With contributions from Emma Llansó and Jared Katzman
On October 20, the delegated acts on independent audits under Article 37 of the Digital Services Act were adopted by the European Commission. The delegated act aims to lay down the ‘rules of engagement’ for auditors and platforms subject to these audits, which are one of the essential requirements under Chapter III of the Digital Services Act (DSA) which requires “very large online platforms” (VLOPs) and “very large online search engines” (VLOSEs) to expand their increased due diligence obligations as part of the mandatory, yet self-regulatory regime of the DSA.
This is the threshold step for a variety of accountability and oversight mechanisms of the DSA, with an independent audit of VLOP/VLOSEs’ compliance with the substantive provisions of the DSA set to commence in the coming months. VLOPs and VLOSEs have already submitted their first risk assessments required of them in late August. Now, auditors will evaluate whether VLOPs have adequately assessed and mitigated systemic risks borne from the design or functioning of their services, including the use of algorithmic systems, as well as their compliance with the entire regulation. These evaluations will likely significantly influence future regulatory action by the Commission and the Board — which comprises all the Digital Service Coordinators—including the potential for significant fines.
Recital 5 of the newly adopted delegated acts lays out that annual independent audits should be aligned with yearly risk assessments, making the outcomes of the independent audits and risk assessments inextricably linked. Together, they mark one of the first formal compliance activities under the DSA and it is important to understand them in context and yet, not treat them as the ultimate referendum on the efficacy of the DSA. The risk assessments and the mitigation strategies required by Articles 34 and 35 are but two of several dozen activities, policies, and procedures that VLOPs must adopt under the DSA. The audits will ultimately evaluate VLOPs’ compliance with this broad sweep of provisions, and, crucially, it remains unclear what standards auditors will be expected to apply to the auditing of the risk assessments (or any other part of the DSA) as they conduct their evaluations. This first round of submissions must be a learning opportunity for the VLOPs, the Commission, auditors, and broader civil society, and a chance to grapple with the complex questions—and potential impact on human rights—that developing a shared understanding of “compliance” with the DSA will raise.
Central to this learning, particularly with regard to the risk assessment, audit of algorithmic systems and ultimately determining compliance, will be the newly created European Centre for Algorithmic Transparency (ECAT), which is tasked with providing technical expertise for the European Commission in its supervisory and enforcement role. This task could be made more difficult given that the ECAT will likely have to evaluate a wide variety of audits conducted on a range of VLOPs. With so little clarity on what standards VLOPs, auditors, or the Commission should apply, or on precisely how ECAT will be concretely contributing to this process, ECAT has an opportunity to use this first handful of submissions to better inform their own internal processes and shape what algorithmic auditing and transparency in the DSA means in practice.
What does the DSA require? The DSA outlines a risk-based approach that requires “very large online platforms” (VLOPs) and “very large online search engines” (VLOSEs) to conduct yearly assessments that identify “systemic risks” (Article 34), and then take appropriate measures to mitigate said risks (Article 35). A company must hire an independent auditor who is tasked with assessing that company’s compliance with all the obligations laid out in Chapter III of the regulation (Article 37), as well as other due diligence obligations related to crisis protocols to follow in extraordinary circumstances and the codes of conduct obligations of the act (Articles 45, 46, 48).
A key element that needs to be considered in the overall enforcement structure will be the functioning and design of algorithmic systems and assessments of these systems in compliance with the law. Yet the field of algorithmic auditing is relatively nascent meaning a variety of approaches will likely be adopted by VLOPs during the risk assessment process, creating challenges for auditors evaluating those assessments. There is no consensus around definitions, standards, or methods to conduct an algorithmic audit. There are multiple different types of algorithmic audits based on the type of algorithmic system one is examining and the type of issues one is evaluating. Researchers have pointed out that many of the standards used to conduct algorithmic audits are proprietary and not standardized across auditors and that many auditors have differing levels of expertise and access to the systems they seek to audit. Moreover, industry standards and definitions do not match those used by external stakeholders.
In the absence of these shared standards, it is of utmost importance that the European Commission make clear how it defines a successful audit in order to ensure that the VLOPs and VLOSEs, and the independent auditors they hire, do not by default define the contours of compliance of the DSA- a concern that persists amongst experts even in light of the adoption of the delegated act. The ECAT could therefore be vital in providing thoughtful technical advice about what such standards should be. In the meantime, the European Commission should adopt an iterative approach in the development of delegated acts for the auditing obligations. A staggered approach would be best to ensure room for improvement of these processes, which are consistently and transparently informed by relevant expertise.
