The leaked “final” version of the Digital Markets Act: A summary in ten points

Last week, a version of the Digital Markets Act dated 13 April 2022 was leaked. This version is based on the political agreement reached by the Commission, the Council of Ministers and the European Parliament on 25 March 2022.

This “final” version (subject to some final adjustments) comprises a fair amount of new language compared to the texts that had been respectively approved by the Council and the Parliament. In some instances, the version of the Council carried the day, while in some other cases the version of the Parliament prevailed.

My overall impression is that the DMA is one of those rare pieces of legislation that ends up being more stringent than the initial proposal of the Commission (which was already quite strict). While some present this as a major lobbying failure of big tech companies, there are probably several reasons for this state of affairs. First, it is true that the lobbying efforts of large tech companies have not been effective. Most of their policy initiatives were based on the “fear factor” (e.g., the DMA will destroy innovation, hurt consumers, and will be bad for security and privacy), rather that concrete proposals for improving the DMA. On the other hand, some of the companies supporting a strong DMA (because they are business users or rivals of large tech firms’ services) were quite effective in setting the agenda and shaping the DMA as it was negotiated. Second, there was a large degree of consensus among EU institutions that something needed to be done about large digital platforms, in particular as competition law had not been effective in constraining their market power. The fact that some of these companies were perceived as arrogant and happy to flout laws when it suited them did not help their cause either. Finally, the French Presidency and MEP Andreas Schwab exercised strong leadership and were able to push the DMA through in a timely fashion.

Against this background, the purpose of this blog post is not to discuss each and every provision of the DMA. Rather, I intend to provide some broad impressions of the text the EU institutions finally agreed on. This blog will analyze some of the specific DMA obligations as well as the (potentially complex) topic of the relationship between the DMA and competition law in subsequent posts.

Timeframe

First, the timeframe of the DMA when it comes to the gatekeepers complying with the Articles 5 and 6 obligations is longer than expected, in that these obligations will bind gatekeepers in the first quarter of 2024. This is almost two years away, which end and business users of the gatekeepers’ products and services will find frustrating. In the meantime, competition law enforcement remains important, especially if outcomes can be achieved relatively quickly.

Scope and designation

Second, there is no real surprise when it comes to the scope (the list of core platform services) and designation of digital gatekeepers as per Articles 3.1 and 3.2 of the DMA, save for the addition of two new core platform services, namely web browsers and virtual assistants. By contrast, I find the rebuttal process as per Article 3.4 extremely perplexing and somewhat ridiculous. By way of background, it is recalled that the DMA defines the concept of gatekeeper by reference to three overarching qualitative criteria: (a) it has a significant impact in the internal market; (b) it serves as an important gateway for business users to reach end users; and (c) it enjoys an entrenched and durable position in its operations. However, an undertaking is presumed to satisfy these criteria if it meets certain quantitative thresholds – in which case it is for the undertaking to rebut the presumption.

As noted in a previous post (see here), relying exclusively on quantitative criteria to designate gatekeepers is not particularly helpful, in that these criteria relate to the size of the undertaking in question; they do not inform the analysis of whether that undertaking’s core platform service is “an important gateway for business users to reach end users”. Yet, relying on quantitative criteria is not so bad if undertakings meeting these criteria are then allowed to show, on the basis of the criteria set out in Article 3.6, that they do not satisfy the overarching qualitative criteria (i.e. they do not exercise any gatekeeper function) because, for instance, end users and business users multi-home across several platforms. This was essentially the approach put forward in the DMA proposal of the Commission. Unfortunately, this approach was not followed in the final version of the DMA. Recital (23) provides that in the rebuttal process “the Commission should take into account only the elements which directly relate to the quantitative criteria, namely the impact of the undertaking on the internal market beyond revenue or market cap, such as its size in absolute terms, and number of Member States where it is present; by how much the actual business user and end user numbers exceed the thresholds and the importance of the undertaking’s core platform service considering the overall scale of activities of the respective core platform service; and the number of years for which the thresholds have been met.” (emphasis added) This does not make any sense as it limits the ability of the Commission to focus on the most relevant elements of analysis, namely whether the undertaking in question is an important gateway for business users to reach end users; inferring such gatekeeping status solely from the number of end/business users is a crude approach that is at odds with the concept of evidence-based regulation. Unless this recital is interpreted in a liberal fashion, it will clearly lead to over-inclusion.

