The UK has taken its next steps in enforcing the Digital Markets, Competition and Consumers Act (DMCCA), the relatively new ex ante law brought in to impose rules in the digital sector. The law gives the UK’s Competition and Markets Authority (CMA) the power to designate dominant firms as having Strategic Market Status (SMS) in order to impose obligations and prohibitions on their conduct. So far, the CMA has used the DMCCA to designate two firms as having Strategic Market Status with respect to two digital activities: Google for search and search advertising, as well as Google and Apple for their respective mobile ecosystems, Android and iOS. After designation, the next step is to impose conduct requirements or pro-competition interventions. Unlike in the EU, the UK’s regime does not impose a pre-set list of rules, but rather, rules are tailored to each designated SMS firm within some relatively broad normative parameters provided for in Sec 20 DMCCA.
By Megan Kirkwood *
Under Google’s search and search advertising, the CMA is consulting on conduct requirements that, if adopted, would be legally binding. See SCiDA’s blog on the CRs here. These include legally safeguarding real-time and continuous data portability; choice screens for Android and on the Chrome browser to switch defaults; fair and transparent ranking on search, including for AI Overviews and AI Mode; and giving publishers more granular control over how their content is used for AI Overviews. These interventions are the first round of interventions, and the CMA has already indicated potential category 2 measures, which may include investigating self-preferencing of its AI services and monitoring potential anticompetitive practices in influencing ad auction outcomes.
Conversely, for the mobile ecosystems designation, the CMA has decided not to impose any legally binding conduct requirements for the time being. Instead, the CMA is considering adopting non-binding “commitments” that were proposed by Apple and Google.
The mobile ecosystem “commitments”
The commitments proposed by Apple and Google include some of the category one measures suggested in the CMA’s previously published Roadmaps (see Apple’s Roadmap here and Google’s here). For instance, they have committed to ensuring app store ranking is fair by, in Apple’s case, prioritising user engagement, app quality, and relevance, rather than self-preferencing the company’s own first-party apps. The two companies also promise to “safeguard the app data they gather from developers in the course of app review” to ensure that they cannot use such data against their competitors.
Additionally, Apple and Google have taken upon themselves non-binding obligations to ensuring developer contact channels are maintained and sufficiently visible and to report to the CMA annually on how quickly complaints were handled, the length of app review, and metrics regarding app store ranking and review. Apple has also proposed to launch a dedicated interoperability feedback channel for developers to submit interoperability requests to better access features and functionality on Apple’s operating system, and Google has proposed to host annual roundtables for developers.
Missing from the commitments that were in the category one interventions in Apple’s Roadmap was a requirement that Apple allow app developers to direct their potential customers off the App Store (steering). The CMA had mentioned that they would follow the approach of other jurisdictions, such as the European Commission, which has found Apple to be non-compliant with the Digital Markets Act (DMA) due to steering restrictions imposed by the company. The CMA had also outlined in Apple’s Roadmap a specific list of functionalities that Apple should make interoperable with third parties, but instead has allowed Apple to merely offer its request form, which the company will maintain full discretion over.
The CMA defends its decision to use non-binding commitments because Apple and Google “already have processes in place to ensure fair, transparent and objective app review, app ranking and use of data.” Thus, the commitments focus on “codifying” already existing policies and processes, introducing some transparency and ensuring the companies report to the CMA directly to monitor these mechanisms. The CMA has said that if “the companies fail to implement the commitments effectively, the CMA would expect to move swiftly to impose formal ‘conduct requirements’.” The CMA is consulting on the proposed commitments until 3 March 2026, which would then take effect from 1 April 2026.
CMA approach: then and now
This conclusion is a departure from the CMA’s 2022 mobile ecosystems market study, which, according to the interim report, was conducted to provide the basis for the designation of Apple and Google as Strategic Market Status firms, as well as to investigate what should be imposed on the firms. The market study details, in just under 400 pages, the multitude of advantages held by both firms with respect to each mobile ecosystem, and suggests potential remedies. For instance, proposed interventions included obligations to allow alternative app stores, allow third parties more access to hardware and software functionalities, requirements not to share data between the app review and development parts of their businesses, improvements to Apple’s design of its App Tracking Transparency privacy framework to ensure it is not self preferencing its own advertising network, ensuring reasonable app commission fees, and not imposing unreasonable restrictions on access to the app store such as mandatory in app purchasing systems, among many others.
Zooming in on one example, both Apple and Google have promised not to use data collected during app review to develop competing apps. This is an accusation that has long been directed at Apple in particular. In the 2022 market study, the CMA identifies that Apple’s privileged access to information during app development, stating that they have access to non-public data acquired through the app review process, transaction data obtained through in-app purchasing (which can only be done through Apple Pay), and app download data through their App Store. Apple responded to the CMA’s findings by insisting that structural separation would be “inordinately burdensome” as they have “safeguards already in place.”
