A year of DMA: Since the first notifications of gatekeepers, one year has passed, and it‘s time – not only for the first judgement of the EU General Court on a designation appeal – but for a review of the many events since the start of DMA enforcement. What happened? How does the Commission fare? And how do the gatekeepers comply? Here is all you need to know before the Brussels bubble (and the SCiDA blog) take the (midnight) train into the summer break.
By Sarah Hinck & Jasper van den Boom
The first 4 months of DMA compliance: Let the game(s) begin
The DMA entered into force in September 2022. However, the work did not really start until the first notifications on the 4th of July 2023, the subsequent designations in September 2023, and really went into overdrive in March of 2024 when the first gatekeepers had to start complying with the law. While the compliance date – 7 March – was already around 4 months ago, we still remember it like yesterday given the memorable opening events: The Gatekeeper’s compliance reports were due, and they had to defend their compliance measures vis-à-vis a critical audience during the compliance workshops in Brussels. For those of you who need a refresher, here are our blogs and background reports.
As anyone who followed the European Championship will be able to tell you, the half-time score does not decide the outcome. Yet it sure feels good to be ahead. The Commission has had a flying start in the first half of the year, as Filomena Chirico recently recounted at the big Tilburg conference, TILTING 2024.
Designations
In 2023, the Commission received 7 notifications by potential gatekeepers, of which it designated 6. In 2024, it designated 1 more (and the first EU-based) gatekeeper after receiving 3 more notifications. This makes 7 dwarfs giants: Alphabet, Apple, Amazon, ByteDance, Meta, Microsoft, and Booking (BAMBAMA for those who love acronyms). Samsung has escaped designation, while a market investigation into X is still ongoing.
Between these 7 gatekeepers, 24 core platform services have been designated. The Commission has conducted 5 market investigations following gatekeeper’s rebuttals, 4 of which have been accepted, and 1 is still pending (online social networking service X). The Commission also concluded 1 market investigation with a qualitative decision (designation of Apple’s iPadOS). The end-result looks as follows:
| Entity | # of CPS | Description CPS |
| Alphabet | 8 | Android, Chrome, Search, Google Play, Google Shopping, Google Maps, Google Ads, YouTube |
| Apple | 4 | iOS, App Store, Safari,iPadOS |
| Amazon | 2 | Amazon Marketplace, Ads |
| Meta | 6 | Facebook, Instagram, WhatsApp, Messenger, Marketplace & Meta Ads |
| Microsoft | 2 | Windows & LinkedIn |
| ByteDance | 1 | TikTok |
| Booking | 1 | Hotel platform Booking.com |
An impressive list of entities and core platform services. For those who don’t want to go by gatekeeper, here’s a breakdown per CPS:
| Search | Video- Sharing | NI-ICS | Browser | Ads | OS | Social Media | Online Interm. Services* |
| 1 | 1 | 2 | 2 | 3 | 4 | 4 | 7 |
The numbers do not reflect what has not been designated. For now, Samsung has escaped the gatekeeper status as its internet browser was not considered to meet the thresholds. Existing gatekeepers have also escaped the designation of some services. ByteDance’s and X’s ads services were not designated as a separate entity, and Apple’s iMessage also escaped designation. Microsoft escaped designation in browser, search, ads, and its email client.
- We even have a first court decision already. After dismissing ByteDance’s request for interim measures, the General Court also dismissed the appeal against the Commisssion’s designation decision of the social network TikTok. ByteDance has based its appeal on the argument that TikTok does not hold an entrenched position and should be considered a challenger rather than a gatekeeper itself. While TikTok is known for its captivating (or CapCut-ivating) 30 second videos, the Court has shown that it’s not as easily influenced. The GC has set a high burden of proof for gatekeepers, as their pleas and evidence should manifestly call into question the Commission’s arguments. Moreover, all evidence should be readily available during the administrative procedure. In other words, all text and no editing? It’s truly TikTok’s nightmare! No wonder it didn’t work.
- Apple’s three-prong appeal against its gatekeeper designation decision are based on the arguments that (i) Art. 6(7) DMA constitutes a breach of EU law (fundamental rights and proportionality) and cannot be applied to iOS, (ii) Apple operates 5 different App Stores per device not only one across devices and (iii) iMessage is not a NIICS.