The state of independent auditing
Auditors’ own commentary suggests that even amongst auditors it is not clear what they are required to do. Submissions to the public consultation to shape the delegated acts on independent audits assert that independent auditors should not be able to set their own standards as it will enable auditors to use or create their own proprietary standards. It was also highlighted that this would also go against standard auditing practice in which auditors would not be conducting their assessments against an objective criterion, but essentially determining the “reasonable level of assurance” themselves against ‘benchmarks’ that platforms determine. That will result in a variety of outcomes which will ultimately undermine their independence and make it difficult for the Commission to compare assessments across similar services.
While the auditing requirements under the DSA cover more breadth than simply auditing algorithmic systems, auditors are expected to maintain and apply “technical expertise to audit algorithms and gather data related to algorithmic systems”. Specifically, the Commission outlines in the delegated act certain methodologies auditors could adopt in this regard, for example “substantive analytical procedures, such as the analysis of the interactions between all algorithmic systems involved in the recommender systems and related decision-making rules and processes for establishing the main parameters of those recommender systems, observations of digital records and logs. Methodologies should also include tests of the system, such as tests in simulated environments”. Therefore in the event of conducting algorithmic audits, auditors will have to consider many different factors and frameworks to do so. More work on clarifying the expectations towards independent algorithmic audits and the importance of assessing and acting on human rights risks stemming from or being linked to platform activities. This includes specifying what constitutes a good approach for assessing risks to people for the purpose of auditing.
There are dozens of different frameworks that companies use for the responsible development of AI, and even more regional frameworks are being developed by countries and international organizations. Many auditors and civil society have called on DSA authorities to heed these concerns and have the European Commission disclose which set of recognized standards and frameworks it seeks to use to gauge compliance with the obligation to conduct algorithmic risk assessments, whether it be frameworks created by the International Auditing and Assurance Standards Board (IAASB) or other bodies.
While companies can learn from previous risk assessments, such as in the financial and human rights space, the requirements of the DSA are a distinct undertaking. The Regulation covers multiple broad categories of risks, including the spread of illegal content, negative effects on fundamental rights, negative consequences for civic discourse, public security, and individuals’ physical and mental well-being. VLOPs need to take into account multiple factors that influence any of the outlined systemic risks, including the design of algorithmic systems, their terms of services and their enforcement, and any data-related practices. Although much work has been done on this topic, there is no agreed-upon definition for the term “systemic risk” available in the DSA or in relevant literature.
The requirements for the DSA’s independent audits are distinct from the current approach to algorithmic audits. Commonly, algorithmic audits refer to a process where an actor directly investigates the output and behaviors of an algorithmic system. These can be understood either as an internal self-assessment (first-person), an external hired assessment (second-person), or an evaluation by the external civil society and algorithmic audit experts not hired by a company (third-person), following a taxonomy developed by Costanza-Chock, Raji, and Buolomwini. While first-person audits are functionally similar to DSA risk assessments, the DSA’s independent audits are different and draw from the practices of corporate compliance auditing. They are a secondary level of accountability meant to provide a check on whether companies faithfully fulfilled the requirements of the DSA, providing a “positive”, “positive with comments”, or “negative” evaluation. In the case of the risk assessment and mitigation obligations, there is still an open question on whether independent auditors will have to reassess the systemic risks of the platform (e.g., conduct a second-person audit that investigates the substance of the VLOP’s claims) or just provide feedback on a VLOP’s process.
If the independent auditor is expected to conduct a “second party” audit of VLOPs and VLOSEs’ algorithmic systems, this comes with its own opportunities and limits. Second-party auditors, consisting of private auditing firms, often have pre-existing relationships with and access to firms that other external auditing organizations such as civil society groups do not have. Second-party auditors have the advantage of having access to the algorithmic systems that online service providers do not make available at large, enabling detailed technical and governance examinations. However, this access may come with strings.
As the DSA requires VLOPs to pay for their own independent audits, civil society has raised concerns about the potential for audit capture where auditors are deterred from criticizing their clients to ensure they are hired in the future. There have been criticisms in the past of private consulting firms creating favorable audits of private technology companies who repeatedly hire them. Though the adopted delegated act has outlined what constitutes ‘independence’ and the requirements for ensuring this independence throughout the process, concerns still remain when it comes to the practical application of these requirements given the scale of these audits and the likely actors who have the resources to conduct such audits. Lessons can still be learned on how to ensure better safeguards in the process. The Global Network Initiative’s independent assessor criteria is an example of a type of accreditation process and criteria used to evaluate the “independence” of an assessor.
