Privacy & Information Security Law Blog

On March 24, 2022, the European Union unveiled the final text of the Digital Markets Act (the “DMA”). The final text of the DMA was reached following trilogue negotiations between the European Commission, European Parliament and EU Member States (led by the French Presidency at the European Council). The final text retains essentially the same features as the previous draft text but does include some notable changes.

National governments at the European Council and the European Parliament compromised on the scope of the DMA and overall obligations for organizations with the following changes on the European Commission’s original DMA proposal. These include:

• Adding web browsers and voice assistants to the definition of “core platform services” but excluding connected TVs from the DMA’s scope.
• Raising the threshold to identify a company as a “gatekeeper” from the European Commission proposal of €6.5 billion in annual revenue and market capitalization of €65 billion to €7.5 billion in annual revenue and market capitalization of €75 billion. An organization also needs to have at least 45 million monthly end users and 10,000 yearly business users to be identified as a gatekeeper.
• Supporting the European Parliament’s position to restrict gatekeepers from combining data across platform services, unless consent has been obtained in an explicit and clear manner in line with the EU General Data Protection Regulation (“GDPR”). The practical result of this change will be that combing data across platforms will not be able to take place through alternative legal bases for processing, such as where necessary to protect the vital interest of an individual or if necessary for the public interest.
• Restricting gatekeepers from requiring business users of their core platform services to make use of their payment service platforms, in addition to the European Commission’s original obligation to prohibit gatekeepers to restrict business users to use gatekeepers’ identification services.
• Providing advertisers and publishers access to price-setting conditions and algorithms used by gatekeepers, in addition to the European Commission’s original access obligation related to advertising portfolio.
• Removing the European Parliament’s proposal to ban targeted advertising towards minors by noting that content moderation issues should be tackled by the Digital Services Act.
• In addition to the existing interoperability obligation (of the same operating system, hardware, or software features used by the gatekeeper of any ancillary services), requiring gatekeepers to enable interoperability between messaging services to a limited extent. In that regard, messaging platforms will have to provide interoperability with competitors for one-to-one conversations between users, but not for group chats at least for another four years.
• Increasing the maximum level of fines for non-compliance from 10% to 20% of the gatekeeper’s worldwide revenue in cases of repeated infringements.

The trilogue discussion did not reach a common position on a proposed amendment to empower the European Commission with veto power, which would have enabled the European Commission to override any decision taken by national competition authorities and impose obligations on gatekeepers. Nevertheless, the European Commission still has the power to temporarily prevent acquisition by gatekeepers in cases of systematic non-compliance with DMA rules.

The DMA was put forth by the European Commission in 2020 to regulate “contestable and fair markets” in the digital sector. The DMA imposes a set of obligations on “gatekeeper” platforms. The main obligations under Articles 5 and 6 of the DMA will be applicable six months after its entry into force. The Centre for Information Policy Leadership at Hunton Andrews Kurth previously published a white paper on the interplay between the Draft EU DMA and the GDPR.