On 12 October 2022, the European Union published the final version of its new Digital Markets Act (DMA). It’s a ground-breaking piece of legislation that will regulate the business conduct of so-called digital gatekeepers – the providers of the core platform services on which businesses depend to reach their customers. Such firms enjoy a entrenched and durable market power. The DMA will enter into force on 1 November 2022, and key rules will start applying on 2 May of next year.
While the Digital Markets Act is not without flaws and a number of questions remain, the legislation has more potential to rein in big tech’s market power than competition law and will significantly change the way that gatekeeper platforms operate in Europe. It’s intended to address shortcomings and vulnerabilities highlighted by the UK’s Furman Report, the US Stigler Report and the EU’s Vestager Report. In particular, all three argued that core platform markets are globally dominated by one or two of the same five companies: Google, Apple, Facebook, Amazon and Microsoft (GAFAM).
The DMA’s objective
The high degree of market concentration results from an unusual combination of factors inherent in digital platform markets: strong network effects, high returns to the use of data, scale and scope economies, and the ease of exploiting consumer biases. These factors make markets prone to tipping in favour of one or two players, and once a market has tipped, high barriers to entry make it difficult for newcomers to compete, even if they have the better product.
The DMA’s objective is twofold: First, to reduce barriers to entry to digital markets, making them more open to competition. Second, to make them fairer for business and end users by setting certain ground rules for the terms of use.
To this end, the DMA will subject gatekeepers to a set of stringent conduct rules. They’ll first be designated by the European Commission, and it is fully expected that GAFAM will all make the list.
Conduct rules and penalties
Once designated, gatekeepers will have six months to comply with the 22 conduct rules contained in Articles 5-7 of the DMA. These include:
- Obligations to share data with competitors and customers
- Possibility for consumers to load apps outside of firms’ app stores
- Mandatory interoperability of certain communications systems
- Public disclosure of user-profiling techniques
- Bans on favouring own services in search results
Many of these obligations go to the very core of big tech’s business models, and it remains to be seen how the firms will adapt. Noncompliance is subject to significant financial penalties: a one-off infringement can result in fines of up to 10% of the gatekeeper’s total worldwide turnover. For repeat offences, the fine may go up to 20%, and the gatekeeper may be banned from entering into mergers and acquisitions.
Stringent rules despite significant lobbying efforts
While jurisdictions such as the United States and the United Kingdom have also been considering similar regulations, the EU’s Digital Markets Act is the first of its kind.
Given that it’s a complex legal experiment that will impose significant enforcement cost both on the European Commission and the gatekeepers, there has been significant push-back. The American tech sector, in particular, has argued that the DMA is biased against US companies, and will ultimately harm European consumers because it will affect service quality and GAFAM’s incentive to innovate. Big tech reportedly engaged in significant lobbying efforts to avert or at least tone down the Commission’s original legislative proposal.
Judging by the result, these efforts were in vain. If anything, the final text of the DMA is even stricter than the draft. The European Parliament in particular played a decisive role in extending the list of services covered by the DMA, adding new conduct rules and increasing penalties.
The role of national competition agencies
The big tech firms weren’t the only entities expressing displeasure with the Commission’s legislative blueprint. The EU’s national competition agencies, led by Germany, France and the Netherlands, agreed with the substance of the DMA but pushed to be more involved in DMA enforcement.
In a rare joint statement, all 27 agencies argued they could offer expertise and resources to strengthen DMA enforcement. The fact is, once the DMA takes effect, it will prevent national regulation and leave room only for national competition rules that require an individual assessment of market power and the conduct’s actual effects in each individual.
case. The final DMA empowers national agencies to open investigations and collect evidence. However, to ensure a uniform enforcement approach, only the Commission is currently able to assess DMA conduct and issue non-compliance decisions.
The Commission will likely supplement public enforcement with private enforcement in the future. The DMA doesn’t explicitly state that private actors harmed by platforms that violate the DMA can sue for compensation. However, it does say that EU rules on collective redress for losses caused by EU law infringements apply to DMA infringements.
The DMA integrates many core concepts of the EU’s General Data Protection Regulation (GDPR), and requires the Commission to work closely with data protection bodies. This is a step forward, as regulating data-driven business models requires an interdisciplinary and inter-institutional approach, which has so far been neglected in EU competition law.
Scope for fine-tuning the DMA’s rules
A key criticism of the DMA has been its heavy use of per se rules, i.e., legal rules that do not require proving the actual harmful effects of the investigated conduct but outlaw the conduct as such. These have advantages and disadvantages:
- They’re relatively cheap and quick to enforce, meaning that the enforcement of the DMA could be much more effective than that of EU competition law. The abuse of dominance rules in particular require in-depth economic assessments, leading to average investigations in excess of five years.
- A clear downside of per se rules is that they’re blunt: they may outlaw conduct that does not cause any actual harm in the individual case (resulting in “false positives”) and may fail to catch conduct that does cause harm (“false negatives”).
- They can be circumvented by a firm adapting its business conduct to achieve the anticompetitive result in a manner that is not explicitly outlawed.
However, in its final version, the DMA contains many corrective mechanisms that would allow the Commission to correct rules where needed. It is to be hoped that the Commission will closely monitor the effect of the DMA both on businesses and consumers, and that it will not hesitate to step in if necessary.
Can the DMA achieve its aims?
One shortcoming of the DMA is that it doesn’t address gatekeeper acquisitions. GAFAM have collectively acquired more than 800 companies in their relatively short existence. Many of these were innovative start-ups developing complementary technologies, which the acquiring firms then integrated into their ecosystems. For example, Facebook snapped up WhatsApp for $19 billion in 2014. The deal has continued to make headlines, and not for good reasons: In 2017, the EU fined Facebook 110 million euros for providing misleading information about the takeover, and in 2020, the US Federal Trade Commission sued the company for illegal monopolization over the deal.
Despite growing concern about this trend, the European competition agencies and their US counterparts haven’t yet prohibited a single big tech acquisition. The question arises: Are the existing merger rules, developed in the age of brick-and-mortar-outlets, fit for the digital economy? The DMA could have been the opportunity to review EU merger control’s theories of harm and standards of proof for the platform economy.
The DMA only applies to core platform services offered to users established or located in the European Union. It doesn’t regulate gatekeeper services provided to users established and located in other jurisdictions. We’ll have to wait and see whether the “Brussels effect” will strike again, with gatekeepers complying with the DMA’s relatively stringent standards outside the EU. Alternatively, the gatekeepers could seek to operate services differently in jurisdictions with lower (or currently even nonexisting) regulatory standards. Presumably, there will be some degree of alignment on points that aren’t overly costly for gatekeepers, but also differences where these are overall profitable.
Bibliography
Professor of Law, Augmented Law Institute, EDHEC Business School
This article was originally published in The Conversation.
