The European Commission’s Digital Markets Act Proposal: Regulating systemically important digital platforms

On Tuesday, the European Commission adopted its long-awaited proposals for the digital markets act (“DMA”) which, if enacted, will radically change how digital platforms are allowed to operate in the EU. Following the recent high-profile complaints by the US antitrust agencies into Google and Facebook, the DMA is the EU’s proposed solution for how to keep digital markets ‘open and contestable’ and preserve effective competition in the domains of the largest digital platforms. The DMA is intended to address the Commission’s long-standing concerns that its existing enforcement powers are not sufficient to address competition concerns in fast-moving digital markets nor have sufficient deterrent effect on the largest digital players.

In a nutshell

To achieve this, the DMA would impose a suite of regulatory obligations on large “gatekeeper” platforms with potentially far-reaching consequences on the business models of the key digital players. It will also impact those that do business with them.

The DMA would also give the Commission stringent enforcement powers to ensure the effective implementation of the rules. Consistent with the EU’s antitrust rules, the Commission will have wide-ranging investigatory powers as well as the ability to levy fines of up to 10% of global turnover for infringement. Furthermore, in a significant ratcheting up of enforcement powers, the Commission would be able to break up the businesses of platforms that systematically infringed the rules (following a market investigation).

Introduction of the DMA would mark a fundamental shift by the Commission towards prevention over cure in digital markets. The DMA’s ex-ante rules address many of the issues that the Commission has been using its traditional enforcement powers to tackle. This shift also raises practical questions over how the DMA would affect the Commission’s ongoing investigations. While the Commission has been quick to clarify that its enforcement work will continue unaffected, the DMA has the potential to significantly reduce the practical importance of many of the Commission’s ongoing digital investigations.

As an added extra, gatekeepers will also have to inform the Commission of any proposed transactions in the digital space – irrespective of whether they are notifiable to the Commission or any national competition authority. This raises the prospect, already mooted, that the Commission may use its powers under Article 22 of the EU Merger Regulation to more proactively review transactions in the tech space that fall short of the EU Merger Regulation’s thresholds.

However, the Commission’s adoption of the DMA is the first step in a long legislative journey. Given the seminal nature of the act, significant scrutiny by the European Parliament and Council is expected over the next two to three years. There is much to play for and it will be interesting to see what ultimately reaches the rule book (if anything).

This alert summarises the content of the DMA and how the legislative process is likely to unfold in the coming months. For a broader alert on the DSA and the DMA, see our Insights.

Who does it apply to?

The DMA would regulate the conduct of large digital platforms, which it labels “gatekeepers”. These are platforms that ‘most directly intermediate between business users and end users’ in markets characterised by extreme scale economies, very strong network effects and a lack of multi-homing.

The DMA defines a gatekeeper as a provider of “core platform services” that: (i) has a significant impact on the internal market; (ii) serves an important gateway for business users to reach end users; and (iii) enjoys an ‘entrenched and durable position’ either at present or foreseeably ‘in the near future.’ There is an exhaustive list of “core platform services” that includes online search engines, online intermediation services, online social networking services, video-sharing platforms, operating systems, interpersonal communication services, cloud computing, and advertising.

There are two broad quantitative tests for identifying gatekeepers:

  • Size of undertaking test: the relevant undertaking (a) has an annual EEA turnover equal or above EUR 6.5 billion in the last three financial years or has an average market capitalisation of EUR 65 billion; and (b) provides a core platform service in at least three Member States; and
  • Core platform service test: the relevant core platform service has 45 million monthly active end users in the EU and more than 10,000 yearly active business users in the last three years.

However, the DMA allows for flexibility and these quantitative criteria are not final. Companies that fulfil the quantitative criteria can still rebut the presumption that they are gatekeepers. And the Commission may still designate an undertaking as a gatekeeper where it satisfies the size of undertaking test but falls short of the core platform test. It may do so, for example, in relation to digital platforms that ‘are foreseen to enjoy an entrenched and durable position in the near future’. This is designed to catch markets that are allegedly prone to what is referred to as tipping.

The DMA regulates core platform services rather than the company. This means that a platform can be designated as a gatekeeper for one or more core platform services (e.g. search engine and social networking). It also means that the obligations under the DMA would not apply to all of the platform’s activities, just to those which have been designated under the DMA. Once the DMA is adopted, digital players would have to self-assess whether they and any of their services meet the criteria above. If so, they would need to inform the Commission accordingly with the opportunity to contest whether they should be designated as a gatekeeper. The DMA also provides for a review clause for assessing whether the undertaking’s core platform service merits regulation or, indeed, whether additional services should be designated under the DMA.

What must a designated gatekeeper do?

Once a digital company is designated by the Commission as a ‘gatekeeper’, the DMA sets out dos and don’ts for its core platform services (or obligations and prohibitions). These are designed to address the “unfairness” of identified practices and ensure contestability in relation to core platform services. The proscribed practices are largely familiar from Commission enforcement in past and ongoing competition investigations in the digital space. But, in some cases, they go significantly beyond the scope of what we have seen to date.

