On December 15, 2020, the European Commission (EC) published its proposal for a Digital Markets Act (DMA). The proposal aims to promote fair and contestable markets in the digital sector. If adopted, it could require substantial changes to the business models of large digital platform service providers by imposing new obligations and prohibiting existing market practices. These changes not only would create significant new obligations on “gatekeeper” platforms, but also opportunities for competitor digital service providers and adjacent firms. Further, the proposed requirements of the DMA have the potential to transform the way that businesses engage with “gatekeeper” providers – including, for example, companies that sell goods and services, distribute apps, and/or purchase advertising on large platforms.
Digital Markets Act Proposal: Main Takeaways
Who Will Be Regulated?
With the DMA, the EC proposes to complement the existing competition rules with ex ante regulation of providers of so-called “core platform services” that are deemed to have a “gatekeeper” position.
Core platform services include online intermediation services (e.g. online marketplaces, booking sites, etc.); search engines; social networking services; video-sharing platforms; number-independent interpersonal communication services (e.g. messaging and chat apps); operating systems; cloud computing services; and advertising services, including any advertising networks, advertising exchanges and any other advertising intermediation services, provided by a provider of any of the aforementioned other core platform services.
A provider of core platform services is deemed a gatekeeper if it fulfills three cumulative conditions:
- It has a significant impact on the internal market: this is presumed to be the case if the company achieved an annual turnover in the European Economic Area (EEA) equal to or above € 6.5 billion in each of the last three financial years, or where its average market capitalization or equivalent fair market value amounted to at least € 65 billion in the last financial year, and it provides a core platform service in at least three Member States; and
- It operates a core platform service that serves as an important gateway for business users to reach their customers: this is presumed to be the case if the company provides a core platform service that has more than 45 million monthly active end users established or located in the EU (corresponding to roughly 10% of the population of the EU-27) and more than 10,000 yearly active business users established in the EU in the last financial year; and
- It enjoys, or will foreseeably enjoy, an entrenched and durable position: this is presumed to be the case if the thresholds in the previous point were met in each of the last three financial years.
A provider of core platform services meeting the above-mentioned thresholds should notify the EC thereof within three months after those thresholds are satisfied. The EC shall then designate the provider as a gatekeeper within 60 days. However, the presumptions created by meeting the thresholds are rebuttable and the provider can, with its notification, present substantiated arguments to demonstrate that, in the circumstances in which the relevant core platform service operates and considering factors such as entry barriers, it does not qualify as a gatekeeper.
Conversely, even if a company does not meet the quantitative thresholds (or presents substantiated arguments to demonstrate that it does not qualify as a gatekeeper), the EC may still decide to designate it as gatekeeper on the basis of a qualitative assessment, taking into account factors such as entry barriers, data-driven advantages, economies of scale and scope, user lock-in effects, etc.
The proposal empowers the EC to adopt delegated acts to specify the methodology to determine whether the quantitative thresholds are met as well as to adjust those thresholds to market and technological developments where necessary. The EC shall also review the gatekeeper designations on a regular basis and at least every two years.
Do’s and Don’ts for Gatekeepers
Providers of core platform services designated as gatekeepers must comply with specific obligations, including both affirmative obligations (“do’s”) and prohibitions (“don’ts”). The impact of these obligations can hardly be overstated. Indeed, if adopted as proposed, these obligations would require at least some of the large digital platforms to fundamentally overhaul their business practices and possibly, in some cases, entire business models.
Core platform service providers will have to comply with these obligations within six months of being designated as a “gatekeeper”, although the DMA proposal leaves open a possibility for the suspension of, or exemption from, specific obligations under certain (very restrictive) conditions.
In addition, gatekeepers are required to notify the EC of any intended acquisition or concentration involving another provider of a core platform service or of any other digital sector services irrespective of whether it is notifiable under the EU Merger Regulation or under national merger rules. However, such notification does not constitute a bar to closing the transaction.
Furthermore, within six months of being designated as such, gatekeepers must submit to the EC an independently audited description of the consumer profiling techniques they use and update this description on an annual basis.
