Last year, our team published a mapping report to map and understand the needs of micro and small European online platforms (“Hosting Service Providers”) regarding the Regulation on TCO. This report is the result of an investigation conducted by our team under the lead of TREMAU over a six-month period ending in May 2023. This work was recently highlighted in a European Commission report published on the 14th of February 2024 – Report from the Commission to the European Parliament and the Council on the implementation of Regulation (EU) 2021/784 on addressing the dissemination of terrorist content online. Given the interest in our findings, we have decided to publish a dedicated series of articles. This will be available shortly, but in the meantime here is a short summary of our key findings. 

We used three main methods to produce the mapping report (semi-structured interviews, online survey, desk research) and gathered the feedback of more than 50 European HSPs, as well as other relevant stakeholders (Law Enforcement Agencies, responsible authorities, experts, members of the European Commission and Europol). Thanks to the desk research investigating institutional data and the most recent scientific papers, we wanted to put into perspective the insights gathered and the needs expressed with the relevant findings coming from the research community. 

We investigated four main questions, from general considerations to more tailored questionings: 

• Why do terrorists use the Internet and online platforms ? 
• What are the trends regarding terrorist content online ? 
• Are smaller platforms more likely to be exploited by terrorists ? 
• Are smaller platforms ready to cope with the TCO Regulation ?

Regarding the first question, we distinguished five main types of activities in which terrorist groups or individuals engage online : propaganda, financing training, planning, and cyberattacks. Then, in terms of trends, we focused on three major trends regarding the types of platforms exploited : virtual dead drop platforms, decentralised web (“Dweb”), and platforms with weak content moderation. We also showed that smaller platforms are indeed targeted by violent extremists and terrorist groups, emphasising that some are more likely to be exploited than others, based on the types of services they offer. 

Finally, regarding the preparedness of micro and small HSPs, several key findings emerged from our report.

1. Micro and small HSPs tend to have a very limited knowledge of the Regulation on TCO. 42.4% of respondents to our questionnaire were not at all familiar with the TCO regulation and the remaining 48.5% had only a partial knowledge of what it entails. As a comparison, we found that they were clearly more aware of the Digital Services Act (DSA).

2. Most micro and small HSPs perceive themselves at low risk of being exposed to terrorist content. However, despite the lack of awareness and preparedness (e.g. 57,6% of the respondents do not moderate user-generated content at all) a large majority of HSPs perceive themselves as at low risk of being exposed to terrorist content (i.e. having their services misused by terrorists). They find themselves in what we qualified as a “reactive posture”, meaning they only plan to take action, and thus comply with the EU Regulations, if they are obliged to do so.

3. Micro and small HSPs lack the tools and formal processes to comply with EU Regulations. A third finding is that most of the small-scale HSPs identified fundamentally lacked the tools and the formal processes to comply with the EU Regulation and especially the TCO Regulation. The resources they are lacking are diverse : technical resources (e.g. tools for automated detection, monitoring or content moderation), human resources (i.e. staff, dedicated personnel), legal resources (a dedicated staff of course, but also the legal knowledge, meaning the knowledge of the regulatory framework) and financial resources (i.e. the funds to buy tools, hire new staff, monitor regulations, etc.). This lack of resources clearly affects their capacity and willingness to invest in developing the right processes and implementing efficient tools, not only to be compliant with EU Regulations but also to serve their own business needs. As said prior, most intend to postpone the investment in technical, human, legal and financial for as long as possible.

4. Finally, the large majority of HSPs expressed the same needs : first, gaining familiarity with the TCO Regulation and second getting access and guidance to tools for content moderation.

You can find the full report below, or access it by clicking on the button at the bottom of the page.