Roblox's Digital Services Act System is being abused by malicious actors

The Roblox DSA Report system, that is intended exclusively for use in Europe is actively exploited by bad actors. These individuals use VPNs to appear as if they are in Europe and social engineers Roblox support through the DSA report system, allowing them to target anybody they want and get users wrongfully banned/terminated/their UGCs items deleted from Roblox.

Yes, they do often decline the report if it not true, but some of the times it slips through and innocent people gets punished for no reason.


(I hooked a VPN to Europe and manage to get access to the DSA report easily, even though my account location is linked to America)

Expected behavior

Roblox should detects if the user is using a VPN, there is also a account location that is linked to every Roblox accounts, this could be used to stop people from getting unauthorized access to the DSA report system.

image

Also for a another solution, there should be a DSA report system worldwide, like Europe does, because it is mainly actively being used from other countries other than actual people living in Europe.

17 Likes

I am absolutely all for bringing DSA and similar features (ie right to be forgotten) to all users, as there is objectively zero reason to region lock such important functionality.

Secondly, Roblox does ID checks to verify if you actually are in the EU for right to be forgotten requests, why don’t they do it for DSA as well?

If they’re going to be rude about it and region lock something as important as a basic working report system, they should at least have the backbone to go all in and region lock it to the same extent as the right to be forgotten option.

Either do or don’t region lock it, don’t just put the bare minimum effort in and call it a day.

3 Likes

There are multiple reason why DSA should be region locked, as I already mentioned, people can find vulnerabilities and abuse it. Just recently, a bunch of UGC bundles was taken down for no reason and they social engineered the team into believing it was sexual content.

1 Like

I hate to say it, but getting a singular bundle taken down for not having a modesty layer is less malicious than you think, and bug reports like these have absolutely ruined the DSA system. Previously, it’d be super effective for removing illegal content from the website, but then UGC creators complained and DSA moderators were told to stop communicating with reporters, and since then have only sent their pre-written non-human responses and provided 0 explanation for their decisions. They’ve gotten much stricter and have actually started denying heaps of illegal content as a precaution, making the form much less useful.

If Roblox even addresses this report in any meaningful manner (which I doubt they will, have only had terrible experiences with moderation engineers myself), I don’t recommend they change any moderation practices that could make the system even worse. If anything, they could check the account region on report submission, but even then, that could be bypassed by simply logging out. There’s no real way to prevent the “issue” you’re describing here.

4 Likes

While the DSA system was previously more “effective” it causes many, many false positives. Its sad its not effective as before but this was getting to the point of ruining several UGC creators and even CLOTHING DESIGNER’s livelihoods.

ANYTHING reported would be deleted quite literally and would punish creators for the smallest thing possible. I’ve personally had a fair share of the consequences of the bs reports against my stuff however I’m going to speak of different examples. Did you know multiple 2d clothing designers got terminated from constant dsa reports over tank tops? Plain old tank tops with no shading, or details around the chest area that always followed rules. Theres several big names that were terminated over simple tank tops that were made years ago and they had to fight tooth and nail to get their account back.

“Oh they can just appeal if something is falsely moderated anyway”
Even then, appeals can take days and weeks while DSA reports can take only hours for review. You get dozens of VPN leachers reporting someones stuff constantly back in that time that persons accounts gone in a week and i know that for a fact since i have quite literally witnessed it. Even the people that had stuff that could suddenly get deleted and punished wasn’t able to request removal of assets properly until there was enough instances of report targeting occuring.

It’s not the UGC creator’s fault that the DSA system is more watered down, they have every right to complain that an item that was approved by moderation years ago (especially manual approval before ugc went public) that gets deleted and bans them a couple days. its such dopamine addicts that report any tiny thing just to get a high off an item getting removed thats the problem + most those people are people outside the EU. there’s probably some ways for roblox to enforce the region lock more aggressively however that would probably require something to check login locations in the past

7 Likes

The DSA team has also previously denied multiple reports on (at least one) user who was objectively without a doubt on Roblox for inappropriate reasons.

At least DSA reports actually go through, and are provably handled by humans, which is still objectively better than the outright placebo report button everyone else has to use.

Besides, as I previously mentioned, if they want to region lock it they should actually TRY to region lock it. They did it for right to erasure, there’s no reason to put in the absolute bare minimum with literally zero safeguards for everything else.

3 Likes

Right to erasure is not region-locked. I had done this for one of my accounts before—they just wait for your confirm reply to truly finalize the irreversible account deletion, and that’s it. If you’ve had a different experience, I’d love to hear about it because this option is not region-locked and has actually been available in Roblox Support for years.

1 Like

This is sort of getting out of hand as items that are not violating community standards and EU Law Regulations are still being taken down.

Recently even, an official roblox limited (Midnight Blue Sparkletime Fedora) was taken down.

The best way to really mitigate this is to start punishing people maliciously using this support form based on appeals if a specific reporter is getting items taken down and a majority are being appealed its very telling that maybe they’re abusing the system.

2 Likes

That’s often not true actually. I see in many cases that the moderators do not see general violations and instantly decline the report forcing you to appeal. Also you are able to use the reporting form while not logged in which is probably required by law but i got no idea about this which makes you unable to punish users

A solution would be to actually train the moderators instead of blaming the reporters for everything. Both here is at fault, Roblox and the reporters but there can only be action taken on the moderators getting trained

At this point you can’t punish users because moderators don’t know who is actually malicious as moderators decline certain reports for no reason since they got way too restricted. For example, they changed the report email to no-reply@roblox.com which makes you unable to communicate with roblox mods at all

Maybe a VPN could work but mainly it’s robloxs fault. However, i do agree that there are alot of bad actors using the form