The method of algorithmic audit an auditor conducts will depend wholly on a number of factors including the type of algorithmic system, the definition of systemic risk, and the type of outcomes one is looking for.
As the Ada Lovelace Institute has asserted, even within the subset of technical methods of conducting an algorithmic audit, there are many methods to effectively gauge whether the outcomes of an algorithmic system are appropriate. There are governance audits where what is assessed is the infrastructure of oversight and redress an algorithmic system is situated within. And, additionally, there are bias audits where algorithmic systems are evaluated on whether the outcomes or “decisions” made by an algorithmic system are fair and reasonably consistent, and whether the model performs equally well across users and situations.
An auditor can ask many other questions about what a company looked at. For instance, assessments can be scoped to be internal (i.e., a company’s system) vs. external (e.g., how a system interacts with other systems and the larger political environment) or focus on specific scales (e.g., effects on individuals vs. macro-risks due to network effects of ‘platformitization’). What kind of data an assessment uses will influence the types of identified risks; for example, only focusing on quantitative metrics to identify ‘bias’ will fail to capture meaningful harms that require qualitative assessments.
Auditors will have to be clear about the method of audit they pursued, the type of data related to algorithmic systems they requested and used as part of their study, and what decisions and tradeoffs they made in prioritizing a set of questions and factors.
Previous frameworks in the UK have delineated types of assessments according to their scope. The European Commission can play a role here in being clearer about the type of independent audit it wishes to see and engage in an iterative process with auditors to consistently improve upon how- and what type of- algorithmic audits are to be conducted. Inherently linked to algorithmic testing and assessments that platforms will have to perform as part of their risk assessment obligations, more transparency about the method or framework they employed in their risk assessment, the reasoning behind their choices, and likely trade-offs and intended impacts of these choices can also be obtained. Overall, the more specific risk assessments and audits are scoped for the more successful they are likely to be as indicators for compliance, which in turn can facilitate more trust in the process being independent and meaningful for increased due diligence.
Similarly, ECAT can serve as a technical expert for the European Commission and advise the Commission on what methods in conducting an audit best incorporate human rights risks and how they do so and what rubric is required to assess whether an auditor correctly scoped human rights-related principles in their audit.
This insight from ECAT will be invaluable and create a continuously improving baseline to which auditors can reference for subsequent auditors, particularly taking into consideration the scale and complexity of the VLOP submitted risk assessments and audits. ECAT and the European Commission can use submitted audits as a first round of testing to further narrow the requirements in the future and provide more concrete guidance that will help avoid potential corporate capture and diminished independence in these processes.
The question still remains about what the European Commission believes to be a “systemic risk” for the purpose of these risk assessments and audits. Recently, the European Commission published an independent study, “Application of the risk management framework to Russian disinformation campaigns,” which provides a perspective on what the European Commission may consider to be an appropriate methodology to assess systemic risks. Yet, the Commission’s study has raised questions by civil society based on the breadth of the framework and has been criticized by free expression experts in particular given that the study expands the use of the six-part Rabat test as the methodology to address disinformation, well beyond the scope of explicitly illegal speech. Civil society and those with human rights expertise should be engaged as part of the process to ensure standards used to audit VLOPs and VLOSEs reflect the values enshrined in the European Charter. Use a multi-stakeholder lens in the determination of standards independent auditors use to conduct audits. This should include the guidance provided to VLOPs about how to select eligible independent auditors by looking at pre-existing frameworks for independent assessments like the Global Network Initiative’s guidelines for independent assessors or from the European Court of Auditors.
In the absence of a clear definition of “systemic risk” in the text of the DSA or guidelines on how to conduct risk assessments, auditors are likely to try to capture a broad definition of risks that impact multiple, interdependent fundamental rights, which will require multiple different appropriate and coordinated assessment tools, resulting in a mixed-method approach to compliance. Similarly, auditors note that the term “risk” may suggest a causal relationship between algorithmic systems and negative outcomes, whereas experts note that risks borne from algorithmic systems are more widely distributed and opaque. Audits may point to more ambiguous conclusions than neat “positive” or “negative” results that the Commission imagines.
Finally, external factors will also play a role in compounding systemic risks, for example, whether the service is operating within a time of conflict or in advance of an election, which will leave static audits less useful than longitudinal analyses. The European Commission can take this into account by seeing compliance under these articles as an iterative process where the risk assessments and independent audits submitted this year are a first step towards shaping what the DSA will mean and require moving forward.