ANCOM

Facebook X-twitter Youtube Linkedin
Menu
Menu
Menu
Menu

Researchers

Researchers’ access to data, pursuant to Article 40 of the Digital Services Act

The most important role in the application of Article 40 of the Digital Services Act lies with providers of very large online platforms or very large online search engines (VLOPSEs), entities that must ensure access to data under the conditions of the European legislative act.

Article 40 of the Digital Services Act provides two ways for researchers to access the data of very large online platform providers or very large online search engines (VLOPSEs):

  • through the mechanism established in Art. 40(12), designed for researchers, including those affiliated to non-profit bodies, organizations and associationsthat comply with the conditions under Art. 40(8) items (b), (c), (d) and (e) and that use publicly available data only for the purpose of carrying out research activities contributing to the detection, identification and understanding of systemic risks within the Union pursuant to Article 34(1);
  • through the mechanism established in Art. 40(4), designed for researchers who acquire the status of vetted researcher according to the provisions of art. 40(8).

The mechanism provided in Art. 40(12) of the Digital Services Act

Researchers, including those affiliated to non-profit bodies, organizations and associations, who comply with the conditions provided for in Art. 40(8) items (b), (c), (d) and (e) of the Digital Services Act can request access to such data.

Access to data based on Art. 40(12) is not limited to members of academia and staff employed in research institutions. However, there are some conditions that researchers affiliated to non-profit bodies, organisations and associations must prove that they cumulatively meet:

  • they are independent from commercial interests (art. 40 (8)(b) of the Digital Services Act);
  • their application discloses the funding of the research (art. 40 (8)(c) of the Digital Services Act);
  • they are capable of fulfilling the specific data security and confidentiality requirements corresponding to each request and to protect personal data, and they describe in their request the appropriate technical and organisational measures that they have put in place to this end (Art. 40 (8)(d) of the Digital Services Act);
  • their application demonstrates that their access to the data and the time frames requested are necessary for, and proportionate to, the purposes of their research, and that the expected results of that research will contribute to the purposes laid down in Art. 40 (4) (Art. 40 (8) letter (e) of the Digital Services Act).

The data accessed may only be used to carry out research activities that contribute to the detection, identification and understanding of systemic risks within the Union, as set pursuant to Article 34(1) of the Digital Services Act.

The systemic risks are as follows (according to Art. 34 (1) of the Digital Services Act):

  1. dissemination of illegal content through the VLOPSEs services;
  2. any actual or foreseeable negative effects for the exercise of fundamental rights, in particular the fundamental rights to human dignity enshrined in Article 1 of the Charter, to respect for private and family life enshrined in Article 7 of the Charter, to the protection of personal data enshrined in Article 8 of the Charter, to freedom of expression and information, including the freedom and pluralism of the media, enshrined in Article 11 of the Charter, to non-discrimination enshrined in Article 21 of the Charter, to respect for the rights of the child enshrined in Article 24 of the Charter and to a high-level of consumer protection enshrined in Article 38 of the Charter;
  3. any actual or foreseeable negative effects on civic discourse and electoral processes, and public security;
  4. any actual or foreseeable negative effects in relation to gender-based violence, the protection of public health and minors and serious negative consequences to the person’s physical and mental well-being.

Publicly accessible data in the online interface of VLOPSEs, including, where technically possible, in real-time, to the publicly accessible data, for example on aggregated interactions with content from public pages, public groups, or public figures, including impression and engagement data such as the number of reactions, shares, comments from recipients of the service. Personal data provided by VLOPSEs should be anonymised, except in those cases that would render impossible the research purpose pursued. (see recital 98 of the Digital Services Act).

The Digital Services Act does not include details on this issue, so the actual methods to request and obtain access to publicly accessible data of VLOPSEs are established by these platforms.

The request for access to the publicly accessible data of VLOPSEs pursuant to art. 40(12) of the Digital Services Act must include documented evidence of cumulative fulfilment of the conditions set out in the Digital Services Act.

Art. 40(12) of the Digital Services Act does not explicitly provide for any role for the DSC in the process of requesting or granting access to publicly accessible data of VLOPSEs.

