The European Parliament approved the Digital Markets Act at first reading on 15 December, with substantial amendments. Meanwhile, the Council (representing the 27 EU member states) has adopted a final position with fewer changes from the Commission’s original proposals. Below is a summary of the key differences, which represent the most obvious opportunities for lobbying during the trilogues. (This post has been updated since its original analysis of the EP Single Market committee DMA report, which contained almost all of these amendments. You can also read a full article-by-article comparison.)
There is strong political pressure for the legislation to be finally agreed between the three EU institutions in “trilogue” negotiations in the first half of 2022, during the French presidency of the EU (potentially even before the French national elections on 10 April 2022.)
Explicitly protecting end as well as business users: The EP has explicitly given end users (as well as business users) rights in six additional recitals (10, 36b, 39, 58, 65a, 77c) and nine article clauses (1(1), 3(1)(b), 5(ca), 5(d), 6(3), 10(1a), 10(2)(a), 17(ba), 22(2a)). The Council has largely adopted the Commission’s position the DMA is mainly about protecting business users against gatekeepers.
Criteria defining gatekeepers: The EP version makes explicit coverage of operating systems in smart/Internet of Things devices and cars, and adds virtual assistants, web browsers and connected TVs as core platform services. The Council highlights adtech (“online advertising intermediation services”) and the use of core platform services via voice assistants in its recital amendments, without changing the substance.
The higher EP €8bn turnover/€80bn capitalisation threshold for gatekeeper firms makes little difference regarding the near-€tn+ GAFAMs (parliamentary rapporteur Andreas Schwab wanted €100bn, probably to exclude some EU companies like Booking.com; I personally think it would be unwise for the EU to enable the US govt to attack the DMA as a protectionist, US-targeted measure, as some US voices have encouraged it to).
Interoperability and tying: The EP version is significantly broader than Commission’s, adding an interoperability requirement for messaging and social media, the two “core platform services” where it will have the biggest impact. If anything, the Council’s text is narrower. Almost all the MEPs speaking in the plenary debate, including rapporteur Andreas Schwab, highlighted this as one of their key improvements, so the Parliament will hopefully stick to its guns on this against the more limited Council text. An EP recital also bans tying of core and any ancillary services, whereas the Council equivalent only blocks tying of identification and payment services to core services.
Combination of core platform service data with other service data: This is an important issue to limit gatekeeper market power accruing from large quantities of user data. The EP version is significantly stronger. The Council’s R.36 is long-winded with several loopholes, while its A.5(a) adds three GDPR bases for processing beyond consent (legal obligation; vital interests; and public interest.) The Council version also limits the concept of consent by not referring to all the relevant parts of the GDPR.
App stores and default installed apps: Relatively similar, although EP goes further in several places. The final plenary debate added a new obligation on defaults (giving end users the right to choose default apps for core platform services, and uninstall pre-installed CPS apps).
Using gatekeeper data for advertising: The EP version adds several restrictions, particularly banning such processing for children. The Council version says nothing.
Using “dark patterns” to subvert user intent: The EP and Council versions are broadly similar. The EP defines non-neutral interface design and dark patterns that should be considered as circumvention, whereas the Council includes no attempt at definition, which may make enforcement harder, though potentially the Council version would catch more types of circumvention.
Effective enforcement and remedies for end users: The Council has wordier recitals, but the EP version has stronger substance in articles. The Council version only gives third parties, including civil society, the potential to be involved in the regulatory dialogue under Article 7 but not in other Commission decision-making. The EP gives third parties rights to be heard in all decision-making under Article 30. The Council’s 32(a) and (b) deal with member state coordination; the EP’s 31(a-d) do so more extensively. The EP version has explicit complaints and compliance processes (24(a) and (b)), higher penalties in A.26, and crucially allows representative actions in A.37(b). In Recital 64, the EP plenary explicitly added restrictions on so-called “killer acquisitions” by gatekeepers.