On 24 March 2022, the European Parliament and the Council reached an agreement on the Digital Markets Act (“DMA”), a pioneering initiative to regulate digital markets and endorse the European digital strategy. The DMA would include a set of obligations for “designated gatekeepers”, namely companies whose digital services would be determined as an important gateway for businesses to reach consumers.
The DMA has been negotiated for more than a year, with discussions centering around: (i) the criteria for determining “designed gatekeepers”, (ii) content of specific obligations, and (iii) enforcement mechanisms. The final agreed text has not yet been released, but we share our understanding of the developments in these three areas.
1. Criteria for designating “gatekeepers”
The DMA would apply to companies providing so-called “core platform services”. Browsers and virtual assistants have been now added to the list of “core platform services”, which also includes online intermediation services, online search engines, online social networking services, video sharing platform services, certain messaging services, operating systems, cloud services and advertising services.
To be designated as a “gatekeeper”, the company would need to meet three cumulative criteria: (i) have a significant impact on the internal market, (ii) operate one or more important gateways to customers and (iii) enjoy, or are expected to enjoy, an entrenched and durable position in their operations. These criteria would be presumed to be met by the providers of “core platform services” with a market capitalisation of at least EUR 75 billion or an annual turnover of EUR 7.5 billion, at least 45 million monthly end users and 10,000 annual business users in the EU. These quantitative criteria have been heatedly discussed and the thresholds have increased in comparison to those suggested by the European Commission (“Commission”) (a market capitalisation of at least EUR 65 billion and an annual turnover of EUR 6.5 billion).
2. Obligations and prohibitions
Consistent with some of the findings of the European Commission’s consumer Internet of Things sector inquiry, the European Parliament and the Council have confirmed and extended the dos and don’ts, for the “designated gatekeepers”.
By way of example, the DMA would include a new interoperability obligation for the messaging services, requiring them to enable communication across apps. In addition, browsers, search engines and virtual assistants would be required to display a consumer choice screen upon a user’s first use. The law-makers have also extended the requirement to provide fair access conditions, which now concerns not only app stores but also search engines and social networks. It was also agreed that combining personal data for targeted advertising would only be allowed with explicit user consent.
The revised obligations would supplement those proposed by the Commission in the DMA proposal. For example, the DMA would prohibit companies from favouring their own services over those provided by third parties in specified circumstances, such as in “rankings” or by imposing price parity (also referred to as most-favoured-nation) clauses. It would also impose a number of obligations related to interoperability, data handling and digital advertising (see our analysis of the Commission’s DMA proposal). Overall, most of the obligations are designed to limit types of conduct that the proponents believe can extend market power in one market into related markets, but some provisions (e.g., the search engine obligation and the messaging interoperability) are aimed at strengthening competition in the particular “core platform service” market.
3. Enforcement mechanisms
The DMA would enable the Commission to conduct investigations to identify “designated gatekeepers”, their “core platform services” and to ensure their compliance with the DMA.
In case of non-compliance, the Commission would be able to impose fines of up to 10% of the company’s total world-wide turnover. More severe penalties, including structural remedies, bans on further acquisitions and fines up to 20% of the total world-wide turnover would be for “systematic non-compliance”. These sanctions — and especially the fine for systematic non-compliance that has been bumped up to 20% — demonstrate the drive to increase the DMA’s likelihood of compelling compliance. According to Andreas Schwab, a lead MEP on the DMA, the threshold for “systematic non-compliance” would be three decisions in eight years which find a violation of similar obligations with the same “core platform services”. The decisions on fines and penalties can be appealed before the Court of Justice of the European Union.
The DMA would apply alongside and without prejudice to EU and national competition laws. While the competence to enforce the DMA would be vested in the Commission, the EU Member State would play a supporting role.
4. Next steps
After formal approval by the Council and the European Parliament, the DMA is expected to be entered into the EU’s official journal in October. It will enter into force twenty days later and most of its provisions would start to apply in April 2023.
The designation process would take another few months. The companies that meet the designation criteria would have two months to notify the Commission that they come under the scope of the DMA; the Commission will itself have two months for formally designating a company as a “gatekeeper”.
From that moment, the “gatekeeper” will in general have six months to bring its products and services in compliance with the DMA, with some obligations having an extended period for compliance (e.g., the group messaging interoperability requirement has a period for compliance of four years). As a result, it is likely that the regulation will bring first tangible effects late 2023.