European Union

Risk Assessment Requirements for Very Large Online Platforms and Search Engines

Obligation:
Providers of very large online platforms and very large online search engines are required to diligently identify, analyze, and assess systemic risks within the European Union that arise from:

• The design or functioning of their services and related systems (including algorithmic systems)

• The use made of their services by users

Timing and Frequency of Risk Assessments

• Initial assessments must be conducted by the application date referred to in Article 33(6), second subparagraph

• Thereafter, assessments must be conducted at least once per year

• A new assessment must also be conducted prior to the deployment of any functionalities that may critically impact the identified risks

Scope and Proportionality of Risk Assessments

• Assessments must be specific to the service in question

• They must be proportionate to the level of systemic risk, considering:
  Severity of the risk
  Probability of its occurrence

Systemic Risks to Be Assessed (Selected Example)

The risk assessment must include evaluation of:

• Any actual or foreseeable negative effects related to:

  • Gender-based violence

  • Protection of public health and minors

  • Serious negative consequences to a person’s physical and mental well-being

Let me know if you'd like this section synthesized with broader summaries of EU platform regulations or prepared for a policy briefing.