News

The Commission designates six companies as gatekeepers under the DMA

September 06, 2023 EU, Competition and Regulatory

On 6 September 2023 the European Commission decided to designate six companies as so called ”gatekeepers” under the EU Digital Markets Act (DMA). These are Alphabet, Amazon, Apple, ByteDance, Meta and Microsoft.

The Commission has also specified for each company the relevant core platform services concerned. The companies now have 6 months, i.e. until 6 March 2024, to ensure full compliance with all relevant obligations established under the DMA concerning e.g. data use, favouring of own products or services, pre-installation of applications or default settings, interoperability, etc.

In the event a gatekeeper breaches the rules under the DMA, it risks being fined up to 10% of its total global annual turnover. This can be increased to up to 20% of the total annual turnover in case of repeated offences.

It is worth noting that the DMA, like other EU regulations, is directly applicable in the Member States, which means that the rights and obligations established can be invoked by third parties before national courts, e.g. in actions for damages.

Link to the Regulation

For questions concerning the DMA please contact Per Hellström

For more information concerning the DMA, read the article below,

 

 

The Digital Markets Regulation - challenges and opportunities

 

  1. Introduction

The EU Digital Markets Act (DMA[1] ) entered into force on 1 November 2022 and will apply from and including 2 May 2023.

The aim of the DMA is to ensure open and fair digital markets within the Union, focusing on a few large companies, so-called "gatekeepers", that provide certain core platform services (e.g. online intermediation services, search engines, social networks, video sharing platforms, operating systems).[2]

These platform services often have characteristics that can be exploited by gatekeepers to lock in or disadvantage customers and users, such as economies of scale, network effects, vertical integration and data-driven benefits.

The DMA should be viewed as a complement to the competition rules under Articles 101 and 102 TFEU and the corresponding national rules, and constitutes an ex-ante regulation aimed at ensuring that markets where gatekeepers exist remain open and fair, by imposing specific obligations and prohibitions on gatekeepers, e.g. on data use, favouring own products and services, pre-installation of applications or default settings, interoperability, etc.[3]

The DMA therefore differs from (and is applied in parallel with) the competition rules that are normally applied ex-post, through an individual assessment of the market positions and behaviour of one or more undertakings, including an analysis of actual or potential effects.

On 6 September 2023 the European Commission decided that six companies meet the specified turnover and user thresholds to qualify as gatekeepers. These are Alphabet (Google), Amazon, Apple, ByteDance (TikTok), Meta (Facebook) and Microsoft. The Commission has also specified for each company the relevant core platform services concerned. The companies now have 6 months, i.e. until 6 March 2024, to ensure that they comply with all relevant obligations established under the DMA.

The Commission has the exclusive authority to regulate compliance with the DMA (although in co-operation with national authorities) and has been granted significant investigative and supervisory powers. In the event a gatekeeper breaches the rules under the DMA, it risks being fined up to 10% of its total global annual turnover. This can be increased to up to 20% of the total annual turnover in case of repeated offences.

It is worth noting that the DMA, like other EU regulations, is directly applicable in the Member States, which means that the rights and obligations established by the DMA can be invoked by third parties before national courts, e.g. in actions for damages.[4]

 

  1. Gatekeepers

The DMA sets out obligations and prohibitions directed at gatekeepers. A gatekeeper is an undertaking providing core platform services that has been designated as a gatekeeper pursuant to a decision of the European Commission in accordance with Article 3 of the DMA.

 

2.1 Designation as a gatekeeper

The assessment of whether an undertaking should be designated as a gatekeeper is based on three qualitative criteria.[5] These should be understood in the light of the quantitative criteria set out in Article 3(2), which provide a presumption that the qualitative requirements are met:

  • The undertaking has a significant impact on the internal market, which is considered to be fulfilled if it achieved an annual turnover in the Union of at least EUR 7.5 billion in each of the last three financial years, or if its market capitalisation was at least EUR 75 billion in the last financial year, and it provides the same core platform service in at least three Member States.
  • The undertaking provides a core platform service that is a key entry point for business users to reach end users. This is considered to be fulfilled if the service has had at least 45 million monthly active end-users within the Union and at least 10,000 annual active business users established in the Union in the last financial year.
  • The undertaking has an entrenched and durable position in its operations, or it is foreseeable that it will enjoy such a position in the near future. This is considered to be fulfilled if the thresholds in the paragraph above were reached in each of the last three financial years.

