Enforcement of the Digital Markets Act

Since March 2024, the undertakings Alphabet/Google, Amazon, Apple, Byte-Dance/TikTok, Meta, and Microsoft must comply with the obligations of the Digital Markets Act (DMA). These companies were already designated with the special status of a gatekeeper by the European Commission in September 2023, as they each reached certain user numbers and turnover thresholds set out in Art. 3 DMA. Since March 6, after a six-month implementation phase, the gatekeepers have had to comply with a whole catalogue of obligations, set out in Art. 5, 6, and 7 DMA.

The European Commission has taken immediate action and already opened investigations against Alphabet/Google, Apple, and Meta for non-compliance with the obligations in the DMA, not even a month after the implementation phase ended. This could happen so quickly mainly because the gatekeepers had to publish so-called compliance reports (Art. 11 DMA). These reports were supposed to enable the public and especially the Commission to quickly and unbureaucratically check the effectiveness of the implementation measures. Furthermore, so-called compliance workshops were held by the Commission in March, in which affected stakeholders, including business users such as app developers and online traders, as well as consumer protection associations could comment on the implementation measures. The insights collected in this regard seem to be already sufficient for the Commission to initiate investigations due to non-compliance with the behavioural obligations.

A primer on the DMA’s objectives

In order to understand the content of the investigation proceedings, we briefly recall the objectives of the DMA. The DMA aims to contribute to the proper functioning of the internal market by laying down harmonised rules ensuring contestable and fair markets in the digital sector (Art. 1(1) DMA). Thereby, the DMA introduces novel theoretical concepts, particularly the notions of contestability and fairness in digital markets, which do not have direct doctrinal predecessors in the existing European legislation.

After the Commission’s first proposal of the DMA in late 2020, these concepts were sometimes viewed merely as placeholders for the well-established competition concept in European competition law. The DMA was thus regarded as a special matter of competition law (Petit, JECLAP 2021, 529, 531, 540; Schweitzer, ZEuP 2021, 503, 517). The reason behind this interpretation was twofold: Firstly, the Commission initially had considered establishing a so called “new competition tool” instead of the DMA, which would have been directly enshrined in competition law. Secondly, the DMA includes several obligations, which have their doctrinal basis in specific competition law cases, such as the well-known Google Shopping case.

However, it is worth noting that the competition concept is not directly applicable to the DMA because the latter relies on a different legal basis, which is not part of the competition law framework in the European Treaties. The DMA is based on Article 114 TFEU, the internal market clause, rather than on a competition law provision – Article 103 (in conjunction with Article 352) TFEU (Zimmer/Göhsl, ZWeR 2021, 29, 31-35)

The research on the DMA’s objectives has evolved significantly since the first proposal in 2020. (Belloso/Petit, ELR 2023, 391-421). Within a short timeframe, a distinct doctrinal framework has emerged concerning the notions of contestability and fairness, partially diverging from traditional competition law concepts. It is now acknowledged by legal scholars, that the DMA pursues a distinct, yet somewhat related objective compared to European competition law (Zimmer, para 31). Compare for further references König, MüKo/Wettbewerbsrecht, 2023, Einl. DMA, para 18). This is not surprising, considering that the DMA is also influenced by other European legal acts, particularly data protection law and the Platform-to-Business regulation (P2B-Regulation) (Göhsl, pp. 265-269).

The concept of contestability revolves in essence around the idea of keeping affected markets open (Recital (33) of the DMA). It emphasizes that competitors with innovative business models should be able to challenge the offerings of gatekeepers, thus placing a higher value on dynamic competition. Fairness in the context of the DMA relates to addressing imbalances between the rights and obligations of business users, where gatekeepers gain a disproportionate advantage (Recital (34) of the DMA). In addition, a similar basic protection should also be provided to end users. Thus, the basic understanding of fairness is very broad and makes an individual context-specific interpretation necessary (Ibanez Colomo, JECLAP 2021, 561, 568-569; Petit, JECLAP 2021, 529, 535. In detail Göhsl, pp. 303-308).