If the researchers who requested access to the publicly accessible data of the VLOPSEs invoke the violation of art. 40(12) by the VLOPSEs providers, ANCOM may receive all the documented evidence regarding the respective violation and send the European Commission, pursuant to art. 65(2) of the Digital Services Act, a request for assessment of the violation of the provisions of art. 40(12). The request made by ANCOM pursuant to art. 65(2) of the Digital Services Act must be duly reasoned and include at least the elements provided in Art. 65(3) of the Digital Services Act, among which:

  • a description of the relevant facts, the provisions of the Digital Services Act concerned and the reasons why the DSC that sent the request suspects that the VLOPSE concerned infringed the Digital Services Act, including a description of the facts that show that the suspected infringement is of a systemic nature;
  • any other information that the Digital Services Coordinator that sent the request considers relevant, including, where appropriate, information gathered on its own initiative.

Pursuant to Article 56(2) of the Digital Services Regulation, the European Commission has exclusive competence to supervise and ensure compliance with Chapter III, Section 5 (Articles 33–43). Accordingly, the European Commission has exclusive competence to supervise and ensure VLOPSEs’ compliance with Article 40 of the Digital Services Regulation.

In cases of urgency due to the risk of serious harm to recipients of the service, pursuant to Article 70 of the Digital Services Regulation, the European Commission may order interim measures against a VLOPSE, on the basis of a prima facie finding of an infringement.

2. The mechanism provided in Art. 40(4) of the Digital Services Act

The implementation of this mechanism is supported by the Data Access Delegated Regulation adopted in october 2025 which supplements the Digital Services Act by laying down the technical conditions and procedures under which providers of VLOPSEs are to share data pursuant to Art. 40(1) and (4).

Researchers who submit to the DSC (either to the DSC in the country of establishment of the VLOPSE, according to Art. 40(8) of DSA, or to the DSC in the country of the organization to which the researcher is affiliated, according to art. 40(9)) a duly reasoned request that meets all the conditions set out in Art. 40(8) items (a) to (g):

  1. they are affiliated to a research organisation, as defined in Article 2, point (1), of Directive (EU) 2019/790  (Art. 40(8) item (a) of the Digital Services Act); the definition of research organisation in Article 2(1) of Directive (EU) 2019/790 does not refer exclusively to entities in the research or academic environment, but also to other possible entities, which must have as their main purpose the conduct of educational activities that also include carrying out scientific research under a mission of public interest recognised by a Member State,  so that access to the results generated by such scientific research cannot be preferentially granted to an undertaking which exercises decisive influence over such an organisation; in this regard, see also the clarification in recital 97 of the Digital Services Act: ‘research organisations, […] which may include, for the purpose of this Regulation, civil society organisations that are conducting scientific research with the primary goal of supporting their public interest mission.” s.n.
  2. they are independent from commercial interests (art. 40(8)(b) of the Digital Services Act);
  3. their application discloses the funding of the research (art. 40(8)(c) of the Digital Services Act);
  4. they are capable of fulfilling the specific data security and confidentiality requirements corresponding to each request and to protect personal data, and they describe in their request the appropriate technical and organisational measures that they have put in place to this end (Art. 40(8)(d) of the Digital Services Act);
  5. their application demonstrates that their access to the data and the time frames requested are necessary for, and proportionate to, the purposes of their research, and that the expected results of that research will contribute to the purposes laid down in Art. 40(4) (art. 40(8)(e) of the Digital Services Act);
  6. The planned research activities will be carried out for the purposes provided in Art. 40 paragraph (4) (Art. 40(8)(f) of the Digital Services Act);
  7. they have committed themselves to making their research results publicly available free of charge, within a reasonable period after the completion of the research, subject to the rights and interests of the recipients of the service concerned, in accordance with Regulation (EU) 2016/679 (Art. 40(8) letter (g) of the Digital Services Act).

According to Article 40(4) of the Digital Services Act, the accessed data may be used “for the sole purpose of conducting research that contributes to the detection, identification and understanding of systemic risks in the Union, as set out pursuant to Article 34(1), and to the assessment of the adequacy, efficiency and impacts of the risk mitigation measures pursuant to Article 35.“.