 

All three criteria must be met for an undertaking to be designated as a gatekeeper. However, this can occur even if the quantitative thresholds are not met. In this case, the Commission may take into account a number of other circumstances, such as the size of the undertaking, the number of business users, network and data-driven effects, economies of scale, lock-in effects, etc.[6]

An undertaking that meets the thresholds under Article 3(2) has an obligation to notify the Commission without delay (at the latest within two months), providing all relevant information for each core platform service. The undertaking may also present arguments showing that, even if all thresholds are met, the service should not be considered to fulfil the qualitative requirements of Article 3(1).

In cases where the thresholds are not met, the Commission may commence a market investigation to examine whether an undertaking should nevertheless be designated as a gatekeeper, in accordance with the procedure set out in Article 17. The Commission shall endeavour to complete its market investigation within 12 months.

 

2.2 Core platform services

A key concept under the DMA is the so-called "core platform services". A decision to designate an undertaking as a gatekeeper is linked to one or more core platform services that the company provides. The obligations and prohibitions stipulated by the DMA are also linked to these services.

Article 2(2) contains a list of core platform services under the DMA:

  • Online intermediation services;
  • Online search engines;
  • Online social networking services;
  • Video-sharing platform services;
  • Number-independent interpersonal communications services;
  • Operating systems;
  • Web browsers;
  • Virtual assistants;
  • Cloud computing services;
  • Online advertising services.

 

This list is exhaustive, although the European Commission may decide to launch a market investigation in accordance with Article 19 in order to examine whether one or more services should be added to this list (or any of the current services removed), and in such event present a report accompanied by a legislative proposal to the Council and the European Parliament.

As mentioned in the introduction, on 6 September 2023 the Commission decided that six companies[7] fulfil the specified turnover and user thresholds to be designated as gatekeepers and has specified for each company the relevant core platform services concerned.

The Commission has also opened four market investigations to further assess Microsoft's and Apple's arguments that, despite meeting the thresholds, some of their core platform services do not qualify as gateways[8]. The investigation should be completed within a maximum of 5 months. In addition, the Commission has opened a market investigation to further assess whether Apple's iPadOS should be designated as gatekeeper, despite not meeting the thresholds. Under the DMA, this investigation should be completed within a maximum of 12 months.

 

  1. Obligations and prohibitions

After the decision to designate a company as a gatekeeper has been issued, the company in question has 6 months to ensure compliance with the obligations and prohibitions laid down under the DMA. These can be found in Articles 5-7 under Chapter III DMA – Practices of gatekeepers that limit contestability or are unfair.

 

3.1 Obligations

The obligations include those that require the gatekeeper to:

  • allow business users to use its platform free of charge to promote offers to end users acquired through the platform or other channels and conclude contracts with those end users.[9]
  • enable end users to access and use, through its platform, content, subscriptions, features or other products using a business user's software application, including where those end users have acquired those products from the relevant business user without using the gatekeeper's core platform services.[10]
  • Provide each advertiser, upon request, with free information to ensure transparency of prices and charges for its advertising services and provide business users with access to data to assess the performance of the service.[11]
  • allow end users to uninstall pre-installed software and allow and make it technically feasible to install and use third-party software and software stores that use or are compatible with the gatekeeper's operating system.[12]
  • enable effective interoperability with, and provide access to, the same hardware and software functions used by the gatekeeper itself, free of charge[13]
  • Ensure effective portability of data provided or generated by end users on the platform and provide tools and continuous real-time access to data, as well as provide business users with effective continuous real-time access to data generated on the platform.[14]
  • apply fair, reasonable and non-discriminatory general terms and conditions for business users' access to their software stores, search engines and online social networking services[15]
  • Ensure effective interoperability of the basic functionalities of messaging services, such as text messaging, voice and video calls, and sharing of, for example, images, videos and files.[16]

 

3.2 Prohibitions

The DMA prohibits gatekeepers from:

  • for the purpose of providing online advertising services, processing personal data of end users using the services of third parties who use the gatekeeper's core platform services without explicit consent;[17]
  • combining or cross-using personal data from one core platform service with another without explicit consent;[18]
  • preventing undertaking from offering the same products or services at different prices or conditions on a third-party platform or through their own online sales;[19]
  • preventing users from making complaints to public authorities;[20]
  • imposing the use of the gatekeeper's own identification service, browser, or payment service, in connection with services provided by business users;[21]
  • requiring users to subscribe to/register for additional core platform services as a condition for using any of the gatekeeper's core platform services;[22]
  • in competition with business users, using non-publicly available data generated or provided by those users;[23]
  • treating its own services and products more favourably, in terms of ranking and related indexing and web browsing, than similar services or products of a third party;[24]
  • restricting the ability of end users to switch/select different software applications and services accessed using the gatekeeper's core platform services, including the choice of internet connection services;[25]
  • applying disproportionate conditions for the termination of a core platform service.[26]

 

The European Commission is empowered to update these obligations by means of a delegated act, should a market investigation show that it is necessary to ensure transparency and counter unfair practices in digital markets.

The Commission can also act against conduct aimed at circumventing the rules under the DMA. According to Article 13(4), the gatekeeper "shall not engage in any behaviour that undermines effective compliance with the obligations set out in Articles 5, 6 and 7, regardless of whether that behaviour is of a contractual, commercial, or technical nature, or of any other nature, or consists in the use of behavioural techniques or interface design".

 

  1. Other obligations

Companies designated as gatekeepers must provide the Commission with a report within six months describing in a detailed and transparent manner the measures taken to ensure compliance with the obligations under the DMA.[27] The gatekeeper must also publish a non-confidential summary of the report, which must be updated annually.

The company must also carry out an independent audit of any consumer profiling techniques applied by the gatekeeper to its core platform services, and submit a description thereof to the Commission which, in turn, will inform the European Data Protection Board.[28] An overview of the description will also be published.

Furthermore, gatekeepers must establish an internal compliance function with sufficient authority, status and resources to advise on and ensure compliance with the rules under the DMA.[29]

It also imposes an obligation on gatekeepers to inform the Commission in writing of all proposed acquisitions, whether they are notifiable under EU or national merger rules.[30] The Commission shall inform the competent authorities of the Member States for information, which in turn may request the Commission to examine the concentration in accordance with Article 22 of Regulation (EC) No 139/2004.[31]

 

  1. Investigation, supervision and monitoring

The European Commission has the exclusive authority to enforce the DMA (although in co-operation with national authorities) and has been given significant investigative and supervisory powers. The Commission can gather information through requests for information, hearings or inspections, and can impose fines for non-compliance or default fines to force companies to comply with certain measures and decisions.[32]

Should a gatekeeper breach the rules under the DMA, it risks being fined up to 10% of its total global annual turnover. This can be increased to up to 20% of the total annual turnover in case of repeated offences. Systematic non-compliance can lead to structural corrective measures.[33] The Commission can also decide on interim measures.[34]

National authorities may not take decisions that conflict with a decision adopted by the Commission under the DMA.[35] However, the Commission and national authorities must cooperate closely and coordinate enforcement actions.[36] Coordination can also take place within the European Competition Network.[37]

A national competent authority may conduct an ex officio investigation into a case of possible non-compliance with Articles 5-7 of the DMA in its territory, provided it has the competence and investigative powers to do so under national law. The authority must notify the Commission in writing before taking its first investigative action and also report on the results of such an investigation. However, the Commission may decide to open its own investigation or take over an ongoing investigation at Member State level.

It may be mentioned that in Sweden a memorandum has been presented with proposals for new provisions in relation to the competition law regulatory framework which means, inter alia, that the Swedish Competition Authority will assist the European Commission in its supervisory activities.[38] The new rules are proposed to enter into force on 1 January 2024.

The DMA also gives third parties and competitors the right to inform national authorities or the Commission directly about gatekeepers' practices or behaviour covered by the Regulation.[39]

The Commission has decided to establish the so-called High Level Group, consisting of 30 representatives from various European bodies and networks, such as BEREC, the European Data Protection Board (EDPB), the European Competition Network (ECN), the Consumer Protection Co-operation Network (CPC) and others, to provide the Commission with advice and expertise from their respective fields of expertise.[40]

The DMA, like other EU regulations, is directly applicable in the Member States, which means that the rights and obligations established by the DMA can be invoked by third parties before national courts, e.g. in actions for damages.