- Meta is contesting the designation of its Messenger and Marketplace arguing that Marketplace is a consumer to consumer service so it cannot fall within the definition of an online intermediation service and Messenger is simply a chat functionality of Facebook.
- One player is appealing from the sidelines. Browser company Opera has announced that it is appealing the Commission’s decision not to designate Microsoft’s browser Edge as a gatekeeper despite meeting the quantitative thresholds.
While football is relying on VAR to find truth, the gatekeepers have to rely on the European Courts to find out whether the Commission has played by the rules – and the SCiDA bloggers are ready to comment on the game. Where in doubt, decision makers can consult newly released rulebooks such as the English article-by-article-commentary on the DMA edited by Rupprecht Podszun (#ad).
The Commission’s non-compliance investigations
After the designations came the compliance reports, and then the compliance workshops. While these workshops were still ongoing, the Commission showed teeth and scored a surprise goal, as it announced the first round non-compliance investigations on the 25th of March. For the critics in the audience who thought the compliance reports and workshops would let the gatekeepers off too easy and the DMA would be over before it even started, the swift enforcement announcement seemed to restore the faith in the Commission’s constituency.
By now, the Commission has announced 6 non-compliance investigations and hinted at more to come:
- Alphabet is being investigated for its changes to App Store Rules and the steering of its developers under Art. 5(4) DMA. Art. 5(4) DMA requires the gatekeeper to allow its users, free of charge, to promote or offer their services through other channels. The Commission also seems concerned about possible self-preferencing of Alphabet’s own vertical search services in its changes to its horizontal search page under Art. 6(5) DMA.
- Apple is being investigated for steering in the App Store under Art. 5(4) DMA as well, and for concerns that Apple’s design of the web browser choice screen may be preventing users from truly exercising their choice of services.
Reaching for the first yellow card in the game, the Commission already announced a preliminary finding in the Art. 5(4) investigation. According to
the Commission, Apple’s compliance measures are flawed as developers cannot provide pricing information within the app or communicate in any other way with their customers to promote offers available on alternative distribution channels. In addition, the Commission argues Apple does not provide developers with the new freedoms under Art. 5(4) free of charge. Rather, Apple charges developers a fee for every purchase of digital goods or services a user makes within seven days after a link-out from the app. Moreover, the Commission has announced live on the 24th of June, during the ECN DMA conference workshop in Amsterdam on which we reported here, that they have opened a new non-compliance investigation into Apple’s new business terms, which may be detrimental for the emergence of third-party marketplaces. Apple’s new contractual terms for developers are the condition to access some of the new features enabled by the DMA, notably the provision of alternative app stores or the possibility to offer an app via an alternative distribution channel. Apple has, however, kept the option to subscribe to the previous T&C, which do not allow alternative distribution channels at all.
- Meta is being investigated for its pay-or-consent model under Art. 5(2) DMA, which gives users a choice between being tracked or paying a monthly fee. For Meta, the Commission has announced that its preliminary findings show non-compliance. According to the Commission, Meta’s binary choice forces users to consent to personal data combination and fails to provide a less personalised but equivalent version of Meta’s social networks. This finding comes as no surprise in light of the recent Opinion by the European Data Protection Board, which we have blogged on recently. However, the Commission has shown mercy and has extended the deadline for Meta to comply with Art. 7 DMA regarding Facebook Messenger.
There is more in the pipeline for the DMA game to be continued. What the Commission described as ‘further investigatory steps’, means the Commission is also keeping an eye on Amazon and Microsoft and other activities of Alphabet, Apple and Meta. For this purpose, the Commission has ordered Alphabet, Amazon, Apple, Meta, and Microsoft to retain documents which might be used to assess their compliance with the DMA obligations. Regarding Apple, the Commission is taking a closer look at Apple’s checks and reviews to validate apps and alternative app stores to be sideloaded. Also, Amazon did not fully escape further scrutiny as the Commission is looking into Amazon’s treatment of its own brand products on the Amazon Store.
And what’s next? Another team is warming up in the background: As one part of the DMA team focuses on these investigations, another will soon have to assess the compliance strategy by Booking. There is also the chance that the Commission hits a lucky surprise shot and scores another non-compliance goal given that it has launched the DMA Whistleblower Tool as an easy access tool for informants to provide information on DMA breaches (anonymously).
Team DMA towards the win? The right plays on and off the pitch.
