1. Digital Services Coordinators and the Commission shall cooperate closely and provide each other with mutual assistance in order to apply this Regulation in a consistent and efficient manner. Mutual assistance shall include, in particular, exchange of information in accordance with this Article and the duty of the Digital Services Coordinator of establishment to inform all Digital Services Coordinators of destination, the Board and the Commission about the opening of an investigation and the intention to take a final decision, including its assessment, in respect of a specific provider of intermediary services.
2. For the purpose of an investigation, the Digital Services Coordinator of establishment may request other Digital Services Coordinators to provide specific information in their possession as regards a specific provider of intermediary services or to exercise their investigative powers referred to in Article 51(1).
3. The Digital Services Coordinator receiving the request pursuant to paragraph 2 shall comply with such request and inform the Digital Services Coordinator of establishment about the action taken, without undue delay and no later than two months after its receipt, unless:
(a) the scope or the subject matter of the request is not sufficiently specified, justified or proportionate in view of the investigative purposes; or
(b) neither the requested Digital Service Coordinator nor other competent authority or other public authority of that Member State is in possession of the requested information nor can have access to it; or
(c) the request cannot be complied with without infringing Union or national law.
The Digital Services Coordinator receiving the request shall justify its refusal by submitting a reasoned reply, within the period set out in the first subparagraph.
Understanding This Article
Article 57 operationalizes the Article 56 competence allocation framework by establishing mutual assistance obligations enabling cross-border DSA enforcement cooperation. While Article 56(1) grants exclusive jurisdiction to the DSC of establishment (country of origin principle), Article 57 ensures this centralization doesn't create enforcement gaps when providers established in one Member State cause harms in othersâDSCs collaborate sharing information, conducting investigations on behalf of peer authorities, coordinating enforcement responses to cross-border issues. Mutual assistance transforms country of origin from potential barrier (only establishment DSC can act, other Member States powerless) into effective enforcement mechanism (all DSCs contribute intelligence and investigative capacity, establishment DSC leverages distributed enforcement network, users across EU benefit from coordinated regulatory attention). This cooperation infrastructure reflects fundamental EU principle: internal market regulations require coordinated implementationâMember States cannot effectively regulate cross-border digital services unilaterally; mutual assistance bridges national enforcement capabilities with transnational service provision; collaboration ensures consistent DSA application despite distributed authority across 27 DSCs.
Core Cooperation Obligation - Paragraph 1 First Sentence: 'Digital Services Coordinators and the Commission shall cooperate closely and provide each other with mutual assistance in order to apply this Regulation in a consistent and efficient manner'âmandatory collaboration duty between all DSCs and Commission. 'Shall cooperate' imposes legal obligation not discretionary optionâDSCs must engage mutual assistance; refusal to cooperate without valid grounds violates EU law (Commission could initiate Article 258 TFEU infringement proceedings, other DSCs could challenge non-cooperation before CJEU). 'Closely' requires active ongoing engagement not merely formal responses to requestsâregular information exchange, proactive intelligence sharing about cross-border issues, participation in Board coordination mechanisms (Articles 61-64), consultation on enforcement priorities and interpretations. Cooperation partners include: all 27 Member State DSCs (bilateral cooperation between any two DSCs, multilateral cooperation through Board for issues affecting multiple Member States), Commission (DSCs support Commission's VLOP/VLOSE supervision providing information about designated platforms, Commission shares intelligence from Section 5 oversight informing DSC enforcement of non-Section 5 provisions, coordination on concurrent jurisdiction matters per Article 56). Objectives: consistent applicationâmutual assistance ensures DSA interpreted uniformly across Member States rather than divergent national approaches creating compliance uncertainty and forum shopping opportunities; efficient enforcementâleveraging distributed DSC capacities avoids duplication (multiple DSCs investigating same provider for same conduct) and fills gaps (no DSC investigates despite user harm because issue falls between jurisdictional cracks).
Cooperation encompasses full enforcement lifecycle: information gathering (DSCs share intelligence about provider behaviors, emerging risks, user complaint patterns), investigation coordination (establishment DSC conducts investigation informed by destination DSC evidence and expertise), decision-making consultation (establishment DSC considers destination DSC perspectives before finalizing enforcement actions affecting their users), remedy implementation (DSCs cooperate monitoring provider compliance with enforcement decisions), precedent development (DSCs discuss case outcomes interpreting DSA provisions, contributing to evolving enforcement norms through Board discussions and guidelines). Failure to cooperate adequately may constitute Article 50 violationâDSC failing cooperation duties potentially lacks resources, independence, or effectiveness Article 50 requires, triggering Commission scrutiny of whether Member State fulfills DSC establishment obligations.
