Access to European Union law
<a href="https://eur-lex.europa.eu/content/help/eurlex-content/experimental-features.html" target="_blank">More about the experimental features corner</a>
Choose the experimental features you want to try
EUR-Lex
Access to European Union law

This document is an excerpt from the EUR-Lex website

You are here
Use quotation marks to search for an "exact phrase". Append an asterisk (*) to a search term to find variations of it (transp*, 32019R*). Use a question mark (?) instead of a single character in your search term to find variations of it (ca?e finds case, cane, care).
Search tips
Need more search options? Use the Advanced search

Summaries of EU Legislation

Digital Services Act – information-sharing system

Date of last review:
30/01/2025
Initial creation date:
16/04/2025
Summary code:
  • 31.01.00.00 Digital single market – general rules
  • 31.10.00.00 EU data economy & data protection
EUROVOC descriptor:
Directory code:
Summarised document(s):
Responsible entity(ies):
Directorate-General for Communications Networks, Content and Technology

Digital Services Act – information-sharing system

SUMMARY OF:

Implementing Regulation (EU) 2024/607 on the practical and operational arrangements for the functioning of the information sharing system under the Digital Services Act

WHAT IS THE AIM OF THE IMPLEMENTING REGULATION?

  • Implementing Regulation (EU) 2024/607 sets up practical and operational arrangements for AGORA1, the information-sharing system established under Article 85 of Regulation (EU) 2022/2065, the Digital Services Act (DSA).
  • The regulation is an implementing act that aims to play a vital role in strengthening the EU’s digital governance, providing authorities with the necessary information to enforce compliance effectively, thus ensuring that providers of intermediary services are held accountable for their actions as required by the DSA.
  • AGORA is a software application accessible via the internet and a tool used for the exchange of information, including, where necessary, personal data. It provides a communication mechanism to facilitate the cross-border exchange of information and mutual assistance based on simple and unified procedures.
  • AGORA supports communication among digital services coordinators, the European Commission and the European Board for Digital Services (the board). Other competent authorities may be granted access to AGORA where necessary for them to carry out the tasks conferred on them by the DSA. Digital services coordinators, the Commission and the board must use AGORA for all communications pursuant to the DSA.
  • AGORA aims to ensure seamless information sharing relating to the supervision, investigation, enforcement and monitoring of compliance by providers of intermediary services, including very large online platforms (VLOPs) and very large online search engines (VLOSEs).

KEY POINTS

The regulation:

  • establishes the information-sharing system, AGORA;
  • regulates the responsibilities of the Commission, the digital services coordinators, the board, AGORA administrators2 and AGORA actors3 in connection with AGORA;
  • regulates the processing of personal data and joint controllership in AGORA;
  • regulates the access rights to AGORA, along with confidentiality obligations, security measures, translation, monitoring and reporting, and cost.

Setting up AGORA

  • The Commission is responsible for establishing and maintaining a reliable and secure information-sharing system, AGORA, that can also be used for the exchange of personal data, where necessary.
  • AGORA ensures the exchange of information among digital services coordinators, the Commission and the board, along with other competent authorities granted access to it, in relation to the supervision, investigation, enforcement and monitoring of compliance under the DSA.
  • AGORA supports various operations, including case-handling activities, one-to-one exchanges of information, notification procedures, alert mechanisms, mutual assistance procedures and problem solving, ensuring a prompt and effective response to emerging risks in digital services, particularly those concerning illegal content, disinformation and systemic risks posed to fundamental rights, public security and democracy.
  • AGORA is available in all official EU languages and integrates automated tools for translating documents and messages exchanged on AGORA, ensuring inclusivity across Member States.

Responsibilities

  • The Commission is responsible for:
    • various tasks related to the set-up, operation, reliability, security, availability, maintenance, development and performance of AGORA, including providing training, support and knowledge to AGORA administrators and AGORA users4;
    • appointing at least one AGORA administrator;
    • registering AGORA administrators on behalf of the digital services coordinator and the board, and granting them access to AGORA;
    • performing processing operations on personal data in AGORA; and
    • auditing, monitoring and preparing reports.
  • Digital services coordinators are responsible for:
    • appointing at least one AGORA administrator per Member State;
    • ensuring that only authorised AGORA users have access to AGORA;
    • informing the Commission of the AGORA administrator appointed;
    • ensuring that the AGORA administrator appointed fulfils their responsibilities; and
    • performing processing operations on personal data in AGORA.
  • The board is responsible for:
    • appointing one AGORA administrator;
    • ensuring that only authorised AGORA users have access to AGORA; and
    • informing the Commission of the identity of its AGORA administrator and the tasks for which they are responsible.
  • AGORA administrators are responsible for:
    • registering AGORA users and granting and revoking access to them in AGORA;
    • acting as the main point of contact for the Commission for issues relating to AGORA;
    • providing knowledge, training and support to the AGORA users appointed by them; and
    • ensuring the efficient provision of adequate responses by AGORA actors.
  • AGORA actors are responsible for:
    • granting and revoking access rights to AGORA administrators for whom they are responsible; and
    • putting in place appropriate means to ensure that AGORA administrators and AGORA users are allowed to access personal data processed in AGORA only where strictly necessary for the supervision, investigation, enforcement and monitoring of compliance under the DSA.

Data protection and security

  • Any exchange of information in AGORA, which may include personal data, must be in compliance with the rules on the protection of personal data laid down in Regulations (EU) 2016/679 and 2018/1725.
  • Personal data exchanged in AGORA must be processed only as necessary and proportionate for the supervision, investigation, enforcement and monitoring of compliance under the DSA.
  • Data subjects can exercise their rights in accordance with Regulations (EU) 2016/679 and 2018/1725.
  • Joint controllership in AGORA is provided for in connection with certain operations.
  • The Commission must put in place the necessary, state-of-the-art measures to ensure the security of personal data processed in AGORA, including in the event of a security incident, take remedial action and ensure that it is possible to verify what personal data have been processed in AGORA, when, by whom and for what purpose.

Monitoring and reporting

Costs

  • The costs incurred for AGORA are covered by the annual supervisory fees collected by the Commission in accordance with Article 43(2) of Regulation (EU) 2022/2065 and Commission Delegated Regulation (EU) 2023/1127.
  • The costs for operations in AGORA at the Member State level are to be borne by the Member State that incurs them.

FROM WHEN DOES THE IMPLEMENTING REGULATION APPLY?

It has applied since .

BACKGROUND

For further information, see:

KEY TERMS

  1. AGORA. The information-sharing system established and maintained by the Commission to support all communications pursuant to Regulation (EU) 2022/2065 between AGORA actors for the supervision, investigation, enforcement and monitoring of compliance under Regulation (EU) 2022/2065.
  2. AGORA administrators. AGORA users appointed by an AGORA actor for the purpose of managing AGORA for that actor.
  3. AGORA actors. The digital services coordinators, the Commission, the board or other competent authorities that are or may be granted access to AGORA where necessary for them to carry out the tasks conferred on them in accordance with the DSA.
  4. AGORA users. Natural persons working under the authority of an AGORA actor, and registered as such in AGORA, for the purpose of performing the tasks conferred on the AGORA actor by the DSA.

MAIN DOCUMENT

Commission Implementing Regulation (EU) 2024/607 of on the practical and operational arrangements for the functioning of the information sharing system pursuant to Regulation (EU) 2022/2065 of the European Parliament and of the Council (Digital Services Act) (OJ L, 2024/607, ).

last update

Top