The first changes have become visible. Users can choose more defaults, will see the occasional choice screen, and give or withdraw consent for data sharing on more occasions. There are also a lot of changes still to come: messaging interoperability, the emergence of alternative app stores on mobile operating systems, and maybe web apps on iOS. There are also things that may not happen due to the DMA. For instance, Apple has announced that it will withdraw its AI from Europe as it cannot introduce it in a way that is compliant with the DMA. This power move sparked a wave of cheers and jeers with spectators: Does the DMA make consumers in the EU worse off (if the new Apple tools are seen as something good – which some may doubt with a view to the hefty surveillance it includes)? Or is this just some flexing of muscles, hiding the real issues? Do consumer get a better, improved AI tool due to the DMA, if a bit later? If you are wondering why the DMA is relevant for AI at all, check out the statement by the High Level Group on the DMA.
Despite the first months of DMA euphoria, the Commission does not seem to put all its eggs in one basket. It still makes full use of its powers in antitrust vis-à-vis Big Tech:It has recently published its decision in its case against Apple Anti-Steering practices with a 1.8 billion Euro fine, published its commitments on access to Apple’s near-field-communication (NFC) functionality, and has opened an investigation into Microsoft’s bundling of Microsoft Teams. According to the Commission, Microsoft has breached EU competition law by tying its communication and collaboration product Teams to its suites for businesses Office 365 and Microsoft 365.
The Players
DMA enforcement and competition law scrutiny of gatekeepers are in full swing. This is all the more remarkable since the past half year was rocky for the key players. From 6-9 June 2024, the European electorate was called to take the vote. This meant a lot of campaigning for politicians and the end of term for the Von der Leyen Commission. The DMA team at the Commission is currently composed, so we hear according to the plan, of roughly 100 staff members. It works under the auspices of two directorates, DG COMP and DG CONNECT. Executive Vice President Margrethe Vestager is currently looking for a new job since the Danish government declared they would not renominate the lady with iconic status (one of the few European politicians in the TIME 100 Most Influential Persons of 2023 list). Commissioner Thierry Breton who is for Vestager what TikTok is for Instagram has better chances to be re-nominated as the French commissioner – but with which portfolio?
The DMA team itself is led by Albert Bacchiega (from DG COMP) and Rita Wezenbeek (from DG CONNECT) with many notable officials present at conferences and meetings who are very well-respected in the Brussels circles.
On the national level, Martijn Snoep of Dutch competition agency ACM secured a top place by hosting the first ECN DMA conference in Amsterdam (with Yale economist Fiona Scott Morton by his side) – it was a remarkable showcasing of national agencies united in their support of taming Big Tech. The ACM reports to have three staff members sent to the DMA team for support.
The governments and the European council have done their deed. They do not seem to be particularly active in the DMA field nowadays, which is probably good. Cédric O, who had once represented the governments in the final trilogue negotiations of the DMA, has switched sides: He now lobbies for the deregulation of AI. In the European Parliament which played an important role in tightening the DMA proposal, the players met for a friendly round on 3 April 2024, listening to Commissioner Vestager and experts. Andreas Schwab who had been the DMA rapporteur was re-elected into Parliament as were Christel Schaldemose, Stephanie Yon-Courtin, René Repasi and Anna Cavazzini. Responsibilities in Parliament will be sorted out in the coming weeks.
The General Court also made its first appearance on the pitch as a referee with the Bytedance appeal – first in interim proceedings, now with a ruling on the main case. And it let the Commission have the ball. In the press release accompanying the ruling on 17 July 2024 it is in bold letters that the case was decided within 8 months. With a view to the speed effect of DMA (kick and rush, as we call it) that is not too bad. Yet: The case was dealt with under the expedited procedure upon request by Bytedance. Also, the designation question was a clear-cut, straight-forward matter. One may expect, that more substantive claims on obligations may take a longer time – and the route to the Court of Justice is open anyway.
Outside the European pitch
Being conscious of the limits of the DMA pitch, things are happening outside of Europe that may impact our online experience here. The United States FTC and Department of Justice are conducting investigations into Amazon, Apple, and Google. The United Kingdom has also (finally!) introduced its Digital Markets, Competition, and Consumers Act on the 24th of May. These new laws and investigations may produce their own changes and results, which impact the digital space for all of us. The match is being played, not just in Europe but also abroad. Luckily, competition between regulators is not a “winner take all market”, so we can all root for Team DMA.
