In December 2020, the Commission introduced its proposal for a Digital Markets Act (DMA). Exactly a year later, the European Parliament's (EP) plenary vote on the DMA has made its stance clear. As the co-legislature, the Council, too, has agreed on a "general approach" to the DMA. With this, Europe takes further steps towards game-changing regulation for preventing what is considered undesirable digital market conduct by the big tech platforms, which are considered "gatekeepers".

Compared to the original DMA proposal, the EP has:

• increased thresholds for qualifying as a gatekeeper;
• asked for higher fines; and
• extended the DMA's scope to include more online services as "core platform services".

However, in parallel to the ongoing DMA legislative process, national enforcement in the digital space at the member state level has continued unabated. This means there is increased political urgency for making a robust DMA come into effect soon and to ensure unified enforcement in the EU against erring gatekeeper platforms.

Why digital market regulation?

Enforcement action to target anti-competitive conduct after it has occurred is not always effective in the digital platform economy. Investigations take years, while the digital economy is characterised by strong network effects. Network effects imply that the more users a platform gains, the more quickly the platform consolidates its market position. The fact that platforms often operate in multi-sided markets makes these network effects even more pronounced. There is growing momentum on both sides of the Atlantic for "ex ante" regulation that aims to fix competitive problems before they arise or become irreparable. Leading the way is the EU, which introduced the DMA on 15 December 2020 (see our previous article) – arguably on the premise that in digital markets "prevention is better than cure".

In a nutshell, the DMA sets out obligations and prohibitions for gatekeeper platforms offering "core platform services". Core platform services include, for example, intermediation services; search; social networks; video-sharing; cloud services and online advertisement. The DMA blacklists unfair practices in relation to core platform services provided by gatekeepers, such as data portability denial, bundling of services or self-preferencing. All blacklisted practices reflect previous abuse of dominance cases, with self-preferencing and parity obligations recently being the most hotly debated abuse types. The General Court of the EU only very recently confirmed that self-preferencing is an independent type of market abuse. In November 2021, it upheld a EUR 2.42 billion fine imposed by the Commission on Google for its self-preferencing of Google Shopping. Microsoft is similarly subject to a complaint about self-preferencing, as well as for bundling its OneDrive, Teams and other services with Windows. Parity obligations are equally high on the radar with the DMA, prohibiting gatekeepers from using even broad price parity clauses in line with the Commission's draft vertical block exemption (see our previous article).

EP amendments go further than Commission and Council

The EP voted on the Commission's DMA proposal on 15 December 2021, making some notable amendments and certain key changes as summarised below. The parliamentary vote is complemented by member state governments agreeing via the Council on a general approach to the Commission's DMA proposal. Notably, while the EP has made several amendments to the DMA proposal, the Council, by making fewer changes, has largely stuck to the Commission's version.

Higher quantitative thresholds

The DMA applies to online platforms designated as gatekeepers because these digital entities: have a significant market impact, operate core platform services and enjoy an entrenched position. In the EP's version, the rebuttable presumption that an undertaking is a gatekeeper will apply if it:

• provides a core platform service in three member states, and
• has had an annual EEA wide turnover of at least EUR 8 billion (previously EUR 6.5 billion) in the last three financial years or a market capitalisation of at least EUR 80 billion (previously EUR 65 billion) in the last financial year.

Although higher thresholds aim to limit the regulatory focus to the bigger platforms, these thresholds may exclude some European companies. This may result in the DMA being labelled a protectionist measure, although this has been fiercely denied by Commissioner Vestager.

More core platform services

The DMA text, as amended by the EP, covers three more core platform services which concern the Internet of Things (IoT), and which relate to (i) web browsers, (ii) virtual assistants, and (iii) connected TVs. In contrast, while the Council has not included additional services, it mentions AdTech and voice assistants in amended recitals. While higher thresholds narrow the DMA's applicability to fewer digital platforms, more services conversely extend it to cover more types of conduct by those platforms qualifying as gatekeepers. This balancing exercise will sharpen the focus of the DMA. Furthermore, a new recital included by the EP subjects the ancillary services of gatekeepers, like those related to retail and distribution, to the same obligations that apply to core platform services.

