Table of Contents
Fetching ...

Auditing Meta and TikTok Research API Data Access under Article 40(12) of the Digital Services Act

Luka Bekavac, Simon Mayer

TL;DR

The paper evaluates whether official Research APIs from Meta and TikTok accurately reproduce the public information environment (PIE) required for independent systemic risk auditing under Article 40(12) of the DSA. Using sockpuppet-based PIE reconstructions and controlled API data collection, it shows substantial data loss across posts and metadata due to scope narrowing, metadata stripping, and operational restrictions, leading to survivorship bias and diminished interpretability. The study finds that only a portion of the PIE is accessible through APIs, with significant gaps in content coverage and contextual signals, raising concerns about the APIs' utility for robust oversight. It advocates policy reforms to broaden the definition of publicly accessible content, provide full contextual metadata, ensure operationally effective access, and permit independent data collection to enable meaningful regulatory scrutiny.

Abstract

Article 40(12) of the Digital Services Act (DSA) requires Very Large Online Platforms (VLOPs) to provide vetted researchers with access to publicly accessible data. While prior work has identified shortcomings of platform-provided data access mechanisms, existing research has not quantitatively assessed data quality and completeness in Research APIs across platforms, nor systematically mapped how current access provisions fall short. This paper presents a systematic audit of research access modalities by comparing data obtained through platform Research APIs with data collected about the same platforms' user-visible public information environment (PIE). Focusing on two major platform APIs, the TikTok Research API and the Meta Content Library, we reconstruct full information feeds for two controlled sockpuppet accounts during two election periods and benchmark these against the data retrievable for the same posts through the corresponding Research APIs. Our findings show systematic data loss through three classes of platform-imposed mechanisms: scope narrowing, metadata stripping, and operational restrictions. Together, these mechanisms implement overlapping filters that exclude large portions of the platform PIE (up to approximately 50 percent), strip essential contextual metadata (up to approximately 83 percent), and impose severe technical constraints for researchers (down to approximately 1000 requests per day). Viewed through a data quality lens, these filters primarily undermine completeness, resulting in a structurally biased representation of platform activity. We conclude that, in their current form, the Meta and TikTok Research APIs fall short of supporting meaningful, independent auditing of systemic risks as envisioned under the DSA.

Auditing Meta and TikTok Research API Data Access under Article 40(12) of the Digital Services Act

TL;DR

The paper evaluates whether official Research APIs from Meta and TikTok accurately reproduce the public information environment (PIE) required for independent systemic risk auditing under Article 40(12) of the DSA. Using sockpuppet-based PIE reconstructions and controlled API data collection, it shows substantial data loss across posts and metadata due to scope narrowing, metadata stripping, and operational restrictions, leading to survivorship bias and diminished interpretability. The study finds that only a portion of the PIE is accessible through APIs, with significant gaps in content coverage and contextual signals, raising concerns about the APIs' utility for robust oversight. It advocates policy reforms to broaden the definition of publicly accessible content, provide full contextual metadata, ensure operationally effective access, and permit independent data collection to enable meaningful regulatory scrutiny.

Abstract

Article 40(12) of the Digital Services Act (DSA) requires Very Large Online Platforms (VLOPs) to provide vetted researchers with access to publicly accessible data. While prior work has identified shortcomings of platform-provided data access mechanisms, existing research has not quantitatively assessed data quality and completeness in Research APIs across platforms, nor systematically mapped how current access provisions fall short. This paper presents a systematic audit of research access modalities by comparing data obtained through platform Research APIs with data collected about the same platforms' user-visible public information environment (PIE). Focusing on two major platform APIs, the TikTok Research API and the Meta Content Library, we reconstruct full information feeds for two controlled sockpuppet accounts during two election periods and benchmark these against the data retrievable for the same posts through the corresponding Research APIs. Our findings show systematic data loss through three classes of platform-imposed mechanisms: scope narrowing, metadata stripping, and operational restrictions. Together, these mechanisms implement overlapping filters that exclude large portions of the platform PIE (up to approximately 50 percent), strip essential contextual metadata (up to approximately 83 percent), and impose severe technical constraints for researchers (down to approximately 1000 requests per day). Viewed through a data quality lens, these filters primarily undermine completeness, resulting in a structurally biased representation of platform activity. We conclude that, in their current form, the Meta and TikTok Research APIs fall short of supporting meaningful, independent auditing of systemic risks as envisioned under the DSA.
Paper Structure (25 sections, 2 figures, 3 tables)

This paper contains 25 sections, 2 figures, 3 tables.

Figures (2)

  • Figure 1: Data transmitted for a single Instagram post (excerpt): Comparison between parameters in full HTTP response (solid light blue, $n_{HTTP} = 236$), parameters that are accessible through the Meta Content Library API (dashed green, $n_{MCL-API} = 100$) and parameters that are accessible through the Meta Content Library User Interface (dot-dashed purple, $n_{MCL-UI} = 14$).
  • Figure 2: Distribution of follower counts for accounts appearing in the sockpuppet’s Instagram feed. Horizontal reference lines indicate follower-count thresholds applied by Meta’s Content Library at different stages of its implementation: 25,000 followers (solid red), 1,000 followers (dotted green), and 100 followers (dash–dot black).