National courts may request that the Commission provides information or files opinions on issues related to the application of the DMA.[41] The Commission may also submit written observations to national courts on its own initiative. National courts may not take decisions that conflict with a decision adopted by the Commission under the DMA.

 

  1. Remarks

The recitals to the DMA indicate the increasingly important role that digital services in general, and digital platforms in particular, play in the economy. A small number of large companies with significant economic power have emerged. These gatekeepers sometimes control entire ecosystems of platforms and can be difficult to challenge or compete with, no matter how innovative and effective the challengers are. It can also lead to unfair practices and unfair conditions for business users and end users.

The traditional competition rules have not been able to stem this tide, as these rules can only be applied in certain cases of market power (e.g. dominance) and to certain cases of anti-competitive behaviour. Enforcement is ex post, time-consuming and involves extensive case-by-case investigation of often complex facts.

The DMA therefore aims to adopt in advance clear and unambiguous rules to which gatekeepers must adhere. This creates challenges, but also opportunities.

It remains to be seen whether the prohibitions and obligations adopted are sufficiently clear and relatively easy to apply, or whether disputes over the interpretation and application of the rules will arise, possibly leading to lengthy court proceedings. The latter seems likely.

The Commission has organised a series of workshops on topics such as "self-preferencing", "interoperability", "app stores" and "data related obligations", inviting representatives of gatekeepers, business users and stakeholder organisations to discuss these issues in front of Commission representatives. The positions expressed in these workshops suggest that there is some room for interpretation.[42]

The DMA also creates opportunities for innovative companies and potential competitors of gatekeepers to invoke the equivalent rights provided by the DMA to offer their goods and services on the major platforms without being disadvantaged by the unfair behaviour of gatekeepers. Third parties are given the opportunity to complain about non-compliance with the DMA to national authorities or directly to the Commission.

The gatekeepers have until 6 March next year to ensure that all obligations under the DMA are fulfilled, and it will be interesting to see the impact of the DMA on digital markets in Europe.

 

[1] Regulation (EU) 2022/1925 of the European Parliament and of the Council of 14 September 2022 on contestable and fair markets in the digital sector and amending Directives (EU) 2019/1937 and (EU) 2020/1828 (Digital Markets Act), published in the Official Journal of the European Union on 12 October 2022.

[2] Ibid. Article 2(2)

[3] Ibid. Articles 5-7

[4] Ibid. Article 42 with specific reference to class actions.

[5] Ibid. Article 3(1).

[6] Ibid. Article 3(8)

[7] Alphabet (Google), Amazon, Apple, ByteDance (TikTok), Meta (Facebook) and Microsoft.

[8] For Microsoft: Bing, Edge and Microsoft Advertising, and for Apple: iMessage.

[9] DMA Article 5(4)

[10] DMA Article 5(5)

[11] DMA Article 5(9), 5(10), 6(8)

[12] DMA Article 6(3), 6(4)

[13] DMA Article 6(7)

[14] DMA Article 6(9), 6(10)

[15] DMA article on 6(12)

[16] DMA Article 7(1), 7(2)

[17] DMA Article 5(2)(a)

[18] DMA Article 5(2)(b), 5(2)(c)

[19] DMA Article 5(3)

[20] DMA Article 5(6)

[21] DMA Article 5(7)

[22] DMA Article 5(8)

[23] DMA Article 6(2)

[24] DMA Article 6(5)

[25] DMA Article 6(6)

[26] DMA Article 6(13)

[27] DMA Article 11

[28] DMA Article 15

[29] DMA Article 28

[30] DMA Article 14

[31] Article 14(4), 14(5)

[32] DMA Articles 21, 22 and 23

[33] DMA Article 18

[34] DMA Article 24

[35] DMA Article 1(7)

[36] DMA Article 37

[37] DMA Article 38

[38] KN2023/03687 New provisions related to competition law, https://www.regeringen.se/rattsliga-dokument/departementsserien-och-promemorior/2023/08/nya-bestammelser-i-anslutning-till-konkurrensregelverket/

[39] DMA Article 27

[40] DMA Article 40

[41] DMA Article 39

[42] For video recordings of these workshops see https://digital-markets-act.ec.europa.eu/events/workshops_en