Obligations and compliance

Third, while discussing in detail the obligations and prohibitions contained in Articles 5, 6, and 6(a) would be beyond the scope of this blog post, it is clear that they will have a significant impact on the way designated gatekeepers will have to manage their products and services. That is clearly the case, for instance, for Apple and Google as to the management of their app stores. Among others, the DMA will force them to (a) allow app users to download apps from the Internet and third-party app stores; (b) allow app developers to use the in-app payment solution of their choice and to promote offers to app users; and (c) offer access to the app store on fair, reasonable, and non-discriminatory (FRAND) terms. These obligations, which go a long way towards addressing the concerns expressed by app developers over the past few years, will force Apple and Google to materially modify their app store guidelines. Here are some additional “honorable mentions” of the DMA obligations:

  • Article 5 point (e) has been expanded to capture instances where the gatekeeper requires business users to offer or interoperate with a web browser engine. This is most likely meant to address Apple’s policy of requiring all browsers running on iOS to utilize Apple’s WebKit browser engine – a policy which the UK CMA has recently found may have restricted the development of web apps, among others.
  • The self-preferencing prohibition in Article 6(1) point (d) has been somewhat broadened but in any event remains limited to scenarios involving “ranking” of products or services. This is not a general prohibition of self-preferencing.
  • The FRAND obligation in Article 6(1) point (k) has been expanded to search engines and social networking services.
  • There is a new (and far-reaching) interoperability obligation on gatekeepers providing number-independent interpersonal communications services (read: messaging services). At the risk of oversimplification, the gatekeeper will under certain conditions have to interoperate with rival messaging services, so that for instance a user of the gatekeeper’s service will be able to text the user of a rival service – but this should not compromise the end-to-end encryption of communications, a technical point I expect to give rise to significant disputes. On a more general note, the DMA includes very demanding interoperability obligations.

Fourth, while some companies that are likely to be designated as gatekeepers would certainly wish to obtain more guidance on the exact meaning of some of the obligations and prohibitions contained in Articles 5 and 6, it seems unlikely that this guidance will come before these companies are effectively obliged to comply with these provisions. Recital 76(b) provides that:

“The Commission may develop guidelines to provide further guidance on different aspects of this Regulation or to assist undertakings providing core platform services in the implementation of the obligations under this Regulation. Such guidance may in particular be based on the experience that the Commission obtains through the monitoring of compliance with this Regulation.”

Thus, as is generally the case, the Commission will most likely wait until it has built sufficient experience in the implementation and enforcement of the DMA before drafting guidelines.

Readers may of course recall that the original DMA proposal of the Commission provided for a so-called “regulatory dialogue” through which the gatekeeper could seek guidance from the Commission with respect to the measures it intended to take to comply with the obligations laid down in Article 6 (which are considered “susceptible of being further specified”, as opposed to those in Article 5). The possibility for a regulatory dialogue made its way to the final text of the DMA, but with a significant caveat, which may in turn reduce its effectiveness: the Commission will have discretion in deciding to engage in such dialogue, subject to respecting the principles of equal treatment, proportionality and good administration.