On a more general level, it can be stated about the objectives of the DMA that the gatekeepers have a particularly increased responsibility for the business users and the end users who are dependent on the gatekeeper’s activities. Thus, the DMA aims to strengthen the rights of both groups of users: business users as well as end users (Zimmer). This can be achieved either indirectly by protecting users through increased competition or directly by protecting individual user groups without a reference to the competitive process. These various aspects must be kept in mind when analysing the investigation proceedings.

A first look at the non-compliance investigations

A closer look at the Commission’s investigation proceedings shows that all proceedings can be traced back to related competition law cases. However, only two proceedings – against Apple and Alphabet/Google – follow the same reasoning as their competition law role models, while the case against Meta reveals that the approaches in competition law and data protection law on the one hand and under the DMA on the other hand can and will deviate significantly.

The Apple and Google cases: Following the paths of competition law

The investigation against Apple, among other things, relates to restrictions on the existing possibilities for business users to distribute and advertise their offers to end users also outside of Apple’s core platform service (Art. 5(4) DMA – anti-steering rules). The Commission is also investigating possible further violations that could prevent end users of Apple products from switching to other offers (Art. 6(3) DMA).

Concerning Alphabet/Google, as well, the Commission is investigating allegations that the undertaking restricts the existing possibilities for business users to distribute and advertise their offers outside of the gatekeeper’s core platform service (Art. 5(4) DMA). In addition, the Commission is investigating whether measures by Alphabet, which are supposed to counteract a self-preferencing of its specialised services such as Google Shopping or Google Flights on the Google search engine are sufficient (Art. 6(5) DMA – so-called self-preferencing prohibition). In this regard, Google has already made extensive changes to prevent self-preferencing, so now, for example, the services Google Flights or Google Maps can no longer be accessed directly via the Google search engine. However, the Commission has doubts whether the measures taken by Alphabet are sufficient. Especially in the context of the workshops conducted, affected stakeholders expressed doubts about the effectiveness of the present measures.

These proceedings have their roots in competition law. They are both based on findings in competition cases. It seems that the proceedings against Apple are linked to the Apple Music streaming case, which was recently concluded by the Commission with the imposition of a billion euro fine. The proceedings against Alphabet go back to the self-preferencing framework, which was established in the Google Shopping case and was mostly upheld by the General Court. These proceedings show that there is a huge overlap between competition law and the DMA, which allows the transfer of knowledge from existing case law.

The Meta case: (Probably) leaving the paths of competition and data protection law

With respect to Meta, the Commission has initiated an investigation on the pay-or-consent model, which puts users in the position of either agreeing to a linking of their personal data obtained on various platforms or – in the absence of consent – paying a fee (Art. 5(2) DMA). In essence, the provision in Art. 5(2) DMA requires a gatekeeper to provide an equivalent less personalised alternative of their services, which does not rely on processing and cross-use of personal data. The provision is intended to ensure that end users have a real choice as to whether they consent to the processing of their personal data. Considering the statement by Commissioner Breton, the Commission seems to believe Art. 5(2) DMA requires companies to provide end users a free, less personalised offer of their services. Following this interpretation of Art. 5(2) DMA, Meta’s pay-or-consent model would constitute a rather obvious violation.