Market Investigation Mechanism
The DMA proposal empowers the EC to conduct market investigations for three purposes:
- Identifying gatekeepers that are not captured by the quantitative thresholds of the DMA as well as assessing the qualification of presumed gatekeepers that have presented substantiated arguments to rebut the presumption;
- Identifying other services that should be added to the list of core platform services or new practices that may limit the contestability of core platform services or may be unfair and which are not effectively addressed by the existing obligations;
- Identifying proportionate behavioral or structural remedies in case of systematic infringement of the rules by a gatekeeper.
Notably, the DMA proposal empowers the EC to adopt “delegated acts” to “update” the list of do’s and don’ts where, based on a market investigation, it has identified the need for new obligations addressing practices that limit the contestability of markets or are otherwise unfair. This would mean that the EC could amend the obligations applicable to digital gatekeepers without having to go through the ordinary legislative process, effectively bypassing the EU legislature (the Parliament and the Council).
According to the proposal, the EC will be in charge of enforcing the DMA. To that end, the EC would have extensive investigative powers similar to those it has in antitrust investigations, including the power to require information, conduct interviews and conduct on-site inspections (“dawn raids”). Notably, the EC would have the power to access databases and algorithms and to require explanations and information about their operational details.
The proposal empowers the EC to adopt decisions ordering gatekeepers to cease and desist from non-compliant conduct and to declare binding commitments offered by the gatekeepers. Furthermore, in case of systematic non-compliance, the Commission can impose any behavioral or structural remedies that are proportionate to the infringement committed and necessary to ensure compliance.
The EC would also be able to impose fines of up to 10% of the company’s total worldwide annual turnover in the preceding financial year in case of non-compliance with the do’s and don’ts and of up to 1% of total annual turnover for obstructing investigations or failing to submit to audits. The Commission can also impose periodic penalty payments of up to 5% of average daily turnover in the preceding financial year per day to enforce compliance with its decisions.
The involvement of national authorities is limited to a “comitology procedure” requiring the EC to consult a Digital Markets Advisory Committee, composed of representatives of the Member States, before adopting non-compliance decisions, imposing behavioral or structural remedies, or adopting delegated acts.
As a regulation, the DMA will be directly applicable in the Member States. Private enforcement through national courts will therefore also be possible.
Relationship with Other Regulation
According to the EC, the DMA proposal complements, and is fully coherent with, the existing Platform-to-business (P2B) Regulation, existing EU and national competition laws, data protection laws (in particular the GDPR) and sector-specific regulation such as the rules applicable to electronic communications services (in particular the European Electronic Communications Code (EECC), which the Member States had to transpose into national law by 21 December 2020).
Unlike the P2B Regulation, which applies (since 12 July 2020) to all online intermediation services and search engines in their relationships with business users, the DMA is a deliberately asymmetric regulatory instrument, i.e. one which applies only to a subset of very large platforms. However, the DMA applies in respect of a wider range of platform services and in the gatekeepers’ relationships with both business users and consumers. Whereas the P2B Regulation only imposes relatively light-touch obligations of fairness, transparency and effective redress, the DMA includes much more far-reaching and specific rules.
The DMA proposal purports to complement existing competition laws by addressing unfair practices that either fall outside the scope of those laws or cannot be as effectively addressed by them, considering that antitrust enforcement only intervenes ex post, on a case-by-case basis, and usually only after a lengthy investigation. According to the Commission, the DMA proposal, with its list of do’s and don’ts, is based on its own antitrust enforcement experience as well as on the findings of several expert reports on the application of competition law in digital markets. If the DMA is adopted as proposed, the practices that it blacklists will be prohibited ex ante if applied by designated gatekeepers, without the need to show that they infringe EU or national antitrust laws.
The DMA proposal also purports to complement existing data protection laws by, inter alia, imposing transparency obligations for “deep” consumer profiling and a mandatory opt-out requirement for combining data across core platform services. At the same time, the data access and portability requirements provided for in the proposal are specifically subject to the requirements of the GDPR when applied to personal data.
The DMA proposal and the parallel proposal for a Digital Services Act are subject to the ordinary EU legislative procedure. That means that they will go through a lengthy negotiation process between the European Parliament and the Council, which is expected to last at least 1.5 years and likely will entail numerous amendments to the texts before a compromise between the two co-legislators is reached. Once adopted, the Act is expected to enter into force six months after its publication and will be directly applicable across the EU.