However, the CMA details case studies of apps being copied by Apple, for example, Masimo, “a medical device company which offers pulse oximetry monitors that interact with users through smartphone apps.” The CMA details that after this app became available, “Apple began offering similar pulse oximetry functionality in its Apple Watch devices” and noted that under Apple’s MFi Agreement, Apple “can take advantage of innovations made by those companies required to agree to it, such as Masimo.” Apple’s MFi is a licensing program that allows developers to create hardware and software for Apple devices and falls under Apple’s Developer Licence Agreement, which, according to the CMA, “explicitly disclaims any confidentiality obligations over information that Apple collects from developers and gives Apple permission to use this information on an ‘unrestricted basis’.” Thus, developers are not protected from having their ideas copied, a practice that has been publicly documented as common. Indeed, the CMA concluded in the market study that the authority had:
… identified the risk of a number of potential conflicts of interest for Apple and Google in the operation of their app stores. In many cases they are both the rule maker and the referee for app markets in which they themselves compete, and we share some of the concerns raised by app developers that Apple and Google have the ability and incentive to provide an unfair advantage to their own apps.
The CMA gave its preliminary finding that the companies should be required not to share certain types of data through a form of data separation. The market study also considered operational separation and structural separation, noting that Apple has a cross-functional structure “where different functions work together and operational business units are shared across multiple business groups.” Therefore, it was considered too costly and inefficient to order such structural separations, though warned that if data separation was not delivering a fairer market, more drastic action should be sought.
Comparing this to the CMA now, which now legally holds the power to enforce the remedies it already recommended, no such action is being taken. Instead, the CMA is taking Apple’s word that “confidential third party data” will be separated during app review. Apple states in its commitments that the company “does not interpret, and will not apply, Developer Program License Agreement Section 9.3 in any way that would undermine the protections and processes it has documented in these commitments to safeguard third-party data.” This is despite numerous examples to the contrary that the CMA itself already laid out, and calls into question the validity of the commitment, as Section 9.3 explicitly states that information supplied under the agreement cannot be deemed confidential. Therefore, in Apple’s eyes, there is no confidential information to separate.
Thomas Höppner, partner at Geradin Partners and DMA litigator, pointed to Apple’s promise to separate the app review function from teams responsible for Apple’s apps and services, questioning how a team operating within Apple can “operate independently of Apple’s interests?” But criticism of the commitments by legal experts and stakeholders go much further than the issue of app review. Tom Smith, another partner at Geradin Partners, observed that “[f]our years on from the publication of the mobile ecosystems market study report, the CMA isn’t actually proposing any formal conduct requirements at all. […] It’s an outcome so weak that the possibility is not even mentioned in the CMA’s 220-page guidance document published in December.” He also criticised the use of the term “commitments”, which he points out “is a word with actual legal meaning in […] competition enforcement cases”. News Media Association chief executive Owen Meredith also commented on the lack of legal enforceability of the commitments, pointing to “the highly dubious track record of these tech giants”, which he points out gives reason to “question whether these voluntary commitments are really worth the paper they are printed on.”
Smith additionally went on to comment on the narrow scope of obligations, especially when compared to the original market study:
The measures that would make a material difference have been delayed again. These would have allowed app developers to steer customers away from the App Store to complete their purchase in order to avoid Apple’s commission, and force the mobile platforms to allow alternative app stores and direct downloading from websites. This is disappointing.
The Coalition for App Fairness called the commitments “a gift to Apple and Google” that leaves them “to set the terms of their own restraint— after years of abusing market power and dodging enforcement.” Like Smith, they also argue that the CMA must force these firms to allow for alternative app stores and sideloading.
Final thoughts
It is noteworthy that app store commission fees, sideloading, and alternative app stores are completely missing in the commitments. On the one hand, this may reflect an unwillingness to enter into back-and-forth negotiations over what fee charges can be considered “objectively necessary and proportionate” as the European Commission has done. As the DMCCA requires conduct requirements to be agreed between the CMA and the SMS firm, and the CMA has also promised to enforce its policies with “pace” (as part of the four P’s framework), the CMA has clearly opted to postpone the contentious issue. Therefore, part of the issue may be in the design of the regime, though lauded for its flexibility, which may result in some serious drawbacks where designated firms are putting their foot down. It may also be a sign that the CMA’s strategic steer could lead to a “less interventionist” competition authority, as some fear. But the authority retains the power to impose future conduct requirements, and this is only the first step.
*Megan Kirkwood is an independent writer specialising in issues related to competition and antitrust, with a particular focus on the dynamics of digital markets and regulatory frameworks.
