What is the Digital Services Act?
The Digital Services Act (DSA) is the EU’s horizontal rulebook for online intermediaries — hosting services, online platforms, marketplaces and search engines — governing illegal content, transparency and user protection. It preserves conditional liability exemptions for intermediaries but attaches escalating due-diligence duties by size and function, up to the special regime for very large platforms (VLOPs, 45M+ EU users) supervised directly by the Commission.
The duty ladder, compressed
All intermediaries: contact points, terms transparency, and — for non-EU providers targeting the EU — a legal representative in the Union (the DSA’s cousin of GDPR’s Article 27). Hosting services add notice-and-action for illegal content with reasoned decisions. Online platforms add complaint systems, trusted flaggers, ad transparency, a ban on dark patterns, protection of minors (no profiling-based ads to them — where age assurance enters), and recommender transparency. Marketplaces add trader traceability (KYBC). VLOPs add systemic-risk assessments, audits and data access for researchers.
Reading it from Türkiye
A Turkish platform with EU users is covered — establishment is irrelevant if you target the Union, and the representative duty makes ignoring it visible. The strategic overlay: Türkiye’s own intermediary rules (5651 framework, e-commerce law amendments) share DNA with the DSA, so a single compliance architecture — notice-and-action workflow, transparency reporting, minor-protection design — can be built once and parameterised per regime rather than duplicated.
Does the DSA apply to a SaaS product?
Pure B2B SaaS without user-generated content usually is not an “intermediary service”; add UGC, reviews, a marketplace layer or content sharing and you walk up the ladder.
What are the penalties?
Up to 6% of worldwide turnover at the top of the regime — with the representative and transparency duties as the low-hanging enforcement targets for smaller providers.