The obligations under the DMA fall into two categories: a list of straightforward obligations and a range of obligations that may be further specified. There are rules that apply across multiple core platform services and digital services and others which are specific to sectors such as digital advertising.

The straightforward obligations on gatekeepers’ designated core platform services largely involve restrictions on their commercial freedom, particularly towards their business users. These rules would prevent gatekeepers from:

  • combining personal data from their core platform services with data from other sources (including other services offered by the gatekeeper);
  • restricting business users from contracting with end users outside of the gatekeepers’ eco-systems (whilst allowing end users to continue accessing and using the relevant service through the relevant eco-systems);
  • requiring business users to use, offer or interoperate with any identification service of the gatekeeper in the context of providing its services via the relevant gatekeeper’s core platform services.

The more complex obligations include a range of provisions that would require gatekeepers to provide greater access to third party business and end users. Even with the best of intentions, these obligations would need to apply in potentially different ways to different core platform services and thus cannot be precisely defined without further specification.

These obligations would, in particular, provide that gatekeepers:

  • must allow the installation and use of third-party software or application stores that are interoperable with the gatekeeper’s core platform services;
  • cannot treat their own services more favourably in ranking services (e.g. in search algorithms) and, more broadly, must provide such ranking services on a non-discriminatory basis; and
  • must provide business users and third parties with access to data, including consumer data, ‘provided for or generated in the context of’ their use of core platform services.

To ensure the effectiveness of these more complex obligations (and overcome the difficulties of precisely defining them up front), the Commission leaves compliance, in the first instance, to the gatekeepers. However, where the Commission considers that a gatekeeper is failing to comply, it may impose remedies following an investigation (which would set out what the gatekeeper would need to do).

What does the market investigation function do?

The market investigation function stemmed from the proposals for a “New Competition Tool”, which were discussed over the summer (see our Insights).

From those discussions to now, the market investigation tool has been significantly revised, and reduced from a proposed stand-alone tool to a solely complementary role for the ex-ante rules. However, while it now performs a largely ancillary function in the DMA, it still stands to have a pivotal role in ensuring the continued effectiveness and enforcement of the DMA. It would perform three main tasks:

  • Designation of gatekeepers: it would allow the Commission to designate undertakings that did not meet the core platform service test as gatekeepers. This would, in particular, enable the Commission to regulate firms active in markets that are expected to tip (and thus need to be regulated ahead of a core platform service provider having acquired market power).
  • Expansion of core platform services and gatekeepers’ obligations: it would enable the Commission to potentially expand the scope of the DMA both in relation to services classified as “core platform services” and the list of obligations on gatekeeper platforms.
  • Enforcement of the DMA obligations: the market investigation function would also allow the Commission to impose stringent remedies – including structural remedies – on gatekeepers that systematically breach their obligations under the DMA.

That said, the market investigation provisions in the draft DMA are not currently a cohesive single instrument. The concept is, instead, used to group different processes for the effective administration and enforcement of the DMA, providing a mechanism for discretion and flexibility into an otherwise rigid framework.

So, for example, the DMA provides for different time periods for market investigations depending on the purpose. The Commission has 12 months to complete a market investigation and issue a decision for designation of a firm as a gatekeeper. But it has 24 months to issue a public report on whether to expand the scope of the DMA (and ultimately to determine whether to propose amendments or delegated acts to do so).

Enforcement and sanctions

The DMA provides for enforcement mechanisms similar to those currently available to the European Commission under the antitrust rules. The Commission would have wide-ranging powers to investigate, to levy fines for the failure to cooperate and ultimately levy fines of up to 10% of a gatekeeper’s global turnover for infringements of the DMA.

However, as outlined above, the Commission will also have the power to impose structural remedies – i.e. mandating the break-up of a gatekeeper’s business – for systematic infringers of the rules. The Commission would, however, have to conduct a market investigation to justify such a radical intervention.

Is there anything else on the menu?

Gatekeepers would also need to keep the Commission appraised of any contemplated mergers or acquisitions involving another provider of core platform services or of any other digital services, regardless of whether the transaction is reportable under the EU Merger Regulation or EU Member States’ merger control rules. While this is solely an obligation to provide information, the provision, in tandem with the Commission’s proposed use of the referral mechanism under Article 22 of the EU Merger Regulation, opens up the prospect of the Commission using the information to exercise more oversight over tech transactions that would otherwise fall outside the Commission’s jurisdiction (as well as other national competition authorities).

What’s next?

While the adoption of the DMA proposal is an important milestone, it marks only the beginning of the legislative process. The average timeline for approval of legislation following adoption by the Commission is 18 months. But controversial legislation can take significantly longer to gain agreement from both the Council and European Parliament. Given the wide reach of the proposal, we expect unprecedented lobbying efforts, fierce debates, and intense negotiations before the DMA comes into force by 2023 at the earliest. There is much to play for on all sides, and indisputably there is an opportunity for digital players and those impacted by them to seek to shape the debate.