To facilitate accountability and transparency, the Digital Services Act (DSA) sets up a process through which Very Large Online Platforms (VLOPs) need to grant vetted researchers access to their internal data (Article 40(4)). Operationalising such access is challenging for at least two reasons. First, data access is only available for research on systemic risks affecting European citizens, a concept with high levels of legal uncertainty. Second, data access suffers from an inherent standoff problem. Researchers need to request specific data but are not in a position to know all internal data processed by VLOPs, who, in turn, expect data specificity for potential access. In light of these limitations, data access under the DSA remains a mystery. To contribute to the discussion of how Article 40 can be interpreted and applied, we provide a concrete illustration of what data access can look like in a real-world systemic risk case study. We focus on the 2024 Romanian presidential election interference incident, the first event of its kind to trigger systemic risk investigations by the European Commission. During the elections, one candidate is said to have benefited from TikTok algorithmic amplification through a complex dis- and misinformation campaign. By analysing this incident, we can comprehend election-related systemic risk to explore practical research tasks and compare necessary data with available TikTok data. In particular, we make two contributions: (i) we combine insights from law, computer science and platform governance to shed light on the complexities of studying systemic risks in the context of election interference, focusing on two relevant factors: platform manipulation and hidden advertising; and (ii) we provide practical insights into various categories of available data for the study of TikTok, based on platform documentation, data donations and the Research API.

翻译：为促进问责与透明度，《数字服务法》第四十条第四款规定超大型在线平台需向经审核的研究者开放其内部数据访问权限。然而，该条款的实施至少面临两大挑战：其一，数据访问仅限用于研究影响欧洲公民的系统性风险，而这一概念在法律层面存在高度不确定性；其二，数据访问存在固有的信息不对称困境——研究者需提出具体数据请求，却无法全面掌握平台内部处理的所有数据类型，而平台方则要求研究者明确指定所需数据。基于这些限制，《数字服务法》框架下的数据访问机制仍处于实践迷雾中。为推进第四十条的解读与实施讨论，本文通过真实世界系统性风险案例，具体阐释数据访问的可能形态。我们聚焦2024年罗马尼亚总统选举干预事件——这是首个触发欧盟委员会系统性风险调查的同类事件。选举期间，某候选人涉嫌通过复杂的虚假与误导信息宣传活动，获得TikTok算法推送的流量加持。通过剖析该案例，我们能够理解选举相关系统性风险，进而探索实际研究任务，并将必要数据与TikTok实际可获取数据进行比对。本研究作出两方面贡献：（一）融合法学、计算机科学与平台治理的跨学科视角，聚焦平台操纵与隐性广告两个关键维度，揭示选举干预背景下系统性风险研究的复杂性；（二）基于平台文档、数据捐赠项目及研究接口文档，系统梳理TikTok研究中实际可获取的多层次数据类别。