Protection of end-users

According to the Commission's original text and the Council's general position, the DMA is primarily about protecting business users. However, the EP's version explicitly offers business users as well as end-users protection against gatekeepers by extending the DMA's application to end-users in several recitals and articles. For example, the DMA will apply to gatekeepers providing a core platform service serving as an important gateway to both business users and end-users for reaching other end-users. Moreover, by users, the EP refers to those in the wider European Economic Area (EEA) and not just the EU.

Killer acquisitions

Protecting future innovation and potential competition in digital markets is a growing priority for most regulators. Last month, the UK's Competition and Markets Authority (CMA), blocked a big tech acquisition (Facebook/Giphy) and directed Meta (formerly Facebook) to sell Giphy. In the EU, the applicable scope of the DMA to acquisitions by gatekeepers of low revenue-generating yet disruptive entrants/emerging rivals, or “killer acquisitions”, has been expanded by the EP. Any intended concentration by a gatekeeper will have to be notified to the Commission, not just concentrations "involving another provider of core platform services or of any other service provided in the digital sector". The EP also takes forward the Commission's new Article 22 referral policy that permits transactions not notifiable under the EU merger regulation (EUMR) or in any member state, to also be referred (see our previous article). The Commission must now inform national authorities of any gatekeeper concentration so that they may, in turn, use that information to request the Commission to examine the concentration under Article 22 EUMR.

Higher fines and clarification on remedies

The EP's amended version proposes to raise the maximum fine under the DMA from 10% to 20% of the total worldwide turnover and to set a minimum fine cap at 4%. As per the Commission's draft, structural remedies can be imposed only if they are proportionate, implying that there should be no equally effective behavioural remedies available. In the EP's version, the Commission will have the discretion to impose either structural or behavioural remedies which are effective and necessary to ensure compliance with the DMA. Besides, a new EP amendment puts the onus on gatekeepers to demonstrate compliance with their obligations under the DMA.

In-App payments, interconnection and tying

The EP has added an explicit reference to in-app payment systems as an example of ancillary services. It has been made clear that gatekeepers should refrain from requiring users to use any ancillary service of that gatekeeper in the context of its core platform service offering. This could partly be seen as a reaction to globally shared antitrust concerns regarding compulsory in-app payment systems like that of Apple's Appstore. The Council does not use the words "in-app payment systems”, but does insist that gatekeepers refrain from requiring users to use ancillary payment services. Further, the EP has introduced interconnection requirements for social media and messaging. In a recital, the EP even prohibits tying of core and ancillary services where other ancillary services are available, while the Council only prohibits the tying of core services to identification and payment services.

Alternatives to pre-installed services

A significant addition relates to the services of gatekeepers that are pre-installed on devices. The EP has required that gatekeepers provide a choice of alternatives to users when they open any pre-installed service for the first time, such as a search engine installed as default on an operating system.

Data for online advertising

The EP adds further requirements to the obligations imposed on gatekeepers regarding online advertising. It precludes gatekeepers from combining, for their commercial purposes and the placement of third-party advertising on their own services, personal data to deliver targeted or micro-targeted advertising, unless a clear, explicit, renewed and informed consent has been given. This consent cannot be given by a minor, and therefore this means a ban on the processing of the personal data of minors for commercial purposes.

Member state enforcement

In the meantime, EU member states and their competition authorities have not been sitting idle. Early in January 2021, Germany enacted a new provision in its general competition law, which prohibits certain practices by large digital players unless they are capable of being objectively justified. This provides the German competition authority with an ex-ante enforcement tool, similar to the one envisaged by DMA. Within a short period, the German competition authority opened proceedings under the new rules against Facebook for integrating its Oculus virtual reality products into its social network; against Google for looking into its data processing practices; and against Amazon and Apple to determine if they are covered by these new rules. Meanwhile, ex-post enforcement concerning big tech companies has continued as well. For example, just this month the Italian competition authority fined Amazon over EUR 1 billion for abusing its dominant position in the e-commerce market by tying logistics services.

What to expect next?

With the two co-legislatures having reached agreements within their respective institutions, the final text of the DMA depends on their trialogue negotiations which involve the Commission, as well. Clarity on the possibility of private enforcement based on DMA findings may be forthcoming. As the EP has reduced the period within which the DMA will - after entering into force - apply from six to two months, we can expect the DMA to be applicable even before 2023.