The systemic risks laid down in art. 34(1) of the Digital Services Act are as follows:

(a) dissemination of illegal content through the VLOPSEs services;

(b) any actual or foreseeable negative effects for the exercise of fundamental rights, in particular the fundamental rights to human dignity enshrined in Article 1 of the Charter, to respect for private and family life enshrined in Article 7 of the Charter, to the protection of personal data enshrined in Article 8 of the Charter, to freedom of expression and information, including the freedom and pluralism of the media, enshrined in Article 11 of the Charter, to non-discrimination enshrined in Article 21 of the Charter, to respect for the rights of the child enshrined in Article 24 of the Charter and to a high-level of consumer protection enshrined in Article 38 of the Charter;

(c) any actual or foreseeable negative effects on civic discourse and electoral processes, and public security;

(d) any actual or foreseeable negative effects in relation to gender-based violence, the protection of public health and minors and serious negative consequences to the person’s physical and mental well-being.

 

Risk mitigation measures pursuant to Art. 35(1) of the Digital Services Act may include, as the case may be:

(a) adapting the design, features or functioning of their services, including their online interfaces;

(b) adapting their terms and conditions and their enforcement;

(c) adapting content moderation processes, including the speed and quality of processing notices related to specific types of illegal content and, where appropriate, the expeditious removal of, or the disabling of access to, the content notified, in particular in respect of illegal hate speech or cyber violence, as well as adapting any relevant decision-making processes and dedicated resources for content moderation;

(d) testing and adapting their algorithmic systems, including their recommender systems;

(e) adapting their advertising systems and adopting targeted measures aimed at limiting or adjusting the presentation of advertisements in association with the service they provide;

(f) reinforcing the internal processes, resources, testing, documentation, or supervision of any of their activities in particular as regards detection of systemic risk;

(g) initiating or adjusting cooperation with trusted flaggers in accordance with Article 22 and the implementation of the decisions of out-of-court dispute settlement bodies pursuant to Article 21;

(h) initiating or adjusting cooperation with other providers of online platforms or of online search engines through the codes of conduct and the crisis protocols referred to in Articles 45 and 48 respectively;

(i) taking awareness-raising measures and adapting their online interface in order to give recipients of the service more information;

(j) taking targeted measures to protect the rights of the child, including age verification and parental control tools, tools aimed at helping minors signal abuse or obtain support, as appropriate;

(k) ensuring that an item of information, whether it constitutes a generated or manipulated image, audio or video that appreciably resembles existing persons, objects, places or other entities or events and falsely appears to a person to be authentic or truthful is distinguishable through prominent markings when presented on their online interfaces, and, in addition, providing an easy to use functionality which enables recipients of the service to indicate such information.

Specific data, which is not publicly accessible, necessary in order to study systemic risks or their mitigation, for example: data related to users of the services, such as profile information, relationship networks, individual-level content exposure and engagement histories; interaction data such as comments or other engagements; data related to content recommendations, including data used to personalise recommendations; data related to the targeting of advertisements and profiling, including cost per click data and other measures of advertising prices; data related to the testing of new features prior to their deployment; data related to content moderation and governance, such as data on algorithmic or other content moderation systems and processes, including changelogs, archives or repositories documenting moderated content, including accounts as well as data related to prices, quantities and characteristics of goods or services provided or intermediated by the data provider.

Important!

Requests for access to such data should not include requests to provide specific information on individual recipients of the service in order to determine whether those recipients comply with other applicable European Union or national rules.

    1. Applicant researchers register in the Data Access Portal.
    2. Applicant researchers shall submit via the Data Access Portal a duly reasoned request (the prerequisites for making a reasoned request are set out in Article 8 of the draft Delegated Regulation) to the DSC of the country of establishment of the VLOPSE (e.g. CnaM, in the case of providers Meta, TikTok, Google) or to the DSC of the Member State of the research organisation to which they are affiliated (e.g. ANCOM in the case research organizations in Romania);

    – within 5 working days of receipt of the application,  the DSC to which the application was submitted either confirms to the principal researcher that the application contains the supporting information and documentation, or indicates the elements of the application that require correction or completion, allowing the principal researcher to resubmit it. (Art. 7(1) of the draft delegated act on access to data).

    – if the request is sent according to art. 40(9) of the Digital Services Act, the DSC of the Member State of the research organisation to which the applicant researchers are affiliated shall carry out an initial assessment of the fulfilment by those researchers of all the conditions set out in Art. 40(8) of the Digital Services Act. That DSC sends, via the Data Access Portal, the application, together with the supporting documents submitted by the respective researchers and the initial assessment, to the DSC of the country of establishment of the VLOPSE.