Information Exchange and Notification Duty - Paragraph 1 Second Sentence: 'Mutual assistance shall include, in particular, exchange of information in accordance with this Article and the duty of the Digital Services Coordinator of establishment to inform all Digital Services Coordinators of destination, the Board and the Commission about the opening of an investigation and the intention to take a final decision, including its assessment, in respect of a specific provider of intermediary services'âspecifies minimum cooperation content. Information exchange includes: provider compliance data (transparency reports, audit findings, risk assessments DSC-of-establishment obtained), user complaint statistics and patterns (aggregated data revealing systemic issues across jurisdictions), investigative intelligence (evidence of violations, provider responses to information requests, expert analyses), enforcement precedents (decisions DSC-of-establishment issued, remedies imposed, provider compliance outcomes). Exchange enables destination DSCs understand how establishment DSC supervises providers affecting their users, inform own regulatory priorities and user communications, identify cross-border patterns requiring coordinated response, contribute evidence and expertise when consulted by establishment DSC.
Specific notification duty: DSC-of-establishment must inform all destination DSCs, Board, and Commission when opening investigation and before taking final decision regarding specific provider. Recipients of notification: DSCs of destinationâall Member States where provider offers services and thus affected by enforcement decision (if platform operates EU-wide, all 26 other DSCs notified; if platform targets specific Member States, those DSCs notified); Boardânotified of all investigations enabling coordination oversight, pattern recognition across cases, guidance development; Commissionânotified to monitor consistent DSA application, assess whether Commission should assert Article 56 concurrent jurisdiction for VLOPs/VLOSEs, track enforcement landscape for Article 94 reporting. Notification timing: opening of investigationâearly notification enables destination DSCs provide input during investigation rather than only commenting on final decision, allows coordination of potential parallel proceedings (if multiple DSCs considering same provider/issue, coordination prevents duplication), alerts Commission to potential Commission-interest matters; intention to take final decision including assessmentâpre-decisional consultation enables destination DSCs comment on proposed enforcement action, contribute perspectives on user impact in their jurisdictions, suggest remedies addressing cross-border effects, raise concerns about precedential implications before decision finalized. Content: 'including its assessment' means establishment DSC shares legal and factual analysis supporting proposed decisionâalleged violations, evidence supporting findings, proportionality considerations, proposed remediesâenabling informed destination DSC feedback rather than mere announcement.
Notification practice: DSC-of-establishment typically uses secure information exchange system (potentially Article 85 database once operational, interim bilateral channels or Board-facilitated platforms), shares case summaries (provider identity, alleged violations, investigation status, proposed findings), invites destination DSC input within reasonable timeframe (commonly 30-45 days for complex cases, shorter for urgent matters, longer if significant cross-border impact), considers destination DSC comments when finalizing decision though not legally bound to follow (establishment DSC retains Article 56 decisional authority but should substantively engage peer input respecting mutual assistance spirit). Failure to notify: establishment DSC issuing decision without required notification violates Article 57, potentially rendering decision procedurally defective and subject to annulment if provider challenges (national administrative law procedural requirements vary but EU law obligation breaches may constitute grounds for judicial review), damaged relationships with destination DSCs undermining future cooperation.
Investigation Assistance Requests - Paragraph 2: 'For the purpose of an investigation, the Digital Services Coordinator of establishment may request other Digital Services Coordinators to provide specific information in their possession as regards a specific provider of intermediary services or to exercise their investigative powers referred to in Article 51(1)'âformal mutual assistance mechanism empowering establishment DSC to leverage destination DSC investigative capacities. Establishment DSC may request two types of assistance: (1) Information provisionârequested DSC provides specific information in their possession. Information may include: user complaints filed with requested DSC about provider (even though provider established elsewhere, users may complain to local DSC which should refer to establishment DSC but maintains complaint records), national authority intelligence about provider (consumer protection, competition, criminal law enforcement data requested DSC's Member State collected), technical expertise or analyses requested DSC developed relevant to investigation (e.g., Dutch DSC expertise in algorithm auditing might inform Irish DSC investigation of algorithmic transparency), market data about provider's operations in requested DSC's jurisdiction (user numbers, revenue, local advertising patterns). (2) Investigative powers exerciseârequested DSC uses Article 51(1) powers on establishment DSC's behalf. Article 51(1) investigative powers include: requiring provider or third parties provide information (Article 51(1)(a)), conducting on-site inspections (Article 51(1)(b)), requiring interim measures (Article 51(1)(c)), requesting national authorities cooperate (Article 51(1)(e)), requesting commitments from provider (Article 51(1)(f)). Establishment DSC may need requested DSC exercise powers because: provider has offices or evidence located in requested DSC's Member State accessible to local authority but not foreign DSC, interviews or inspections benefit from requested DSC's language capabilities and local legal procedures, requested DSC has established relationships with national authorities (police, consumer protection, competition) useful for evidence gathering.
