Skip to Content

AI, Digital Services, and Online Safety: New Compliance Frontiers for EU and UK Sellers in 2025

2025 marks a watershed year for digital compliance in Europe and the UK. With the EU’s AI Act and Digital Services Act (DSA), and the UK’s Online Safety Act, businesses face a complex and fast-evolving regulatory landscape. Whether you deploy AI, run an online marketplace, or operate a user-to-user platform, understanding these new rules is critical for risk management, transparency, and long-term growth.

1. The EU AI Act: Raising the Bar for Artificial Intelligence

The EU AI Act is the world’s first comprehensive legal framework for artificial intelligence. In 2025, several key provisions take effect:

  • Prohibited Practices: From February 2025, manipulative or deceptive AI systems, social scoring, biometric categorization, and untargeted scraping of facial images are banned
  • High-Risk AI Systems: Providers must conduct risk assessments, maintain technical documentation, and ensure AI literacy among staff. Notified bodies will be designated by August 2025 to certify high-risk systems before EU market entry
  • General-Purpose AI (GPAI): Providers of large models (like LLMs) must publish detailed summaries of training data, respect EU copyright law, and assess systemic risks. Stricter obligations apply to models with “systemic risk,” including cybersecurity, incident reporting, and mitigation plans
  • Governance: The new European AI Office and national authorities will oversee enforcement, with a central AI Board providing guidance and coordination

What sellers need to do:

  • Audit your AI systems for risk level and compliance gaps
  • Maintain up-to-date documentation and copyright policies
  • Prepare for transparency and incident reporting obligations

2. The Digital Services Act (DSA): Platform Accountability and User Protection

The DSA applies to all online intermediary services in the EU, from marketplaces to social platforms. Key 2025 requirements include:

  • Due Diligence Obligations: Platforms must provide clear contact points, implement notice-and-action mechanisms for illegal content, and cooperate with national authorities
  • Trusted Flaggers: Specialized entities can now flag illegal content, requiring platforms to act swiftly and transparently
  • Transparency and Reporting: Very Large Online Platforms (VLOPs) face additional obligations, including algorithmic transparency and biannual reporting
  • Enforcement: National Digital Services Coordinators (DSCs) and the European Commission share enforcement. Fines for non-compliance can reach up to 6% of global annual turnover

What sellers need to do:

  • Review your platform’s content moderation and reporting processes
  • Ensure you have effective mechanisms for user complaints and regulatory requests
  • Monitor updates from your national DSC and the European Board for Digital Services

3. The UK Online Safety Act: Protecting Users and Enforcing Accountability

The UK’s Online Safety Act imposes strict duties on platforms, search engines, and user-to-user services accessible in the UK:

  • Illegal Content Removal: Platforms must detect and remove illegal content (terrorism, child sexual abuse, fraud) and block harmful material from children using robust age assurance technologies
  • Risk Assessments: All platforms must complete risk assessments by March 2025, with Ofcom issuing detailed codes of practice
  • Transparency and Liability: Category 1 platforms (over 34 million UK users) face extra transparency requirements and senior management liability
  • Enforcement: Ofcom can fine companies up to £18 million or 10% of global turnover, and even block non-compliant sites in the UK

What sellers need to do:

  • Implement or upgrade age verification and content moderation systems
  • Prepare for audits and risk assessments by Ofcom
  • Train senior management on new legal responsibilities

4. Practical Steps for Sellers in 2025

  • Map your digital compliance obligations across EU and UK markets—requirements differ, and dual compliance is often necessary.
  • Invest in robust technical documentation, risk management, and transparency tools for AI and platform operations.
  • Engage with regulators and industry groups to stay updated as guidance and enforcement evolve.

Final Thoughts

2025 ushers in a new era of digital compliance in Europe and the UK. Sellers who act now to align with the AI Act, DSA, and Online Safety Act will not only avoid fines and reputational risks, but also build trust with users and regulators. In a digital-first economy, compliance is a foundation for sustainable growth.

#AIAct #DSA #OnlineSafetyAct #EUCompliance #UKCompliance #DigitalRegulation #Ecommerce

Sources: BSR, Epthinktank, ITIF, NautaDutilh, Centre for Future Generations, Ofcom, European Commission, Xenoss

Product Recalls and Corrective Actions: Best Practices for EU/UK Sellers in 2025
In 2025, product safety is under the microscope like never before. With the EU’s General Product Safety Regulation (GPSR) and the UK’s evolving safety frameworks, sellers face heightened expectations—and consequences—when it comes to managing product recalls and corrective actions. Here’s how to protect your customers, your brand, and your bottom line.