Last updated: 6 May 2022
The EU recently reached political agreement on two key pieces of digital competition-related legislation, which are now being translated before final adoption by the European Parliament and Council of Ministers (representing the 27 member state governments).
The goal of the Digital Markets Act (DMA) is to ensure “contestable and fair markets in the digital sector”. It contains roughly 20 separate up-front obligations (some applying to specific services) for the very largest digital gatekeeper platforms’ core services designated by the European Commission.
The Digital Services Act (DSA) contains specific requirements for Very Large Online Platforms. It is intended to “ensure the best conditions for the provision of innovative digital services in the internal market, to contribute to online safety and the protection of fundamental rights, and to set a robust and durable governance structure for the effective supervision of providers of intermediary services.”
The scope of the two acts is similar, covering the very largest platforms operating in the EU:
|Digital Markets Act||Digital Services Act|
|“Gatekeeper” platforms (DMA Art. 3):|
European Economic Area turnover > €7.5bn or capitalisation > €75bn and for three years has > 45m EU users + 10,000 yearly active business users;
Providing “core” services (Art. 2.2) of:
(a) online intermediation services;
(b) online search engines;
(c) online social networking services;
(d) video-sharing platform services;
(e) number-independent interpersonal communication services;
(f) operating systems;
(fa) Web browsers
(fb) Virtual assistants
(g) cloud computing services;
(h) online advertising services, including any advertising networks, advertising exchanges and any other advertising intermediation services, provided by an undertaking providing of any of the core platform services listed in points (a) to (g);
|DSA Art. 2 “(f) … a ‘hosting’ service that consists of the storage of information provided by, and at the request of, a recipient of the service”|
2(h) “‘online platform’ means a provider of a hosting service which, at the request of a recipient of the service, stores and disseminates to the public information…”
“Very large online platforms” (DSA Art. 25.1) “provide their services to a number of average monthly active recipients of the service in the Union equal to or higher than 45 million”
The DMA obligations are in two lists: “self-executing” obligations in Article 5, and obligations capable of further specification by the European Commission in Article 6. The originally-proposed obligations have been summarised by Michael Veale as follows (these have been slightly updated during negotiations between the EU institutions):
|Article 5. Platforms must:||Article 6. Platforms must:|
|– Silo data relating to core services.|
– Not forbid businesses from using other intermediaries too.
– Allow businesses to contract with users outside the platform but fulfil contracts through the platform.
– Not forbid businesses from reporting them to enforcement agencies.
– Not force businesses to use a particular ID service.
– Not bundle their core services together and force you to sign up to 2+.
AND interestingly for ads:
– Provide advertisers and publishers with the price/remuneration details (to stop intermediaries controlling market visibility).
|– Not use data of their business users to compete with them.|
– Allow end users to uninstall preinstalled software unless it is technically essential and cannot be offered standalone.
– Allow installation and effective use of 3rd party software/app store using and interoperating with an OS, and allow their access by means other than through a core platform service.
– Not rank their own products better than others’.
– Refrain from technically restricting the ability of end users to switch between and subscribe to different apps/services to be accessed using the OS, including internet access.
– Allow businesses, in the offering of ‘ancillary services’ to interoperate with OS, hardware and software.
– Provide advertisers and publishers with free analysis and verification tools/information.
– Provide effective data portability AND tools for end users to facilitate its exercise (normal, download your data tools exist) INCLUDING CONTINUOUS and REAL-TIME access.
– Provide business users with real-time aggregated/non-aggregated data generated by end-users in their interaction with the platform. Personal data only when it relates to that business user’s services and where consent is provided.
– Search engines must provide other search engine providers with anonymised “ranking, query, click and view data”.Apply non-discriminatory terms to app store terms and conditions
After much civil society campaigning, the final DMA imposes a very specific interoperability obligation on messaging/calling services (known in EU law as Number Independent Interpersonal Communications Services). Such services will be required to provide a technical “interface” (likely public Application Programming Interfaces or APIs) to interested competitors for specific “basic functions”, initially one-to-one text conversations, and later group discussions and group-individual voice and video calls. (No obligations will apply to smaller services, or to users of competitors who make use of gatekeeper interoperability.) While the Parliament also wanted an interoperability obligation imposed on social networks (principally Facebook), the 27 EU governments refused.
WhatsApp will almost certainly be designated under the DMA; iMessage and Facebook/Instagram Messenger are very likely to be designated; and Google Meet/Chat and Microsoft Skype/Teams probably will be. Telegram Inc. was reportedly valued at US$30-$40bn in 2021, but anyway already implements interoperability. It seems extraordinarily unlikely the non-profit Signal Foundation will ever meet the gatekeeper tests above. The final NIICS interoperability obligation explicitly protects end-to-end encryption and more broadly service security and privacy obligations.
Gatekeepers may apply to the European Commission for suspension of specific obligations if they would “endanger… the economic viability of the operation of the gatekeeper” (Art. 8) or for “overriding reasons of public interest” (Art. 9). And the Commission may add further obligations following a market investigation (Art. 10).
The Commission is planning the Act will come into force in spring 2023, following which the Commission has roughly 3-4 months to designate gatekeeper firms (which will include Alphabet, Meta, Apple, Amazon and Microsoft) and their covered “core platform services”, where the latter provide an important route for business users to reach end users.
