Photo of Tomos Griffiths

Tomos Griffiths

Tomos is an associate working across the firm’s technology regulatory and competition teams, based in the London office. His practice covers technology and digital markets regulation, competition law, and issues that span the two.

His recent experience includes providing regulatory advice on data protection compliance, technology regulatory investigations, and transactional merger control and foreign direct investment screening matters, primarily in the technology and life sciences sectors.

Contact:Read more about Tomos GriffithsEmail

On 16 January 2025, the European Data Protection Board (“EDPB”) published a position paper, as it had announced last year, on the “interplay between data protection and competition law” (“Position Paper”).

In this blogpost, we outline the EDPB’s position on cooperation between EU data protection authorities (“DPAs”) and competition authorities (“CAs”) in the context of certain key issues at the intersection of data protection and competition law.

Key takeaways

  1. In the interest of coherent regulatory outcomes, the EDPB advocates for increased cooperation between DPAs and CAs.
  2. The Position Paper offers practical suggestions to that end, such as fostering closer personal relationships, mutual understanding, and a shared sense of purpose, as well as more structured mechanisms for regulatory cooperation.
  3. The EDPB is mindful of the Digital Markets Act’s (“DMA”) significance in addressing data protection and competition law risks.

Continue Reading EDPB highlights the importance of cooperation between data protection and competition authorities

This year, the UK’s Competition and Markets Authority (“CMA”) is set to gain a range of new enforcement powers under the Digital Markets, Competition and Consumers (“DMCC”) Act (the final text is now available here). The DMCC Act received Royal Assent on 24 May 2024. However, with certain exceptions, the Act’s provisions will not come into force until secondary legislation is passed. The CMA initially expected its new responsibilities to become operational in the Autumn, but this timeline may be delayed due to the UK’s election on 4 July. On the same day as the DMCC Act became law, the CMA published for consultation its new Digital Markets Competition Regime Guidance.

An outline of the key provisions of the DMCC Act can be found here. As the CMA sets the groundwork for exercising its powers under this new regime, this blog post considers five practical considerations for firms active in the UK.

Key takeaways:

  1. The CMA will administer the new regime through a specialist Digital Markets Unit, which was established over three years ago.
  2. The DMCC Act may diverge from the EU’s Digital Markets Act, both in the companies being designated, and the obligations imposed on designated companies.
  3. The interplay between the DMCC regime and existing regulatory obligations – particularly the GDPR – is likely to raise practical challenges.
  4. We expect the CMA to exercise its powers under the digital markets regime alongside existing antitrust tools (which the DMCC Act amends).
  5. The CMA’s jurisdictional thresholds to review mergers under the UK’s merger control regime will change as a result of the DMCC Act.

Continue Reading The UK’s New Digital Markets Regime: Some Key Takeaways

The Digital Markets, Competition and Consumers (“DMCC”) Act received Royal Assent on 24 May 2024 (the final text is now available here). The DMCC Act will only enter into force, however, when secondary commencement legislation has been enacted (with some minor exceptions). This is expected to occur in Autumn 2024, but it

Continue Reading Overview of the UK’s New Digital Markets Regime

Recent proposals to amend the UK’s national security investment screening regime mean that investors may in future be required to make mandatory, suspensory, pre-closing filings to the UK Government when seeking to invest in a broader range of companies developing generative artificial intelligence (AI). The UK Government launched a Call for Evidence in

Continue Reading UK Government Consults on Amending Mandatory Filing Obligations for AI Acquisitions

What do you need to know?

Following a call for information earlier this year, the UK’s Competition and Markets Authority (CMA) has now announced the changes it intends to make to its merger review process. The majority of the changes are to the Phase 2 process, which is only encountered in a minority of formal

Continue Reading Towards a More Interactive Merger Review Process: UK CMA Proposes Amendments

On 12 January 2023, the European Court of Justice (“ECJ”) published its long-awaited judgment in C‑883/19 P HSBC v Commission.

The ECJ confirmed that HSBC had engaged in anti-competitive conduct but partially overturned the General Court’s (“GC”) judgment on procedural grounds. The judgment provides critical guidance on the nature of anticompetitive information exchanges in the financial services sector and sets out important procedural aspects regarding “hybrid” cartel investigations.

The ECJ, having considered the points of appeal, exercised its discretion to issue a final judgment, in place of the GC’s judgment.Continue Reading ECJ clarifies presumption of innocence in hybrid investigations and scope of restrictions by object in information exchanges (HSBC v Commission)

The Digital Markets Act (“DMA”) will apply from 2 May 2023. To facilitate its implementation, the European Commission (“Commission”) aims to publish an accompanying DMA Implementing Regulation  (“IR”). In anticipation of this, the Commission has sought feedback via a public consultation on the draft IR between early December and 9 January 2023.

The draft IR addresses a range of procedural aspects concerning the DMA, including gatekeeper designation and core platform service notifications, opening of proceedings, the right to be heard, and access to the file. By contrast, the draft IR is silent on the Commission’s investigative powers during the gatekeeper designation process and the process of further specifying the obligations set out in Article 6 DMA (both of which gatekeepers will undoubtedly be eager to learn more about).

The Commission is aiming to publish the final IR “well before” the DMA starts applying in May 2023, and it will apply from the same date as the DMA. Whilst the draft IR may still be subject to changes before the final version is adopted, it already provides valuable insights into the Commission’s thinking. How stakeholder feedback might affect the position as currently set out in the final IR remains to be seen.

Two themes in the draft IR – each further outlined below – are particularly noteworthy:

  • First, it touches upon the potential delineations of core platform service under the DMA, an issue which can have important ramifications for future enforcement: delineating one core platform service from other services in the context of digital ecosystems which are often designed to be seamless could prove rather complex.
  • Second, the draft IR displays a certain tension between achieving a “rapid and effective investigatory and enforcement process” (Recital 3 IR) while also ensuring that rights of the defence of the parties to the proceedings are effectively protected. The Commission’s emphasis on speed in DMA enforcement may require some notable departures from the traditional procedural framework for antitrust.

Continue Reading Countdown to Compliance: the DMA Implementing Regulation