Blog
Early Assessment of the Digital Markets Act
Blog
March 25, 2024
Less than three weeks after the European Union’s (EU) Digital Markets Act (DMA) took effect on March 7, 2024, the European Commission announced on March 25, 2024 that it is opening investigations into Apple, Google, and Meta for suspected noncompliance with its new directives.
The DMA—which aims to increase competition in the EU’s digital ecosystems—nominally went into effect in November 2022. But it took months to design the rules, designate “gatekeeper” companies, and give those companies time to come into compliance. As the recent investigation announcement makes clear, the EU is taking this new directive seriously. This blog post offers insight into the early steps some gatekeepers are taking to comply with the DMA, the EC’s recent investigations into (and skepticism of) those compliance efforts, and what this means moving forward.
Who Is Subject to the DMA and What Does the DMA Require?
The DMA’s requirements apply to “gatekeeper” companies, as designated by the European Commission (EC). This designation is intended to identify platforms that “provide an important gateway between businesses and consumers in relation to core platform services.” On September 6, 2023, the EC formally designated six companies as gatekeepers—Alphabet (the parent company of Google), Amazon, Apple, ByteDance, Meta, and Microsoft—in connection with specific “core-platform” services. For example, Alphabet’s gatekeeping status applies to the core-platform services of intermediation (Google Maps, Google Play, Google Shopping), video sharing (YouTube), search (Google Search), browser (Chrome), and operating system (Google Android). Apple’s gatekeeping status applies to its core-platform services and products: intermediation (the App Store), browser (Safari), and operating system (iOS).
Among the Act’s many requirements, the following are the more notable prohibitions and obligations to which the aforementioned gatekeepers are subject, effective March 7, 2024:
Gatekeepers are barred from … | Gatekeepers are required to … |
Self-preferencing their own products or services in rankings.[1] | Allow users to change default settings or uninstall any software apps, unless necessary for the operating system to function.[2] |
Requiring that users utilize a gatekeeper’s other services as a condition of accessing a core-platform service.[3] | Allow users to install third-party apps or app stores that do not endanger their devices or operating systems.[4] |
Preventing business users from using differential pricing terms and conditions on their own websites or other platforms.[5] | Permit communications between business users and end users.[6] |
Tracking users’ digital activities for advertising, absent explicit permission.[7] | Provide business users with real-time access to their platform-related data.[8] |
If gatekeepers fail to comply with the DMA, they can face fines of up to 10% of their global revenues—a penalty that can rise to 20% for repeat offenders.[9]For “systematic infringements,” the EC reserves the right to impose “additional remedies,” including—as a last resort—structural or behavioral remedies (e.g., forced divestiture).[10]
How Have Gatekeepers Shifted Their Policies/Practices?
In an effort to comply with the DMA, designated gatekeepers have announced a number of changes to their policies and practices in the EU. But this has not been enough to head off criticism and now investigations by regulators who suspect that some gatekeepers’ changes don’t go far enough to comply with the Act.
For example, Google—which offers the widest range of core-platform services—announced a number of changes, including (i) an opt-out to prevent Google from sharing certain categories of data across Google services; (ii) an option for Google Play Store app developers to “steer” direct users outside their Android apps and toward alternative payment options; (iii) allowing Android users to change their default search engines and browsers; and (iv) allowing developers to offer alternatives to Google Play’s billing system, which, if used, would reduce Google’s commission by 3% (i.e., to 27% as opposed to Google’s default 30% commission). Competitors have criticized these changes as inadequate given that Google has placed new restrictions and taxes on web transactions that companies like Epic Games and Yelp have suggested have the opposite effect of “actually increas[ing] the rate at which users will remain within Google’s walled garden.”
Apple’s iOS 17.4 update, which purports to respond to the DMA, (i) allows apps to be distributed via “sideloaded” third-party app stores downloaded from a company’s website; (ii) permits developers to use alternative payment processors; (iii) prompts users with choice screens to select an alternative default browser service; (iv) allows developers to inform EU users of deals and offers available outside their iOS apps; and (v) allows users to make purchases of digital goods and services on the developer’s external website.
As with the changes implemented by Google, some of Apple’s compliance measures have engendered controversy and criticism. While Apple’s new policies constitute a reduction to Apple’s default 30% commission, critics have commented that the marginal 3% difference between using Apple’s IAP and using a third-party payment system disincentivizes the use of alternative payment systems. In addition, Apple has introduced a “Core Technology Fee” (CTF), which requires developers to pay €0.50 (around $0.54) per app install after the app has generated over a million first annual installs within a 12-month period, regardless of whether the app is distributed via the App Store, an alternative app marketplace, or both. Spotify has stated that the new fees imposed on developers amount to “extortion,” and Epic’s CEO criticized Apple’s compliance plan as full of “junk fees.”