    1. The DSC of the country of establishment of the VLOPSE shall grant those researchers the status of vetted researchers with regard to the specific research mentioned in the application and issue a reasoned request for access to the VLOPSE data pursuant to Art. 40(4) of the Digital Services Act. We draw attention to the fact that the status of vetted researcher is strictly circumstantial to the specific research mentioned in the application. Thus, for any new research that requires access to VLOPSEs data, the status of vetted researcher must be obtained pursuant to Art. 40(8) of the Digital Services Act.

    – if the request was initially sent to the DSC of the Member State of the research organisation, the final decision to grant a vetted researcher status to a researcher rests with  the DSC of the country of establishment of the VLOPSE, taking due account of the initial assessment of the first DSC. – before making a decision on the issuance of a reasoned request for access to data, the DSC of the country of establishment may decide to consult experts (in accordance with the independent advisory mechanisms detailed in Article 14 of the draft Delegated Regulation on Data Access).

    – the deadline for issuing the reasoned request or for informing the principal researcher about the reasons why the reasoned request could not be formulated is 21 working days, starting from the day after the confirmation of completeness of the data access application to the principal researcher. (Art. 7(2) of the draft Delegated Regulation on Data Access). In duly justified cases, the DSC of the country of establishment may extend the deadline for a reasonable period. The DSC of the country of establishment shall notify the principal researcher of the extension and shall indicate the reasons for the delay and a new date for the transmission of the reasoned request to the VLOPSE. (Art. 7(3) of the draft Delegated Regulation on Data Access).

    – The DSC of the country of establishment of the VLOPSE shall determine in the reasoned request the modalities according to which access to the data is to be granted by the VLOPSE (Art. 9 of the draft Delegated Regulation on Data Access).

    – The minimum elements to be contained in the reasoned request are set out in accordance with Article 10 of the draft Delegated Regulation on Data Access.

    – The DSC of the country of establishment of the VLOPSE publishes the overview of the reasoned request in the Data Access Portal.

    – Within 15 days from the receipt of the reasoned request based on Art. 40(4) of the Digital Services Act, VLOPSEs may request the DSC of the country of establishment to amend the request, if they consider that they are unable to grant access to the requested data for one of the following two reasons:

    (a) they do not have access to the data;

    (b) granting access to data will lead to significant vulnerabilities to the security of their service or the protection of confidential information, in particular trade secrets (Art. 40(5) of the Digital Services Act). According to recital 97, in order to ensure the achievement of the objective of the Digital Services Act, “consideration of the commercial interests of providers should not lead to a refusal to provide access to data necessary for the specific research objective pursuant to a request under this Regulation.” Such requests for amendment shall contain proposals for one or more alternative means by which access may be granted to the requested data or to other data that are appropriate and sufficient for the purpose of the reasoned request based on Art. 40(4) of the Digital Services Act (art. 40(6) of the Digital Services Act). The procedures for dealing with requests for amendments are set out in Article 12 of the draft Delegated Regulation on Data Access.

    – The DSC of the country of establishment decides on the request for amendment within 15 days and communicates its decision to the VLOPSE provider and, if applicable, the amended request and the new deadline for complying with the request (Art. 40(6) of the Digital Services Act). Before taking a decision on a request for amendment, the DSC of the country of establishment may decide to consult experts (in accordance with the independent advisory mechanisms detailed in Article 14 of the draft Delegated Regulation on Data Access). If the VLOPSE disagrees with the decision of the DSC in the country of establishment of the VLOPSE following a request for amendment, the VLOPSE may request the DSC of the country of establishment to participate in a mediation. The details of this mediation procedure are set out in Article 13 of the draft Delegated Regulation on Data Access.

    1. VLOPSEs provide and facilitate access to data pursuant to Art. 40(4) of the Digital Services Act through the appropriate interfaces specified in the request, including online databases or application programming interfaces. (Art. 40(7) of the Digital Services Act).

    – VLOPSEs shall make available an overview of the data inventory of their services, including examples of available datasets and suggested modalities to access them. (Art. 6(4) of the draft Delegated Regulation on Data Access).

    – The VLOPSE shall notify the DSC of the country of establishment within 24 hours that the vetted researchers have access to the data requested, in accordance with the access modalities specified in the reasoned request, or that the access for the vetted researchers is terminated (Art. 15 of the draft Delegated Regulation on Data Access). Furthermore, Article 15 of the draft Delegated Regulation on Data Access sets out details related to the format and documentation of the data to which VLOPSE grants access.