Implementation and enforcement

Fifth, it is now clear that the Commission will be in control of the implementation and enforcement of the DMA. The DMA provides at Article 31(b)(7) that a national competition authority (“NCA”) may on its own initiative conduct an investigation into a case of possible non-compliance with Articles 5, 6 and 6a of this Regulation on its territory. However, the opening of proceedings by the Commission per the DMA will relieve the NCA of the possibility to conduct such an investigation or end it where it is already pending. In other words, while the NCAs will be allowed to initiate an investigation regarding the possible breach of the above provisions (and presumably help build the case against the gatekeeper by for example collecting relevant factual evidence), only the Commission will have the power to adopt a decision of infringement, as well as impose relevant remedial measures. Some would have preferred a greater role to be played by NCAs, especially considering the limited resources of the Commission, but this did not happen. As to whether NCAs will be willing to devote resources to the pursuit of cases on which they will not be allowed to adopt a decision, it is not clear at this stage.

Sixth, the DMA includes rules aimed at coordinating proceedings based on the Regulation with antitrust proceedings of NCAs. This was a necessary addition in light of the recent judgment of the Court of Justice in bpost on ne bis in idem, as explained by Dimitrios (see here and here). Article 31b provides that the Commission will coordinate and exchange information with NCAs within the framework of the European Competition Network established by Regulation (EC) No 1/2003 (and indeed, Article 31b largely reflects Article 11 of Regulation (EC) No 1/2003 on the cooperation between NCAs and the Commission).

Seventh, the DMA provides for a mechanism to ensure a consistent regulatory approach across different regulatory instruments. According to Article 31d, the Commission shall establish a High-Level Group for the DMA comprising the following bodies: (a) BEREC (the body of European telecoms regulators), (b) European Data Protection Supervisor and European Data Protection Board, (c) European Competition Network, (d) Consumer Protection Cooperation Network, and (e) European Regulatory Group of Audiovisual Media Regulators. Among others, the High-Level Group may provide the Commission with advice and expertise with a view to ensuring a consistent regulatory approach. This is a very important and welcome development, since issues addressed in the DMA may be inextricably linked with privacy considerations, to give an example.

Eighth, although the Commission resources available for the implementation and enforcement of the DMA may be limited, the Commission will benefit from a strong legal apparatus to investigate and sanction breaches of the Regulation. While such legal apparatus is generally based on the existing antitrust model laid down in Regulation (EC) No 1/2003, it goes sometimes further. For instance, in the case of systematic non-compliance, the Commission will be able to impose fines of up to 20% of the gatekeeper’s turnover and even prohibit the gatekeeper from making further acquisitions for a given period of time. Other notable elements of the compliance and enforcement regime include the following: (i) the obligation of the gatekeepers to appoint compliance officers reporting directly to the management body of the gatekeeper; and (ii) encouraging the reporting of breaches of the DMA by protecting whistleblowers per Directive (EU) 2019/1937.

Ninth, compared to the original DMA proposal, the final version provides for a stronger role of third parties such as business or end users. While there is no formal complaint process in place, Article 24(a)1 of the DMA provides that “[a]ny third party including business users, competitors or end-users of the core platform services identified pursuant to Article 3(7) of this Regulation as well as their representatives, may inform … the Commission about any practice or behaviour by gatekeepers that falls within the scope of this Regulation.

Tenth, while the DMA does not exhaustively address the issue of private enforcement, it does recognize that national courts will be called to apply the Regulation in the context of (private) litigation. Article 31c thus provides for a mechanism of cooperation of the Commission with national courts with a view to ensuring the coherent application of the DMA, which mirrors Article 15 of Regulation (EC) No 1/2003 on the cooperation between the Commission and national courts with respect to competition law. In this context, national courts may not take decisions running counter to decisions of the Commission under the DMA.

Conclusion

To say that the final version of the DMA is an ambitious piece of legislation would be an understatement. The DMA will impose a series of far-reaching obligations on gatekeepers, signaling a new era of digital regulation for the EU and the world. Now, much will depend on how the Regulation will be applied, and what guidance the EU Courts will eventually provide. Stay tuned for additional thought pieces on select issues related to the DMA!

7 thoughts on “The leaked “final” version of the Digital Markets Act: A summary in ten points

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s