Online platforms must make advertising more transparent. Users must be able to see that something is an ad, who paid for it, and why they are seeing it.
The DSA bans targeted advertising to minors on online platforms.
Platforms cannot serve ads based on profiling that uses sensitive data such as religion, race, sexual orientation or similar special-category data.
The DSA prohibits deceptive design tactics, often called dark patterns. These include confusing consent choices, manipulative pop-ups, misleading buttons or interfaces that steer users unfairly.
Lead generation campaigns will need to be especially careful where the user journey involves third-party sponsors, optional opt-ins, prize draws, profiling or data sharing. The DSA does not replace GDPR or ePrivacy, but it adds another layer of expectation around transparency and user protection. A competition entry page, for example, should make it very clear: Who is collecting the data, who is sponsoring the offer, whether marketing consent is optional, why the user is seeing the offer, and how user data may be used.
Direct Marketing, the DSA is not primarily an email, SMS, telephone or postal marketing law. Those channels are still mainly governed by GDPR, ePrivacy, the Irish ePrivacy Regulations, NDD/TPS screening, consent rules and legitimate-interest assessments. However, the DSA will indirectly raise the standard for direct marketing because users, regulators and platforms will expect clearer explanations around targeting, data use and opt-outs. For direct marketers, this means stronger data provenance, cleaner consent records and clearer privacy notices will become even more important.
IDV/KYC – Stronger requirements for age verification/age assurance, requirements for proven operational controls around data subject onboarding. Tier One Processors require better operational controls with key questions for data providers:
What data sources do you use? Provenance and GDPR compliance
What lawful basis supports the check? GDPR accountability
Do you retain input data or use ephemeral data processing ? Data minimisation
Can you return only yes/no outcomes or additional attributes? Privacy by design
Can you explain match logic? Auditability
DSA strengthens the market for IDV, but weakens any IDV model that is opaque, excessive or difficult to explain. #IDV #KYC #Direct Marketing# DataCompliance
Comments