    – The DSC of the country of establishment shall issue a decision terminating the access if it determines, following an investigation either on its own initiative or on the basis of information received from third parties, that the vetted researcher no longer meets the conditions set out in Art. 40(8) of the Digital Services Act and shall inform the VLOPSE concerned of the decision. Before terminating the access, the DSC of the country of establishment shall allow the vetted researcher to react to the findings of its investigation and to its intention to terminate the access. (Art. 40(10) of the Digital Services Act)

    1. Vetted researchers shall make their research results publicly available free of charge, within a reasonable period of time after the completion of the research, subject to the rights and interests of the recipients of the service concerned, in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation) (Art. 40(8) letter (g) of the Digital Services Act).

According to Art. 4(3) of the draft Delegated Regulation on Data Access, DSCs shall be separate controllers within the meaning of Article 4(7) of Regulation (EU) 2016/679 with respect to the processing of personal data they carry out to manage the data access process. In case of receipt of an application pursuant to Art. 40(9) of the Digital Services Act, ANCOM will process personal data in the Data Access Portal in compliance with the provisions of Art. 5 of the draft Delegated Regulation on Data Access.

ANCOM, as the DSC, establishes a dedicated point of contact for applicants and vetted researchers, as well as for VLOPSEs whose task shall be to provide information and support on the data access process pursuant to Article 40(4) of the Digital Services Act. The points of contact are communicated to the European Commission. (Art. 6 of the draft Delegated Regulation on Data Access).

ANCOM may receive the duly justified request for access to VLOPSE data from researchers affiliated to a research organization in Romania. (Art. 40(9) of the Digital Services Act).

Within 5 working days from the receipt of the data access application, ANCOM shall either confirm to the principal researcher that the application contains the information and supporting documentation listed in Article 8 or indicate which elements of the data access application require correction or completion, allowing the principal researcher to resubmit. (Art. 7(1) of the draft Delegated Regulation on Data Access).

ANCOM shall carry out an initial assessment of the fulfilment by the respective researchers of all the conditions set out in Art. 40(8) of the Digital Services Act. Subsequently, ANCOM sends the application, together with the supporting documents and the initial assessment, to the DSC of the country of establishment of the VLOPSE.

Neither the Digital Services Act nor the draft Delegated Regulation on Data Access include deadlines or other requirements regarding the initial assessment.

At this stage, ANCOM could consult an independent expert in accordance with the provisions of Art. 14 of the draft Delegated Regulation on Data Access.

If researchers with the status of a vetted researcher regarding a specific research invoke the violation by VLOPSE providers of art. 40(4) and, where applicable, of the future Delegated Regulation on Data Access, ANCOM may receive all documented evidence of that violation. With the help of this documented evidence, ANCOM may send to the European Commission, pursuant to art. 65(2) of the Digital Services Act, a request for assessment of the violation of the provisions of art. 40(4). The request made by ANCOM pursuant to art. 65(2) of the 2Digital Services Act must be duly reasoned and include at least the elements provided for in art. 65(3) of the Digital Services Act, among which:

  • a description of the relevant facts and the reasons why the DSC suspects that the VLOPSE concerned infringed the Digital Services Act, including a description of the facts that show that the suspected infringement is of a systemic nature;
  • any other information that the DSC that sent the request considers relevant, including, where appropriate, information gathered on its own initiative.

Important!

It is very important for researchers to rigorously document and present evidence for each stage of the procedure for accessing VLOPSEs data pursuant to Art. 40(4) of the Digital Services Act, so that there is a solid basis for a possible request by ANCOM to the European Commission.

According to art. 4(3) of the draft Delegated Regulation on Data Access, DSCs shall be controllers within the meaning of Article 4(7) of Regulation (EU) 2016/679 as regards the processing of personal data that they carry out in order to manage the data access process. The DSC of the country of establishment of the VLOPSE will process the personal data in the Data Access Portal in compliance with the provisions of Art. 5 of the draft Delegated Regulation on Data Access.

Each DSC establishes a dedicated contact point for applicants and vetted researchers, as well as for VLOPSEs; the contact point shall provide information and support on the data access process in accordance with Article 40(4) of the Digital Services Act. The contact points are communicated to the European Commission. (Art. 6 of the draft Delegated Regulation on Data Access).

