How the research community can help keep Big Tech in check

By opening up platform data to independent researchers, the Digital Services Act (DSA) gives Europe’s scientific community new power to scrutinise how digital platforms influence our societies, with a key role for the European Research Council in building a robust data access infrastructure, writes Alexandre de Streel.

As explained in the editorial of this issue of the ERC magazine, Big Tech platforms have become essential information infrastructures that shape what we know, how we connect, and who gets heard. Yet, as critical conversations increasingly unfold on digital platforms, the ability to study them at scale has steadily diminished. Platform interfaces and insight tools – such as CrowdTangle – that once gave researchers and civil society a window into public online discourse have been discontinued. 

Thanks to an important new EU law, however, digital platforms’ transparency and research will be made great again! Big Tech platforms are mostly data companies; they amass lots of data to make their business successful. But that data could also make research successful!

Mitigating systemic risks

The Digital Services Act (DSA), adopted in 2022 and progressively coming into force, aims to make the digital space safer and more trustworthy for users. It applies to all online intermediaries – such as online marketplaces, social networks, content-sharing platforms, app stores, and online travel and accommodation platforms – but imposes obligations in a proportionate manner: the larger the platform, the more stringent its obligations. 

In particular, the DSA requires the largest online platforms and search engines to identify – and then mitigate – the systemic risks they create for European society. These risks include the dissemination of illegal content; impacts on fundamental rights (such as freedom of expression, media freedom, and media pluralism); threats to public security, civic discourse, and electoral processes; gender-based violence; and risks to public health, the protection of minors, and mental and physical well-being. 

An ‘ecosystem of compliance and enforcement’

So far, the European Commission has designated 25 Big Tech platforms as subject to these enhanced obligations. Compliance is enforced jointly by the European Commission and the national regulators – known as Digital Services Coordinators – of the country where each platform is established. As a result, the Irish regulator, in particular, is exceptionally busy.

‘Independent researchers can support public enforcers by opening the “black box” of Big Tech platforms.’

Because overseeing some of the world’s largest companies with only a handful of European and national officials is a daunting task, the DSA establishes an ‘ecosystem of compliance and enforcement’ to ensure that it doesn't become a Sisyphean task, endless and useless. This ecosystem is orchestrated by the Commission and national Digital Services Coordinators and relies inter alia on contributions from independent researchers, who can support public enforcers by helping them better understand how Big Tech platforms function and what impacts they have.

Towards a robust data access infrastructure

To empower those researchers, Article 40 of the DSA creates two new data access rights vis-à-vis the 25 designated platforms. The first, under Article 40(12), allows independent researchers to access data that are already publicly available through Big Tech platforms’ online interfaces. To clarify what data are available, the Commission has established a registry through the new and highly useful DSA Access Portal. The second right, provided by Article 40(4), goes further by allowing vetted researchers to apply for access to non-public platform data. Researchers must be approved by a Digital Services Coordinator and submit a data access application to the relevant regulator. To facilitate this process, applications can be submitted through the Commission’s unified DSA Access Portal. The DSA also provides a number of safeguards to be implemented by regulators, ensuring that enhanced transparency does not come at the expense of security and privacy.

‘The European Research Council could play a key role in operationalising these new data access rights.’

For these new rights to be effective, robust technical and legal governance mechanisms must be established, of which the DSA Access Portal represents an important first step. In this regard, a recent report by the Hertie School and Columbia World Projects recommends: (i) developing and supporting a robust data access infrastructure by clarifying the legal framework, building secure technical infrastructure, protecting researchers from liability, and establishing international standards for research ethics; (ii) developing best practices for the research community, including regulatory guidance and protocols on data protection and security; and (iii) fostering strong relationships between researchers and regulators through increased engagement, information sharing, and opportunities for researcher secondments or fellowships. 

Given the importance of these new rights for stimulating research and opening the 'black box' of Big Tech platforms, the European Research Council could play a key role in operationalising them and in contributing to the establishment of a robust data access infrastructure.

Alexandre de Streel, Professor of EU digital law at the University of Namur and the College of Europe