social networks.
As part of our Needs Assessment activities, we’ve heard a repeated need for help understanding the complex regulatory landscape that decentralized services need to consider, and this DSA Guide is the first of many in our plan to provide clear, actionable guidance to a range of regulations for the community.
As of February 2024, all online services and digital platforms that offer services in the European Union are required to be fully compliant with the DSA.
However, various portions of the DSA are not applicable to “small and micro” services, and this guide will show you clearly which parts apply and which do not.
For administrators of platforms like Mastodon, PeerTube, and Pixelfed, the DSA Guide can help demystify the requirements and offer practical advice on achieving compliance for the over 27,000 independent operators of these and other decentralized social media services who otherwise may not be able to obtain the guidance and advice that larger operations can afford to invest in.
Download the DSA Guide for Decentralized Fediverse Services.
To join the discussion, visit our community chat service at https://matrix.to/#/#space:matrix.iftas.org or stay tuned to join our community portal in the coming weeks!
@about.iftas.org
This is brilliant! It will definitely help smaller services in the EU.
Thanks for sharing 🧡
@about.iftas.org Thank you for providing this. I and several other furry instance admins are trying to understand the "appoint a legal representative" requirement, how that's even supposed to work. It certainly feels like the EU never heard of the internet before large online platforms, and smaller forums even prior to the federated web would have serious difficulties.
Does that requirement really apply to instance operators like myself and other admin friends, or is it more aimed at in my case Vultr, or in others' cases DigitalOcean or Hetzner or OVH, etc? As it stands, it seems like I'd have to find a user in the EU whom I trust enough, and trusts me enough, to exchange that level of personal information, and I'm really fearful of the ability of the open web to continue to be open with rules like this that feel like they only let the big parties participate, when we can happily comply with all other rules. I know I'm preaching to the choir largely, I'm just not sure what to do. :<
If your service is open to EU residents it applies to you, but our guidance for now is to make sure you have a clear way for authorities to contact you on your about page, something like “legal@myinstance.social” that is a clear way to contact you about any issues. This is a good faith way to demonstrate to any possible legal authority that you are able to be reached. We are investigating ways to offer a free or very low cost way to provide a legal representative service in the future, but as the law is relatively new there are very few avenues for this right now.