Request formalities: establishment DSC submits written request (secure channels ensuring confidentiality of investigative information) specifying: provider under investigation (identity, establishment, services), investigation purpose and legal basis (alleged DSA violations, evidence supporting investigation), specific information or investigative actions requested (precise enough for requested DSC to evaluate scope and proportionality), justification for request (why information needed, how it serves investigation objectives), timeframe for response (reasonable deadline considering request complexity, typically 2 months per paragraph 3 default). Requested DSC evaluates request under paragraph 3 criteria deciding compliance or refusal.
Duty to Comply and Exceptions - Paragraph 3: 'The Digital Services Coordinator receiving the request pursuant to paragraph 2 shall comply with such request and inform the Digital Services Coordinator of establishment about the action taken, without undue delay and no later than two months after its receipt'âdefault obligation to fulfill mutual assistance requests within defined timeline. 'Shall comply' creates strong presumption favoring assistanceârequested DSC must comply unless valid exception applies; burden on requested DSC to justify refusal; mutual assistance is norm not discretionary favor. Compliance actions: if information request, requested DSC gathers information from own files, contacts relevant national authorities for intelligence, compiles and transmits to establishment DSC (respecting confidentiality and data protection requirementsâArticle 84 applies to information exchange); if investigative powers request, requested DSC exercises Article 51(1) powers specified by establishment DSC (e.g., conducts on-site inspection at provider's local office, requests information from provider's local subsidiary, interviews witnesses in requested Member State), shares results (inspection findings, information obtained, witness statements) with establishment DSC. Timeline: 'without undue delay'ârequested DSC begins compliance promptly not waiting until deadline; 'no later than two months'âmaximum response time ensuring establishment DSC investigation doesn't stall indefinitely awaiting assistance. Two months starts from request receipt; complex requests may require full period (extensive information gathering, multi-step investigations); simple requests should be expedited (providing existing information from files may take days/weeks not months). Requested DSC informs establishment DSC of action takenâdescribes compliance steps, transmits information/investigative results, explains any limitations encountered (some requested information unavailable, provider partially cooperative, legal constraints requiring information redaction).
Exceptions permitting refusalârequested DSC may decline compliance only if: (a) Insufficient specification/justification/proportionalityâ'the scope or the subject matter of the request is not sufficiently specified, justified or proportionate in view of the investigative purposes.' Request lacks clarity: establishment DSC didn't identify specific information needed or investigative actions requested, vague requests for 'all information about provider' too broad enabling requested DSC to decline pending clarification. Insufficient justification: establishment DSC didn't explain how requested information/actions serve investigation, requested DSC cannot assess whether assistance appropriate without understanding investigative purpose. Disproportionate: request burdens requested DSC excessively relative to investigation needs (requesting extensive on-site inspections for minor alleged violation, demanding information far beyond investigation scope), balance between assistance value and requested DSC resource costs tilts against compliance. (b) Information unavailabilityâ'neither the requested Digital Service Coordinator nor other competent authority or other public authority of that Member State is in possession of the requested information nor can have access to it.' Requested information doesn't exist in requested Member State: no complaints filed about provider by local users, provider has no local presence so local authorities collected no relevant data, requested investigative action impossible because provider has no assets/offices in requested jurisdiction. Information exists but legally inaccessible: national law prevents requested DSC obtaining information from holders (e.g., national security classification, legal privilege, criminal investigation confidentiality), though requested DSC should make reasonable efforts to access (requesting national authorities cooperate, seeking judicial authorization if available). (c) Legal compliance conflictsâ'the request cannot be complied with without infringing Union or national law.' Compliance would violate Union law: data protection (GDPR limits on information sharing without adequate legal basis and safeguardsâthough Article 84 provides framework), procedural rights (collecting evidence through methods violating Charter fair trial rights), fundamental freedoms (disproportionate investigative measures infringing expression, privacy). Compliance would violate national law: requested investigative powers unavailable under national law implementing Article 51 (Member State didn't grant DSC full Article 51(1) toolkit potentially violating DSA but limiting requested DSC's current capabilities), national constitutional constraints (evidence gathering procedures requiring judicial authorization not available for requested action), national security or sovereignty concerns (though rarely legitimate grounds given DSA scope).
