The Digital Markets Act: Cracking down on the big tech gatekeepers

The EU Digital Markets Act (DMA), originally entered into force in November 2022, is a regulatory framework designed to ensure fair, competitive, and open digital markets within the European Union. The DMA aims to prevent large providers of digital platforms and services from abusing their power and influence in their markets, allowing smaller businesses to compete fairly and equitably.

Simply put, the DMA identifies the largest digital platforms that provide core services, such as search engines and social networks, as 'gatekeepers'. The European Commission now enforces specific obligations on these gatekeepers to ensure things like interoperability with third-party services and prohibiting unfair practices such as self-preferencing.

The first gatekeepers were designated in the last quarter of 2023, and some of the general obligations were imposed. As of March 2024, the DMA is fully applicable, with all obligations and prohibitions now in full effect.

With the DMA now very much in play, let's take a deeper look at who the gatekeepers are, what the act is, and how the gatekeepers are faring.

Keeping the gatekeepers in check – a breakdown

As of May 2024, the European Commission has identified seven gatekeepers with various widely used services under their belts. At the time of this publication, the seven current designated gatekeepers are:

1. Alphabet (Google Search, Google Maps, Google Play, Google Shopping, Chrome, YouTube)
2. Amazon (Amazon Marketplace)
3. Apple (App Store, Safari, iOS, iPadOS)
4. Booking (Booking.com)
5. ByteDance (TikTok)
6. Meta (Facebook, Instagram, WhatsApp, Messenger, Meta Marketplace)
7. Microsoft (Windows PC OS, LinkedIn)

Obligations and prohibitions under the DMA

There are a considerable number of regulations under the DMA imposed on gatekeepers - too numerous to be listed. For further detail, you can find the complete list here. With that being said, let's take a look at some of the key obligations and prohibitions mandated by the DMA:

Note: A 'business user' is any natural or legal person acting in a commercial/professional capacity who uses a gatekeeper's platform to provide goods and services to end users.

Obligations

1. Interoperability: Gatekeepers must allow third-party services to operate seamlessly with their services (such as making messaging services compatible with each other).
2. Data transparency and access: Business users must be provided access to the data generated by their interactions with customers on the gatekeeper’s platform.
3. Promotion and contracts: Business users should be able to promote their offerings and conclude contracts with customers outside the gatekeeper’s platform.
4. Advertising transparency: Gatekeepers must provide tools and information to advertisers for independent verification of their advertisements.

Prohibitions:

1. Self-preferencing: Gatekeepers cannot favour their own products and services to end users over third parties on their platforms.
2. Data combination: Combining personal data from different sources without user consent is prohibited.
3. Third-party payments: Developers must be allowed to use third-party payment platforms for application (app) sales.
4. Pre-installed software: Gatekeepers cannot pre-install certain software and applications (such as operating systems and default applications) without making them easy to uninstall.

Due to the nature of the DMA, gatekeepers are subject to close monitoring by EU regulatory authorities such as the European Commission. The monitoring includes regular audits to verify compliance with DMA rules, with the gatekeepers also being mandated to provide detailed reports on their business and moderation practices, ensuring ongoing transparency.

Penalties for non-compliance

The penalties for organisations that do not adhere to the regulations set by the DMA can be quite severe. Companies that are found in violation of any of these obligations and prohibitions can face fines of up to 10% of their total global revenue, with repeated infringements increasing penalties to 20% of global turnover. The European Commission can also implement recurring fines of up to 5% of average daily turnovers. To put this into perspective, if Amazon were to violate the rules and incur a 10% global revenue fine, they could be forced to pay north of $60 billion.

Penalties do not stop at fines, however. For any companies that systematically and repeatedly violate the regulations set out by the DMA, the Commission may also enforce behavioural and structural remedies as a last resort. These remedies could include breaking up parts of the business into smaller ones.

Gatekeepers must not only comply with the rules but also cooperate with regulators by providing detailed information on their business practices, the algorithms used, and relevant data. This gives authorities the necessary information to assess these companies' behaviour properly.

How are the gatekeepers faring?

To put it bluntly, not well. The Commission currently has several non-compliance investigations against Alphabet, Apple, and Meta – with some investigatory steps also being taken towards Amazon. Alphabet and Apple are under investigation for potential ‘anti-steering’ practices (policies or contractual provisions that prevent or restrict a business from directing customers towards alternative options that might be more beneficial or cost-effective) and self-preferencing. For Meta, the Commission opened proceedings to investigate whether a new 'pay or consent' policy breaches the prohibition of data combination.

These breaches fundamentally represent a power struggle between these very powerful companies and European authorities, who sometimes lack unity and whose procedures are lengthy and outcomes uncertain.

To stay compliant, the gatekeepers will need to revise some of their business practices, which could reduce their profit margins. The new obligations imposed by the DMA could curb their dominance and ability to lock users into their ecosystems. However, constraints can often lead to innovation. Undoubtedly, these companies will find new technologies and new business directions to develop. The downside of acting through regulation is that it intervenes after the fact. The DMA has some loopholes and although many of these loopholes have since been addressed and rectified, some remain that gatekeepers will likely exploit.

The takeaway

The DMA has the potential to significantly transform how digital platforms operate within the European Union, signalling a new era of regulatory oversight for tech giants. While the full impact of the DMA remains to be seen and may not be fully apparent until a few years down the line, it is clear that the European Commission is committed to fostering a more competitive digital landscape, even as gatekeepers navigate (and sometimes resist) these new requirements. As regulators and companies adapt to this new framework, the real test will be whether the DMA can effectively balance innovation and fair competition while ensuring that digital markets remain open and contestable for all players. The ongoing investigations and initial responses from gatekeepers suggest that this balance will be a complex and evolving process that will likely shape the future of digital markets in Europe and, beyond that, globally.