However, the Commission’s interpretation of Art. 5(2) DMA appears questionable in the light of a recent judgment of the CJEU in the German Facebook case. In its preliminary ruling, the CJEU had to decide about the relationship between data protection law and competition law. In particular, the CJEU had to deal with the question of the requirements for consent to the processing of personal data under Art. 6 of the GDPR and for the provision of an equivalent alternative of the service not accompanied by data processing operations if the data processing is carried out by an undertaking holding a dominant position. The CJEU (para 150) held that it is in line with data protection and also with competition law that an undertaking with a dominant market position charges, if necessary, a fee for such an equivalent alternative not accompanied by data processing operations. In other words, Meta’s pay-or-consent model does not per se violate data protection or competition law. Thus, the Commission’s narrow interpretation of Art. 5(2) DMA would lead to a deviation between the DMA and data protection as well as competition law. Considering that Art. 5(2) DMA directly refers to the consent mechanism in the GDPR, it is at least doubtful that the DMA requires more regarding the provision of the equivalent less personalised alternative than data protection law itself. Furthermore, this narrow interpretation interferes more with the gatekeeper’s business model than the other provisions of the DMA: Free access to gatekeeper services is otherwise alien to the DMA, which mostly relies on the concept of FRAND (fair, reasonable, and non-discriminatory) if access rights are provided (compare for example Art. 6(11), 6(12) DMA). Therefore, we see no reason, why this should not be the case for Art. 5(2) DMA (as here Botta/Borges). From our view, the real question should be, whether the demanded fee for the equivalent less personalised alternative is necessary and reasonable.

Despite these doubts, it remains to be said that this case has the potential to be the first example of a concrete divergence between the DMA and competition law as well as data protection law. It can be assumed that the questions raised here will be discussed intensively for some time to come.

Further thoughts and conclusion

One goal in the adoption of the DMA was to accelerate the enforcement procedures compared to those of competition law (Podszun, p. 10) This goal should be achieved primarily through a streamlined procedural law and has indeed (so far) been achieved. Above all, the compliance reports offer real added value. They have made it possible for the Commission to initiate investigations without major preliminary investigations. The procedural approach in the DMA therefore seems to work well and actually accelerate procedural processes. Notwithstanding, the non-compliance investigations that are now following will reveal whether the Commission can maintain a speedy enforcement when it really matters.

It is also noteworthy that the Commission decided to open immediate non-compliance investigations regarding potential violations of Art. 6 DMA instead of opening proceedings under Art. 8(2) DMA that would (only) lead to a specification of the obligations laid out under Art. 6 DMA. The obligations in Art. 6 DMA are by design susceptible to being further specified by the Commission. In the event of potential violations of Art. 6 DMA, the Commission has the choice of whether to open non-compliance or specification proceedings. However, the immediate opening of non-compliance proceedings could prove to be disproportionate in individual cases, where the legal situation is not obvious, as the Commission is bound by the principle of proportionality, which has its roots in the European Treaties (CJEU, Polhim, para 59 and CJEU, Traum, para 27) and Art. 52 of the European Charter (Compare for an in depth analysis of the problem Göhsl, Behördliche Durchsetzung des Digital Markets Acts und unternehmensinterne Umsetzung – eine Bestandsaufnahme nach den ersten Benennungsentscheidungen, in: Becker, Wettbewerb auf digitalen Märkten, Tagungsband, 2024 (forthcoming)). This argument is further accentuated by the fact that any non-compliance decision counts for the presumption of systematic non-compliance in Art. 18(3) DMA.

Somewhat less positive is the outlook on the realisation of the substantive goals of the DMA. The DMA should be largely self-enforcing due to a high degree of detail in the regulation. It could be doubted whether this goal can be achieved if three major investigations have to be opened within a month of the end of the implementation phase; and even more proceedings are in the pipeline. This could be a sign that the implementation of the “ex-ante” rules in the DMA alone is not sufficient to fundamentally change the behaviour of the gatekeepers. The gatekeepers seem (still) to consciously test the limits of the law. This does not necessarily mean that the regulation by the DMA is faulty because the behaviour of the gatekeepers can also simply stem from the fact that the DMA hits the core of their business activities. Thus, the gatekeepers have an extremely high incentive to fight for every conceivable aspect of their business model instead of voluntarily giving some parts of it up as this would mean foregoing considerable profit prospects. Therefore, it can be stated that at the substantive level, only a quick conclusion of the non-compliance investigations now initiated would bring real added value. Every concluded non-compliance investigation will help in clarifying the scope of the regulation. Increased clarity might ultimately induce gatekeepers to (final) “ex-ante” compliance. Especially the above-mentioned uncertainties regarding the Meta case reveal that the way to compliance – at least in some cases – might be longer than expected.