Refusal procedure: 'The Digital Services Coordinator receiving the request shall justify its refusal by submitting a reasoned reply, within the period set out in the first subparagraph'âmere non-response insufficient; requested DSC must explain refusal invoking specific exception(s), providing reasons demonstrating exception applies (if proportionality, explain why burden excessive; if unavailability, detail efforts to access information), submitting within two-month timeframe (refusal notification subject to same deadline as compliance). Reasoned reply enables: establishment DSC assess whether refusal valid or contestable, potential for establishment DSC to clarify/narrow request addressing requested DSC's concerns and securing compliance on revised basis, transparency for Board and Commission oversight of mutual assistance functioning (if refusals frequent or unjustified, systemic cooperation problems may require intervention). Disputed refusals may be escalated: establishment DSC may refer matter to Board requesting opinion on whether refusal legitimate (Article 62 Board dispute resolution), Commission may intervene if refusal patterns indicate Member State non-compliance with Article 57 obligations (potential infringement proceedings), provider whose investigation delayed by refusal cannot directly challenge (mutual assistance is DSC-to-DSC; provider has no standing to enforce though prolonged investigation delays may support provider challenges to final decisions as disproportionate).
Practical Application
Cross-Border Information Exchange - Irish-German Cooperation on Meta: Meta established in Ireland but substantial German user base creates mutual assistance scenario. (1) German BNetzA receives 847 user complaints about Facebook content moderation claiming Article 16 notice-and-action violationsâillegal hate speech content reported but not removed within reasonable timeframes, manifestly illegal content persisted for weeks. BNetzA analyzes complaints identifying pattern suggesting systematic Article 16 failures affecting German users. (2) BNetzA contacts Irish DSC (CoimisiĂșn na MeĂĄn) through Article 57 information exchange: shares aggregated complaint data (anonymized user complaints, content examples, response time statistics), provides analysis suggesting systematic Article 16 non-compliance, requests information about Irish DSC's own Meta supervision (has Irish DSC identified similar issues, what Meta reports to Irish DSC about content moderation resources, any ongoing Irish investigations). (3) Irish DSC responds within Article 57 cooperation framework: confirms receiving similar complaints from Irish users though lower volume given smaller user base, shares Meta's Article 15 transparency reports submitted to Irish DSC showing content moderation statistics, notes informal dialogue underway with Meta about notice-and-action responsiveness but no formal investigation yet opened. (4) BNetzA requests Irish DSC open formal investigation incorporating German evidence: argues German user impact substantial justifying investigation priority, offers continued cooperation providing additional evidence as needed, suggests investigation examine Meta's EU-wide Article 16 compliance given cross-border pattern. (5) Irish DSC opens Article 16 investigation, notifies all EU DSCs, Board, and Commission per Article 57(1)âinvestigation will examine Meta's notice processing systems, content moderation capacity, prioritization of manifestly illegal content, EU-wide compliance not just Irish users. (6) Investigation findings: Irish DSC confirms Article 16 violationsânotice processing delays averaging 21 days (excessive), manifestly illegal content identification and prioritization inadequate (Article 16(4) requires expeditious action), content moderation resources insufficient relative to EU user volume. Irish DSC imposes âŹ35M fine, orders Meta: increase EU content moderation staff by 30%, implement enhanced notice triage systems prioritizing manifestly illegal content, provide quarterly compliance reports to Irish DSC. (7) German users benefit from enforcement initiated by BNetzA intelligence but executed by jurisdictionally competent Irish DSCâBNetzA couldn't directly sanction Meta (Article 56 exclusive Irish jurisdiction) but mutual assistance channeled German concerns to decision-maker. Outcome improves Meta's EU-wide Article 16 compliance benefiting users across all Member States.
This demonstrates Article 57 effectiveness: destination DSC (Germany) lacking jurisdiction leverages mutual assistance to activate establishment DSC (Ireland), establishment DSC gains valuable intelligence from destination DSC proximity to affected users, combined investigation more comprehensive than either DSC could conduct alone, enforcement remedies cross-border harms despite country of origin jurisdiction.