If the request for access to data is submitted to the DSC of the Member State of the research organisation, the DSC of the country of establishment of the VLOPSE  shall take due account of the initial assessment provided by the DSC of the Member State of the research organisation and shall take a decision whether to award a researcher the status of “vetted researcher” without undue delay. (Art. 40(9) of the Digital Services Act).

If the request for access to data is submitted directly to the DSC of the country of establishment of the VLOPSE, within 5 working days from the receipt of the data access application, the DSC of the country of establishment shall either confirm to the principal researcher that the application contains the information and supporting documentation listed in Article 8, or indicate which elements of the data access application require correction or completion, allowing the principal researcher to resubmit. (Art. 7(1) of the draft Delegated Regulation on Data Access).

The DSC of the country of establishment of VLOPSE shall grant the respective researchers the status of vetted researchers with regard to the specific research mentioned in the applicationif the researchers demonstrate that they meet all the conditions set out in Art. 40(8) of the Digital Services Act and issues a reasoned request for access to VLOPSEs data pursuant to art. 40(4) of the Digital Services Act.

The DSC of the country of establishment may decide to consult experts before making a reasoned request or taking a decision on a request for amendment (in accordance with  the independent advisory mechanisms detailed in Article 14 of the draft Delegated Regulation on Data Access).

In duly justified cases, the DSC of the country of establishment may extend for a reasonable period of time the period of 21 working days for issuing the reasoned request or for informing the principal researcher of the reasons why the reasoned request could not be made. (Art. 7(3) of the draft Delegated Regulation on Data Access).

The DSC of the country of establishment of the VLOPSE shall determine in the reasoned request the modalities according to which access to the data is to be granted by the VLOSE (in accordance with Article 9 of the draft Delegated Regulation on Data Access).

The DSC of the country of establishment of the VLOPSE publishes the overview of the reasoned request in the Data Access Portal.

The DSC of the country of establishment receives the VLOPSE request to amend the reasoned request based on Art. 40(4) of the Digital Services Act, if they consider that they are unable to give access to the data requested because one of following two reasons:

(a) they do not have access to the data;

(b) giving access to the data will lead to significant vulnerabilities in the security of their service or the protection of confidential information, in particular trade secrets (Art. 40(5) of the Digital Services Act).

The DSC of the country of establishment decides on the request for amendment within 15 days and communicates its decision to the VLOPSE provider and, if applicable, the amended request and the new deadline for complying with the request (Art. 40(6) of the Digital Services Act).

If the VLOPSE disagrees with the decision of the DSC in the country of establishment following a request for amendment, the VLOPSE may request the DSC of the country of establishment to participate in a mediation. The details of this mediation procedure are set out in Article 13 of the draft Delegated Regulation on Data Access.

The draft Delegated Regulation on Data Access sets up and mandates the European Commission to create a dedicated digital infrastructure (‘the DSA data access portal’), which supports and streamlines the management of the data access process for researchers, research organisations, VLOPSEs and DSCs. Moreover, the draft Delegated Regulation on Data Access sets out the responsibilities of the European Commission as controller for the data processing activities carried out in the context of the Data Access Portal.

According to art. 56(2) of the Digital Services Act, the European Commission has the exclusive competence to supervise and enforce compliance with Chapter III, Section 5 (Articles 33 – 43). Therefore, the European Commission has the exclusive competence to supervise and ensure the compliance of VLOPSEs with Article 40 of the Digital Services Act.

In the event of an emergency caused by the risk of serious harm to the recipients of the service, pursuant to Article 70 of the Digital Services Act, the European Commission may order interim measures against VLOPSEbased on a prima facie finding of an infringement.

The contact point regarding the data access process, cercetatori@ancom.ro, is tasked with providing information and assistance regarding the data access process described in the European Commission Delegated Regulation (EU) 2025/2050.

 

The portal for access to data related to the Digital Services Act can be accessed here: https://data-access.dsa.ec.europa.eu/home.

Webinar DSA: DATA ACCESS

ANCOM organised, on 12 November 2025, a webinar addressed to researchers from research centres within higher education institutions in Romania, focusing on the Delegated Act on data access adopted pursuant to the Digital Services Act (DSA).

Webinar presentation DSA: DATA ACCESS (Romanian version)