EU DisinfoLab developed three monitoring templates to identify FIMI incidents, assess related systemic infringements, and document responses and their impact, providing a basis for follow-up actions where violations are identified.
A recurring challenge in the project was that users with very different levels of experience – journalists, civil society actors, analysts, volunteers – are often the first to detect suspicious online activity, but lack accessible tools to classify and assess potential FIMI incidents.
To address this gap, we created three structured templates that support clear, systematic monitoring without requiring specialist legal, technical, or OSINT expertise. They guide users step by step through the key elements of FIMI analysis and ensure consistent documentation across platforms and contexts.
By making FIMI monitoring more accessible, standardised and replicable, these templates help strengthen democratic resilience through early detection, cross-country comparability, and improved platform accountability.
FIMI Monitoring Templates
1. Incident Qualification Template
This first template helps users distinguish FIMI from non-FIMI incidents and single incidents from broader campaigns. It serves as a triage tool that supports quick, structured, and accurate classification of FIMI by establishing evidence thresholds for assessing the presence of foreign actors, manipulative behaviour, intentionality, coordination, impact, and potential infringement.
2. (Systemic) Violations Template
The template supports the documentation and analysis of potential platform-level or regulatory failures in assessing and mitigating risks of interference and manipulation, including possible violations of national law, EU/international law, or platform Terms of Service, as well as indicators of systemic infringement relevant to the Digital Services Act, such as platform inaction, recurrence, and inconsistency in response. It functions both as a monitoring tool and a way to build long-term datasets on systemic risks, gathering evidence that can be used in a court of law.
3. Countermeasures Template
This template maps which actors responded to a FIMI incident, what countermeasures were taken – whether related to exposure, community engagement, distribution, infrastructure, sanctions/legal, or media literacy – and what impact these actions had, ranging from awareness raising to threat actors’ deterrence. It enables users to reflect on both existing and missing responses to FIMI threats.
How to use the templates?
Checklist
Because the three templates contain many analytical steps, we created a concise, user-friendly checklist that summarises their essential elements into a single operational tool. It enables quick assessments while preserving methodological rigour.
A practical example
To demonstrate how the three-part checklist works in practice, we applied it to a real case drawn from the 2025 Czech elections. The checklist was fully completed using information from a partner’s report and, where necessary, carefully selected open-source desk research tools. These included search engines, AI tools, and relevant resources such as the policy sections of EU DisinfoLab’s country factsheets or, where available, Country Election Risk Assessment reports produced by initiatives such as the FIMI-ISAC’s FIMI Defenders for Election Integrity. This shows how non-expert users can navigate each section and reach a final FIMI assessment. The example serves as a model for applying the templates to real-world incidents, supporting the defender community in building consistent and robust FIMI monitoring.
These templates were created as part of EU DisinfoLab’s contributions to the FIMI-ISAC FIMI Defenders For Election Integrity (FDEI) project, an initiative that brought together 10 European organisations to collaboratively detect and respond to FIMI in electoral processes. The project aims to bolster democratic institutions by providing tools, establishing response teams, and creating an operational handbook.