Investigative Powers Assistance - French Request to Netherlands: French ARCOM investigates Dutch-established video-sharing platform for alleged Article 28 minor protection violationsâage verification failures enabling minors to access inappropriate content. (1) ARCOM's investigation hampered by evidence gap: platform's content recommendation algorithm and age verification systems administered from Dutch headquarters, technical documentation and personnel located in Netherlands, ARCOM's Article 51 powers can request information from platform but platform claims technical details confidential and stored exclusively in Netherlands, on-site inspection of Dutch facilities would clarify algorithm functioning and age verification implementation but French authority lacks extraterritorial inspection power. (2) ARCOM invokes Article 57(2) requesting Dutch DSC exercise investigative powers: formal mutual assistance request to Dutch DSC specifying: platform identity and alleged Article 28 violations, information needed (algorithm documentation explaining content recommendation to minors, age verification system technical specifications, internal assessments of minor protection effectiveness), investigative action requested (on-site inspection of platform's Amsterdam headquarters under Article 51(1)(b), requiring platform provide documentation per Article 51(1)(a), interviewing platform's minor safety policy personnel). Request justification: information critical to assessing Article 28 compliance (can't evaluate age verification adequacy without technical specs), platform claims information inaccessible to ARCOM but located in Netherlands thus accessible to Dutch DSC, ARCOM investigation will stall without Dutch cooperation. (3) Dutch DSC evaluates request under Article 57(3): scope sufficiently specified (clear information and investigative actions identified), justified (explains investigative purpose and necessity), proportionate (burden reasonable given serious minor protection concerns), no refusal grounds apply (information requested exists and accessible in Netherlands, no legal prohibitions on gathering evidence for ARCOM). Dutch DSC decides to comply. (4) Dutch DSC exercises Article 51(1) powers: schedules on-site inspection at platform's Amsterdam headquarters with 48-hour notice, conducts inspection examining: server infrastructure administering age verification, algorithm code governing content recommendations to minor-age accounts, internal compliance documentation and risk assessments regarding Article 28. Inspection findings: age verification relies on user self-declaration without verification (violates Article 28 best efforts requirement), algorithm recommendation parameters identical for minors and adults (no Article 28-compliant differentiation), internal assessments acknowledge inadequacies but deprioritized due to resource constraints. Requires platform provide copies of algorithm documentation, age verification system design documents, internal communications regarding minor protection policy decisions. (5) Dutch DSC transmits evidence to ARCOM within two-month Article 57(3) deadline: inspection report documenting findings, platform-provided technical documentation, assessment of Article 28 compliance issues identified. (6) ARCOM uses Dutch evidence to conclude investigation: finds Article 28 violations (age verification inadequate, minor-directed services lack appropriate protections, algorithm doesn't account for minor vulnerability), imposes âŹ12M fine, orders platform implement: robust age verification mechanisms beyond self-declaration, algorithm modifications providing age-appropriate recommendations, default privacy settings for minors, quarterly compliance audits. Platform complies implementing EU-wide changes supervised by Dutch DSC as establishment authority. ARCOM's enforcement succeeded through Dutch investigative assistanceâwithout Article 57 cooperation, evidence gap would have undermined enforcement leaving French minors unprotected.
Demonstrates Article 57(2) investigative assistance: destination DSC requests establishment or other DSC exercise powers inaccessible to destination DSC, requested DSC uses local enforcement capabilities (jurisdiction, physical presence, legal powers) gathering evidence for requesting DSC, combined investigation overcomes practical obstacles to cross-border enforcement.
Multi-DSC Coordination - Platform Affecting Multiple Member States: E-commerce marketplace established in Luxembourg faces Article 30 trader verification complaints from users across seven Member StatesâPoland, Spain, Italy, Czechia, Romania, Greece, Portugal. Each DSC receives local complaints about fraudulent sellers exploiting inadequate verification: fake business registrations, unverifiable contact details, consumer fraud facilitated by marketplace's Article 30 failures. (1) Polish DSC proposes coordinated approach contacting Luxembourg DSC (establishment authority) and six other affected DSCs through Article 57: suggests Luxembourg DSC lead investigation with multi-DSC input, offers Polish evidence and expertise, invites other DSCs join cooperation framework. (2) Luxembourg DSC agrees to coordinate investigation, notifies all DSCs per Article 57(1): investigation will examine marketplace's Article 30 compliance EU-wide, invites affected DSCs provide evidence and participate in investigation coordination, establishes working group (Luxembourg DSC leads, seven affected DSCs participate, Board observer to facilitate). (3) Mutual assistance requestsâLuxembourg DSC requests each affected DSC provide: complaint documentation from their users (number, nature, specific fraud examples), national business registry checks (cross-referencing marketplace traders claiming establishment in their Member States), consumer protection authority intelligence (known fraudulent actors operating through marketplace). Each DSC complies within Article 57 timeframes transmitting requested information. (4) Luxembourg DSC investigation informed by seven-country intelligence: identifies systematic Article 30 violationsâmarketplace verification relies on automated checks easily circumvented by fraudulent documents, best efforts standard not met (minimal manual review, database cross-checking not implemented, Article 30(2) traceability information not verified), display requirements (Article 30(4)) often non-compliant. (5) Parallel investigative actions: Luxembourg DSC exercises Article 51 powers requesting marketplace provide verification system documentation, conducts on-site inspection at Luxembourg headquarters examining compliance procedures, requires commitments to implement enhanced verification. Affected DSCs exercise own Article 51 powers within their jurisdictions: Spanish DSC interviews fraud victims providing testimonies, Italian DSC coordinates with national consumer protection authority gathering fraud statistics, Polish DSC conducts marketplace 'mystery shopping' testing verification loopholes. Information shared continuously with Luxembourg DSC through working group. (6) Luxembourg DSC decision informed by collective evidence: âŹ50M fine for systematic Article 30 violations (magnitude reflects EU-wide impact demonstrated by multi-DSC evidence), compliance order requiring: enhanced trader verification with manual review, database cross-checking against national business registries (working with Member State authorities), prominent Article 30(4) information display, quarterly compliance audits reported to Luxembourg DSC with copies to affected DSCs. (7) Post-decision monitoring: Luxembourg DSC supervises compliance implementation, affected DSCs monitor marketplace's trader verification improvements in their jurisdictions reporting observations to Luxembourg DSC, Board reviews case as precedent for Article 30 'best efforts' interpretation and multi-DSC coordination best practices. Users across seven Member States benefit from coordinated enforcementâisolated national complaints aggregated into evidence of systematic violation, combined DSC resources conducted more thorough investigation, remedies address cross-border fraud patterns not just national issues.