The Commission published a proposal for a Data Act in early 2022, which includes provisions “ensuring fairness in how the value from using data is shared among businesses, consumers and accountable public bodies.” A public consultation on the proposal closed in June. It will require operators of “smart” (Internet of Things) devices to enable customers to access all the data generated by their devices, as well as provide government access to data resources under specific circumstances (such as public emergencies). Two of the responsible officials provided commentaries.
The prospect of significant EU legislative reform on merger control is limited, given the preference of significant Member States such as France for industrial policy building up “European champions.” A “New Competition Tool” envisaged by the Commission as part of the DMA/DSA package disappeared from the final proposals. Germany published a legal opinion arguing merger control measures could be included in the Digital Markets Act, but other member states, and some academics, argued the DMA’s internal market harmonisation legal basis ruled this out. Germany’s (Green party) junior minister for competition policy has restated his government’s preference for a more structural approach, and it seems likely such measures could be included in the next revision of the country’s competition law.
Instead, the Commission has since 19 February 2021 (before its updated merger guidance was even published) used its discretion under the Merger Regulation to encourage member states to refer cases that would not meet EU or even national turnover requirements, but “where the turnover of at least one of the companies concerned does not reflect its actual or future competitive potential. This could be the case of a start-up or recent entrant with significant competitive potential or an important innovator. It can be also the case of an actual or potential important competitive force, or of a company with access to competitively significant assets or with products or services that are key inputs or components for other industries.”
One of the first acquisitions investigated under this revised policy (Illumina/GRAIL) was granted an expedited hearing by the EU Court of Justice in late 2021, with a ruling expected a few months later on the legality of this approach. On 20 September 2021 the Commission adopted a statement of objections to Illumina’s announcement it had completed the acquisition of GRAIL before clearance.
Civil society advocacy
A key civil society competition-related advocacy goal in the DMA/DSA package was to require the largest platforms to make their services interoperable with competitors. Civil society persuaded the European Commission to include an interoperability provision in its initial DMA proposal (Art. 6(1)(f)), relating to ancillary services such as payments. Since then, groups including EDRi, BEUC, Article 19, EFF and OpenForum Europe advocated the Parliament and Council extend this to the major platforms’ core services. Several such amendments, and adding similar interoperability requirements to the DSA, were proposed by centre-left and Green/Pirate parliamentarians, with some support from liberal and centre-right MEPs.
Civil society also advocated for amendments to require genuine informed consent in certain circumstances from users, restricting firms’ use of “dark patterns” in user interfaces, as well as more broadly speaking giving users more rights as opposed to focusing on business users.
Another priority for civil society is ensuring effective enforcement, increasing the resources allocated to the competition unit of the European Commission and potentially involving national regulators.
The Internal Market committee DMA vote was applauded by EDRi, BEUC, EFF and LobbyControl, who also called for remaining loopholes to be fixed in the next stage of negotiations between the Parliament, Council (member state governments) and Commission, the so-called “trilogues”.
Key enforcement actions
In November 2020, the European Commission notified Amazon of its preliminary view the company was illegally using non-public data to compete with sellers via its marketplace, and opened an investigation into whether the company was giving preferential marketplace treatment to its own products, and sellers using the company’s logistics and delivery services.
The Commission is investigating claims Google favours its own services in its adtech supply chain, and considering an investigation into claims it is illegally forcing device makers to install Google Assistant as the default on Android devices. The European Publishers’ Council has filed a complaint against Google with the European Commission, arguing the firm “acts as a buyer, seller and intermediary in adtech… achiev[ing] end-to-end control of the adtech value chain, boasting market shares as high as 90-100%”.
In November, the Commission won a critical legal victory against Google’s appeal of its Shopping decision in the General Court of the EU Court of Justice (the investigation was initiated in 2010). The court confirmed Google had abused its dominant position in search to favour its own shopping comparison results, and the Commission’s fine of €2.42bn.
Clifford Chance competition lawyer Thomas Vinje commented the judgment “might be used as a basis to impose a heightened responsibility not to weaken competition on other quasi-monopoly companies, such as Facebook/Meta in social media”, and also “strengthen lawmakers’ resolve to adopt the (more far-reaching) outright prohibition on digital “gatekeepers” treating their own services or products more favourably in ranking services found in Article 6(1)(d) of the Commission’s proposal for a Digital Markets Act”.
In June 2021, the Commission opened an investigation into whether Facebook was illegally using advertising data to compete with advertisers in markets such as classified ads, and whether it has tied its Marketplace service to its social network. And in March 2021, the Higher Regional Court in Duesseldorf referred questions of competition and data protection law to the EU Court of Justice in a Facebook appeal against a Federal Cartel Office order.
In June 2020, the Commission opened an investigation into whether Apple abused its dominant position in the distribution of apps to require providers to use its payment services, and by preventing them from informing users of alternative payment options. On 30 April 2021, it notified Apple of its preliminary view it had done so for music stream apps. The Commission has also opened an investigation into Apple’s limitation of competitor access to iPhone “tap and pay” (NFC) functionality.
Commission executive vice-president Margrethe Vestager met US FTC Chair Lina Khan and US Assistant Attorney-General for Antitrust Jonathan Kanter in Washington DC on 7 December for their first Technology Competition Policy Dialogue.
The Commission has opened an investigation into the so-called “Jedi Blue” agreement between Meta and Google, “concerned that the agreement may form part of efforts to exclude ad tech services competing with Google’s Open Bidding programme, and therefore restrict or distort competition in markets for online display advertising, to the detriment of publishers, and ultimately consumers.”
Acknowledgment: this update was commissioned by Open Society Foundations.