The EC appears to share in these critiques as the Commission announced on March 25 that it has opened “non-compliance investigations under the [DMA] into Alphabet’s rules on steering in Google Play and self-preferencing on Google Search, Apple’s rules on steering in the App Store and the choice screen for Safari and Meta’s ‘pay or consent model.’” Meta’s no-ads subscription service (the so-called “consent or pay” model) was introduced in Europe in November 2023 in response to numerous legal challenges under data protection laws and has since faced criticism from privacy and consumer rights groups. The Commission is also looking into Amazon’s self-preferencing and Apple’s new fee structure and other terms and conditions for alternative app stores and distribution of apps from the web (sideloading) that the EC notes may be defeating the purpose of its obligations under Article 6(4) of the DMA.
What Will the DMA’s Impact Be?
With the Act in its infancy, much remains to be seen with respect to the Act’s implications for competition in the digital marketplace. There are, however, a number of areas worth monitoring closely in gauging whether the DMA will realize its stated purpose of disrupting big-tech power structures:
-
- The EC’s Response to Gatekeepers’ Compliance Efforts: The efficacy of the DMA will partly depend on whether the EC is willing to enforce it. As is evident from the EC’s recent investigation announcement, the EC is taking this seriously. The DMA—at least on its face—allows for harsh fines (i.e., 10% of a gatekeeper company’s global revenues and up to 20% for repeat offenses) and threatens structural/behavioral remedies in “last resort” situations. Early test cases may give us some insight as to how far the EC is willing to wield its enforcement power and how it intends to employ the remedies the Act authorizes.
- Private Action: The DMA is an ex-ante instrument designed to proactively establish parameters for acceptable behavior in digital markets and will apply together with the EU competition laws. Just as the EC enforces both the EU competition rules and will enforce the provisions of the DMA, private actions will remain possible for EU competition law breaches in digital markets and will now also be permitted under the DMA provisions. This twin-pronged approach is consistent with the EU’s long-held belief that private actions for damages are an important supplement to public enforcement.[11]As we’ve seen in the United States and elsewhere (e.g., Epic’s app store lawsuits against Apple and Google globally), private enforcement actions can be sweeping in number and scope. We anticipate that private actions will soon become an important part of the digital markets regulatory landscape in the EU.
- Responses Outside the EU: Many of the changes that gatekeepers have implemented in response to the DMA are EU specific. In assessing the DMA’s impact, it will be worth watching whether the Act prompts action outside the EU. Other countries—including Japan, Britain, Mexico, South Korea, Australia, Brazil, and India—are thought to already be developing similar legislation. Similar legislation in other countries—which may end up being even more restrictive than the DMA—could force gatekeepers, which operate globally, to implement responsive changes across their entire platform, regardless of the EC’s approach. We may also see gatekeepers proactively implementing their EU policies and practices globally in the near term in an effort to preempt legislation elsewhere. In addition, regulators and litigants in other countries may leverage tech giants’ DMA-driven changes to argue that the companies’ policies are unjustified. Indeed, Epic Games has done just that in its cases against Apple and Google in Australia, contending that the modifications in those companies’ app store policies in the EU undermine their argument that they reject third-party app stores and payment systems for security reasons.
[1] Regulation (EU) 2022/1925 of the European Parliament and of the Council of 14 September 2022 on contestable and fair markets in the digital sector and amending Directives (EU) 2019/1937 and (EU) 2020/1828, OJ L 265, art. 6(5) (Dec. 10, 2022), available at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32022R1925.
[2] Id. art. 6(3).
[3] Id. art. 5(8).
[4] Id. art. 6(4).
[5] Id. art. 5(3).
[6] Id. art. 5(4).
[7] Id. art. 5(2).
[8] Id. art. 6(10).
[9] Id. art. 30(1)–(2).
[10] Id. art. 30(73)–(75).
[11] See Directive 2014/104/EU of the European Parliament and of the Council of 26 November 2014 on certain rules governing actions for damages under national law for infringements of the competition-law provisions of the Member States and of the European Union Text with EEA relevance, OJ L 349 (May 12, 2014), at 1–2, available at https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32014L0104.
Related Professionals
Related Professionals
This entry has been created for information and planning purposes. It is not intended to be, nor should it be substituted for, legal advice, which turns on specific facts.