Shows Article 57 enabling sophisticated multi-jurisdictional cooperation: establishment DSC coordinates investigation involving multiple destination DSCs, mutual assistance channels evidence from distributed sources, working group structure (Board-facilitated) organizes complex cooperation, enforcement addresses EU-wide compliance failure comprehensively.
Request Refusal - Proportionality Exception: Swedish DSC investigating small platform (5,000 EU users) established in Belgium for alleged Article 17 statement of reasons deficienciesâcontent removal notifications lack adequate explanation. (1) Swedish DSC requests Belgian DSC conduct extensive on-site inspection: examine platform's content moderation decision-making processes, review all content removal logs for 6-month period, interview platform staff about Article 17 compliance training, assess technical systems generating removal notifications, provide detailed report. Belgian DSC evaluates request under Article 57(3) proportionality: small platform with limited EU user base and minor alleged violation (Article 17 notification quality, not serious fundamental rights violation), requested inspection scope extremely burdensome (multi-day on-site presence, extensive record review, significant platform operational disruption), Swedish DSC's evidence shows limited harm (dozen user complaints, no indication of systematic rights violations), alternative less burdensome approaches available (Belgian DSC could request written information from platform rather than inspection, Swedish DSC could gather more evidence before escalating to full inspection). (2) Belgian DSC concludes request disproportionate under Article 57(3)(a): scope not justified relative to investigation purpose (extensive inspection unwarranted for minor notification deficiencies), burden on small platform and Belgian DSC resources excessive given limited user impact. (3) Belgian DSC submits reasoned refusal to Swedish DSC within two months: explains proportionality concerns, proposes alternative assistance (will request platform provide Article 17 compliance documentation, sample removal notifications, explanation of notification systems), offers to conduct targeted inspection if Swedish DSC provides additional evidence showing serious systematic violations justifying burden. (4) Swedish DSC accepts counterproposal: Belgian DSC requests information from platform under Article 51(1)(a) rather than full inspection, platform provides documentation revealing Article 17 deficiencies (notification templates lack specificity, staff training inadequate, no quality control process), Belgian DSC shares documentation with Swedish DSC. (5) Belgian DSC issues compliance order based on documentation evidence: requires platform improve Article 17 notification templates (include specific legal grounds, content identification, redress information), implement staff training, conduct quarterly audits, âŹ15,000 fine (modest reflecting small scale). Swedish users benefit from improved notifications even though Belgian DSC modified requested assistance to proportionate level.
Demonstrates Article 57(3) refusal exception functioning: requested DSC exercises judgment about proportionality preventing mutual assistance burdens excessive relative to enforcement objectives, reasoned refusal enables dialogue and negotiated solutions (modified assistance acceptable to both DSCs), ultimate cooperation achieved through adapted approach balancing assistance value against costs.
