Agreed in principle, the EU’s Digital Markets Act (DMA) aims to stamp out anti-competitive behavior by so-called “gatekeeper” companies, which provide services such as internet browsers, messaging, or social media. The DMA will apply to companies with a market capitalization of €75bn or annual turnover of €7.5bn — in reality, this means Google (Alphabet), Apple, Facebook (Meta), Amazon, and Microsoft (GAFAM).
Its sister legislation, the Digital Services Act (DSA), will apply to a wider array of tech companies and aims to curb illegal behavior and the spread of misinformation online. Together, the twin laws will give EU regulators greater control over tech companies’ operations than ever before.
“The agreement (on the DMA) ushers in a new era of tech regulation worldwide,” the European Parliament’s Internal Market and Consumer Protection Committee rapporteur Andreas Schwab said in a statement. “The Digital Markets Act puts an end to the ever-increasing dominance of Big Tech companies. From now on, they must show that they also allow for fair competition on the internet.”
In the US too, lawmakers are pushing for Congress to vote on a pair of bills — the American Innovation and Choice Online Act and the Open Apps Market Act — before the summer. Both bills received by partisan support from the House Judiciary Committee last year.
The EU’s DMA and proposed US laws have similar objectives: preventing Big Tech from preferencing their own services and products over other companies’ in search results, and banning app store operators from requiring the use of their own in-app payment systems. The DMA will also allow interoperability between platforms, such as enabling Signal users to message someone directly on WhatsApp. Companies will also be prevented from combining and cross-utilizing data from different business units and using it for targeted advertising.
The DSA attacks malicious information and behavior online, and gives the European Commission (EC) sweeping oversight powers over companies’ management of algorithms, content moderation and their responses to global crises. It will also introduce safeguards for the protection of minors and limit the use by tech companies (but not news websites) of sensitive personal data for targeted advertising – a measure which strikes at the heart of the business models of Google and Facebook, which rely heavily on advertising for revenue.
“The Digital Services Act will make sure that what is illegal offline is also seen & dealt with as illegal online — not as a slogan, as a reality,” EU Commissioner for Competition Margrethe Vestager tweeted when the deal was reached.
Companies found in breach of the DMA could be fined up to 10% of their global revenue, rising to 20% for repeat offenders, while those in breach of the DSA could be fined 6% of total revenue. The DSA will also see companies pay a yearly fee of 0.5% of annual worldwide revenue to cover the costs of compliance monitoring.
Why now ?
The new laws are a response to widespread dismay in the EU and abroad about the seemingly unstoppable spread of misinformation online in the wake of the pandemic, the rise of the QAnon conspiracy movement and increasing nefarious use of social media platforms to incite violence.
The regulatory changes also follow years of complaints from challenger companies about anti-competitive behavior by Big Tech. In 2019, Spotify filed a complaint with the EC that accused Apple of acting as “player and referee” to deliberately disadvantage other app developers. That complaint led to the EC charging Apple in 2021, and again in May 2022, with abusing its dominant market position in relation to music streaming services and wallets payments.
While Big Tech has moved to self-regulate some of these areas — the most obvious example being Twitter’s banning of former US President Donald Trump for inciting violence following last year’s attack on the US Capitol by insurrectionists — EU lawmakers believe a tougher stand is needed to protect citizens and to level the playing field. The legislation will reverse the onus on proving anti-competitive behavior from the EC and place it squarely with Big Tech.
The moves also follow the Chinese government’s 2021 regulatory crackdown on its own monolithic tech companies, which has seen major players like Alibaba slapped with massive fines for anti-competitive behavior, and which has forced interoperability between different companies’ platforms.
What’s the reaction been?
The new regulations come despite two years of intense — and largely unsuccessful — lobbying of EU lawmakers by Big Tech; the GAFAM companies increased spending on lobbying activities in Brussels in 2021, with Apple nearly doubling its spending on lobbying to €7m.
In the US, Apple, Amazon, Meta, and Google spent $15.8m lobbying Congress in the first quarter of 2022, according to Axios. They argue the antitrust bills would undermine national security, compromise user privacy and give China a leg up.
“In Washington and elsewhere, policy makers are taking steps in the name of competition that would force Apple to let apps on the iPhone that circumvent the app store through a process called sideloading,” Apple CEO Tim Cook told the IAPP Global Privacy Summit in April.
“That means data hungry companies would be able to avoid our privacy rules and once again track our users against their will. It would also potentially give bad actors a way around the comprehensive security protections that we have put in place, putting them in direct contact with our users and we have already seen the vulnerability that creates on other companies’ devices.”
Head of WhatsApp Will Cathcart has expressed concerns about interoperability undermining security and privacy. Google, although it has raised concerns about the DMA stifling innovation, it has already begun complying, allowing Spotify to use its own payment system in its Android app. Microsoft, along with many smaller companies, has welcomed the DMA.
“Open platforms are important to innovate for the future and the new European gatekeeper rules will ensure that large online intermediaries, including Microsoft, do more to adapt and make #TechFit4Europe,” Microsoft vice president European Government Affairs Casper Klynge said.
What's next ?
After passage by parliament, the EU’s antitrust laws will come into force in October this year, and the Digital Safety Act in 2024. Experts say the impact of the new regulatory regime will ripple far beyond the borders of the EU — even if US lawmakers fail to act on either issue.
“The EU is one of the world’s largest and most affluent consumer markets, and multinational corporations accept compliance with EU regulations as the price for doing business in Europe,” intelligence firm Pamir Consulting EVP Mercy Kuo told The Diplomat. “But corporations prefer uniformity and, as a result, often voluntarily extend these EU rules to their global operations to avoid the costs of complying with multiple regulatory regimes.”
In the US, pressure is mounting on lawmakers to act on both antitrust and online safety. During a recent speech to Stanford University’s Cyber Policy Center, former President Barack Obama threw his weight behind the need for tougher regulation of Big Tech, suggesting the DSA could be a model for the US.
“Some companies have been taking the next step in managing toxic content, experimenting with new product designs that, to use just one example, add friction to slow the spread of potentially harmful content,” Obama said. “That kind of innovation is a step in the right direction. It should be applauded, but I also think decisions like this shouldn’t be left solely to private interests.”
Big Tech, once a law unto itself, is now preparing to submit to the same community standards as the rest of us. What impact that will have on the platforms — and our interactions with them — remains to be seen.