Legal Compliance Conflict - Data Protection Limitations: Italian DSC requests Irish DSC provide information about specific user complaints Irish DSC received concerning Meta platformâItalian investigating whether Meta's response to Italian user complaints differs from response to Irish users suggesting discriminatory treatment. Italian DSC requests: copies of individual user complaints Irish DSC received about Meta, including complainants' identities, contact details, complaint content, Meta's responses. (1) Irish DSC evaluates request under Article 57(3)(c) legal compliance: requested information contains personal data (user identities, contact details, complaint content potentially revealing sensitive information), GDPR Article 6 requires legal basis for personal data processing and Article 9 for special categories, disclosure to Italian DSC constitutes data processing requiring justification. Article 84 DSA provides framework for information exchange 'for the purposes of this Regulation' suggesting legal basis, but GDPR data minimization (Article 5(1)(c)) and purpose limitation (Article 5(1)(b)) require disclosure limited to necessary information. (2) Irish DSC concludes full disclosure as requested would infringe GDPR: complainant identities and contact details unnecessary for Italian investigation purpose (can assess complaint patterns without personal identifiers), special category data in complaints (racial harassment, health information, sexual orientation) particularly protected, purpose of Italian investigation (comparing Irish vs. Italian user treatment) achievable through anonymized aggregate data. (3) Irish DSC submits reasoned refusal per Article 57(3) justification requirement: explains GDPR constraints preventing full disclosure as requested, offers alternative compliance: will provide anonymized complaint data (complaint substance, dates, Meta responses with personal identifiers redacted), aggregate statistics (number of Irish complaints by category, response rates, resolution outcomes), methodology explaining anonymization approach. Requests Italian DSC confirm anonymized data sufficient or specify particular information genuinely necessary for investigation enabling Irish DSC assess whether disclosure can be minimized meeting GDPR compliance. (4) Italian DSC clarifies need: anonymized complaint patterns sufficient for investigation purpose (comparing response patterns not individual identities), accepts Irish counterproposal. Irish DSC provides anonymized dataset within Article 57 timeframe. (5) Italian investigation proceeds with anonymized data: identifies no significant differential treatment between Irish and Italian users (Meta's Article 20 complaint response patterns similar across jurisdictions), closes investigation without enforcement action. Irish user privacy protected through GDPR-compliant information sharing while still enabling Italian DSC investigation.
Shows Article 57(3)(c) refusal for legal compliance conflict: GDPR and DSA both EU law requiring harmonization; Article 84 provides legal basis but data minimization applies; reasoned refusal with alternative proposal balances mutual assistance obligations with data protection; negotiated solution achieves investigation purpose while respecting legal constraints.
Commission-DSC Mutual Assistance - VLOP Supervision: Commission supervises TikTok (designated VLOP) for Article 35 risk mitigation regarding minor safety risks. (1) Commission investigation examines whether TikTok's Article 35 measures adequately mitigate risks identified in Article 34 assessment: algorithm amplification of dangerous challenges to minors, age verification inadequacies enabling underage access, data processing practices posing minor privacy risks. Commission needs intelligence about TikTok's practical operation in Member Statesâhow algorithm functions for different age groups across jurisdictions, whether minors bypassing age gates, data processing practices in national contexts. (2) Commission invokes Article 57 requesting multiple DSCs provide information: requests Irish DSC (TikTok establishment) share: TikTok's Article 42 transparency data submissions, internal audit materials reviewed by Irish DSC, Irish DSC's own assessments of TikTok's minor protection practices from routine Article 56(4) supervision of non-Section 5 obligations; requests German, French, Italian, Spanish, Polish DSCs provide: user complaint patterns regarding minor safety, national media authority intelligence about problematic content targeting minors, consumer/child protection organization reports about TikTok minor risks in their jurisdictions. (3) DSCs comply with Commission requests under Article 57 mutual assistance: Irish DSC provides extensive documentation (TikTok submitted quarterly reports, audit summaries, Irish DSC assessment memos about Article 28 complianceânon-Section 5 so Irish DSC monitored concurrently with Commission's Section 5 oversight); other DSCs provide complaint data, national authority intelligence, stakeholder reports documenting minor safety concerns. (4) Commission analyzes collective intelligence: confirms Article 35 risk mitigation inadequateâalgorithm continues recommending age-inappropriate content to minor-age accounts (destination DSC complaints corroborate pattern), age verification easily circumvented (Irish DSC observations align with destination DSC user reports), minor privacy risks insufficiently mitigated (data minimization lacking per German and French DSC assessments). (5) Commission enforcement decision: Article 74 periodic penalty payment âŹ800,000 daily requiring TikTok submit revised Article 35 mitigation plan within 45 days, Article 66 commitments requiring: algorithm changes preventing dangerous content recommendation to minors, enhanced age verification mechanisms, data processing limitations for minor accounts. Also initiates Article 52 fine procedure for original violations. (6) Reverse mutual assistanceâCommission shares decision and evidence with all DSCs: enables Irish DSC coordinate Article 56(4) supervision with Commission's Section 5 enforcement (Irish DSC monitors non-Section 5 minor protection compliance while Commission oversees Section 5 risk mitigation), destination DSCs understand Commission's TikTok oversight informing their own user communications and complaint handling, Board uses case as precedent for Article 35 risk mitigation standards. DSC cooperation essential to Commission's VLOP supervisionâCommission lacks presence in all Member States to gather local intelligence; DSCs contribute distributed enforcement intelligence; mutual assistance enables Commission's supranational oversight informed by national observations.
Demonstrates bidirectional Article 57 cooperation: Commission requests DSC assistance for VLOP investigations (DSCs support Commission's Article 56(2)-(3) exclusive/concurrent jurisdiction), Commission shares findings and decisions with DSCs (informing DSC understanding of VLOP compliance and DSA interpretation), mutual assistance bridges Commission's EU-level perspective with DSCs' local implementation knowledge.
For DSCs - Maximizing Mutual Assistance Effectiveness: (1) Proactive information sharing: Don't wait for formal requestsâshare intelligence about providers affecting other Member States voluntarily (if Italian DSC identifies Article 24 dark patterns by German-established platform, proactively inform German DSC even before formal mutual assistance request), participate actively in Board information exchange mechanisms, contribute to collective knowledge about enforcement challenges and provider behaviors. (2) Build bilateral relationships: Establish direct contacts with frequently-partnered DSCs (Irish-French, Irish-German given Irish platform concentration, cross-border pairs with significant user-provider flows), conduct regular bilateral consultations beyond specific case cooperation, share enforcement expertise and best practices improving collective capacity. (3) Efficient request processing: Designate internal mutual assistance coordinators ensuring requests routed properly and monitored, maintain systems enabling rapid information retrieval for Article 57 requests (databases, cross-referenced complaint files, documented enforcement actions), prioritize mutual assistance as core DSC function not afterthought (adequate resources, clear procedures, accountability). (4) Transparent communication: When requesting assistance, provide comprehensive justification and context helping requested DSC understand importance and urgency, when responding, communicate clearly about compliance timeline, challenges encountered, partial fulfillment if full compliance impossible, if refusing, offer alternatives demonstrating cooperation spirit even when specific request problematic. (5) Respect partner constraints: Understand requested DSCs have resource limitations and enforcement prioritiesâframe requests clearly and minimally burdensome, accept reasonable refusals without souring relationships, appreciate assistance provided even if not exactly as requested. (6) Document and report: Maintain records of mutual assistance sent and received for Article 55 annual reporting (transparency about cross-border cooperation), analyze patterns (which DSCs frequent partners, what types of assistance most valuable, bottlenecks in cooperation), share insights with Board informing cooperation infrastructure improvements. (7) Leverage Board: Use Board as forum for multi-DSC cooperation beyond bilateral Article 57 (complex cases affecting many Member States, systemic issues requiring coordinated approach, disputes about request refusals needing mediation), contribute to Board guidelines on mutual assistance best practices.
For Providers - Understanding Mutual Assistance Implications: (1) Expect cross-border coordination: If established in one Member State but facing complaints from others, anticipate destination DSCs will share intelligence with establishment DSC through Article 57, compliance failures in any Member State may surface in establishment DSC investigation via mutual assistance, invest in EU-wide compliance not just establishment jurisdiction to avoid multi-DSC concerns aggregating. (2) Information flows: Evidence and complaints provided to any DSC may be shared with establishment DSC or Commission through mutual assistance, assume information disclosed to one authority potentially available to cooperation network, maintain consistent representations across jurisdictions avoiding contradictions that multi-DSC collaboration would reveal. (3) Investigation scope: Single jurisdiction's user complaints may trigger broader investigation if establishment DSC conducts mutual assistance outreach gathering evidence from multiple Member States, prepare for establishment DSC enforcement informed by EU-wide intelligence not just local observations. (4) Cooperation leverage: If establishment DSC investigation appears one-sided, consider whether providing information to destination DSCs (complaint response efforts, compliance improvements) might flow back to establishment DSC through mutual assistance channels influencing assessment, engage transparently with DSC network demonstrating good faith compliance efforts. (5) Procedural rights: Mutual assistance is DSC-to-DSC cooperation; providers have limited direct involvement or control, however, evidence gathered via mutual assistance remains subject to procedural safeguards (right to be heard regarding evidence used in decisions, due process protections under national administrative law and Charter), providers may challenge final decisions arguing mutual assistance evidence unreliable or improperly gathered though challenging cooperation itself difficult. (6) Compliance strategy: Recognize country of origin jurisdiction doesn't isolate provider from other Member States' regulatory attentionâmutual assistance ensures cross-border concerns reach establishment DSC, effective compliance requires addressing user protection EU-wide not gaming jurisdiction to minimize oversight, investing in robust DSA compliance across all markets where services offered reduces mutual assistance targeting.