The EU takes aim at gatekeepers
The Digital Markets Act and Digital Services Act
The EU wants to regulate the market power of so-called gatekeepers such as Google, Amazon and Apple in the future in favor of fair competitive conditions for digital companies. Two legislative packages are currently being developed for this purpose, the “Digital Services Act” and the “Digital Markets Act”. The EU Parliament and the Council of Ministers are not yet in agreement, but progress is being made.
The bill for the Digital Markets Act was already initiated in December 2020. On March 24, 2022, there was finally an initial agreement.
This agreement still needs to be officially adopted by the MEPs and member states, which will probably take some time.
A parallel project is the Digital Services Act (DSA), which was already adopted in the EU Parliament in January 2022.
Both bills are to be implemented in the form of a regulation once all negotiations have been concluded, which will then apply to all member states.
However, neither bill is expected to enter into force before 2023.
What does the Digital Markets Act regulate?
The Digital Markets Act aims to prevent companies from becoming gatekeepers in the first place before they are prosecuted under (antitrust) law. The regulations are aimed at timely and appropriate measures that make it more difficult for individual companies to expand their market power and prevent the development of competition.
Gatekeepers are defined as companies
that generate at least EUR 6.5 billion in annual sales in the European economic area,
- have more than 45 million end users per month and
- have more than 10 thousand commercial users.
In addition, they must have a significant influence in the single market, i.e., be active in business in several member states. This does not require the company to be based in the EU. Currently, about 10 to 15 companies meet these criteria, such as Google, Amazon, facebook, Apple & Co.
The determination of whether one is considered a gatekeeper company must first be made by the companies themselves. According to the DMA, companies are obliged to notify the EU Commission in this regard.
How will gatekeepers be regulated in the future?
- Gatekeepers must not create unfair conditions for other companies, business customers and consumers. Here, the regulator is guided by ongoing or completed investigation proceedings for abuse of market power.
- In the case of company takeovers, it should be possible to exercise more control so that smaller companies are not simply bought out of the market.
- Commercial users should be able to access customer and transaction data, but only that which they themselves generate on the gatekeeper platforms. This is currently not possible for merchants of sales platforms.
- One of the core requirements is the interoperability of messenger services. It should be possible to send messages between different providers in the future.
- There is no absolute ban on personalized advertising, but minors are to be given greater protection. Data aggregation without prior explicit consent will be prohibited.
- Gatekeepers are also no longer allowed to influence the search result display in order to place their own services and products higher, so-called self-preferencing.
- They may no longer prevent customers from contacting companies outside their platform.
In strict exceptional situations, it should even be permitted to break up gatekeeper groups if they repeatedly and systematically violate the requirements.
Otherwise, the DMA operates with fines of up to 10% of annual turnover. The EU Parliament even demanded a fine of up to 20% of annual sales. However, this demand did not meet with approval.
What does the Digital Services Act regulate?
Unlike the DMA, the Digital Services Act is not limited to gatekeeper companies, but is aimed at all digital services. Therefore, Internet providers, comparison or booking portals, app stores or cloud services are also included. The DSA aims to create a secure and trustworthy online environment for all.
To avoid disadvantages, the differences between the various services are taken into account as part of a tiered regulatory system within the DSA. The E-Commerce Directive (2000/31/EC) will also be partially superseded. It has become apparent that the member states have each introduced their own national regulations, resulting in a confusing patchwork of rules. The DSA would like to correct this.
The previous draft law is more comprehensive than the draft law on the DMA. It is aimed at protecting users.
Below, we provide a rough overview of the topics that will be regulated in the DSA in the future:
- Online marketplaces are to increasingly check the identity of their merchants to ensure product safety. Among other things, this will create new “due diligence obligations” for online marketplaces. The identity check will also enable brand owners to take better action against product counterfeiting. In addition, so-called trusted flaggers are to be used to make it easier to recognize reliable retailers.
- Large platform operators, so-called VLOPs (Very Large Online Platforms), are to carry out their own risk assessment at least once a year to check the impact of the dissemination of illegal or false content. They should be able to delete illegal or incorrect content or moderate it in a targeted manner. Recommendation systems will provide more reliable sources of information. In particular, host providers should be allowed to remove illegal content more quickly (notice-and-action system). However, the user will be given the opportunity to object before the content is deleted.
- The functioning of algorithms is to be made more transparent so that users have a better understanding of the technical and analytical processes. This should help them to understand search engines and their results.
- Personalized advertising directed at minors is to be completely prohibited. Users of legal age, on the other hand, will be able to decide for themselves whether personalized advertising is displayed to them or not. Very importantly, the processes in the background should be made transparent to users so that they can understand how certain advertising is displayed to them in the first place.
- Easily accessible reporting systems should make it easier for users and those affected to complain in the future.
With regard to VLOPs, the Commission reserves its own powers of investigation and intervention. Enforcement of the DSA, on the other hand, is a matter for the individual member states.
In the event of violations, a fine of 6% of the Group’s annual global sales is due.
It sounds good at first that large platform operators and gatekeepers are to be put on a leash to leave room for fair competition.
However, the planned regulations must also be viewed critically.
It is daring to create a completely new regulatory model without linking it to existing competition law regulations.
There is a risk of double prosecution, on the one hand under the regulation and on the other under European competition law regulations. In this context, it has also not yet been clarified in what proportion national antitrust law, above all Section 19a GWB, is to be applied.
With regard to the ban on personalized advertising to minors, it is unlikely that this will be implemented in practice, because ultimately there will be no verification of who actually uses the PC.
This also applies with regard to interoperability between the services, which may be technically feasible, but raises considerable data protection concerns regarding the uncontrolled transfer of data.
Since the DSA recognizes the use of upload filters, a renewed copyright discussion on the use of these filters could be sparked.
The DSA grants considerable scope for intervention in the case of false and illegal content. However, it has not yet been conclusively clarified which content is actually covered and who makes a corresponding assessment. This could lead to a restriction of freedom of speech and freedom of the press.
The EU’s hopes are high that the DMA and DSA will bring the greatest possible benefits for the regulation of the digital market economy. Some regulations will certainly contribute to this. But implementation remains to be seen. Since the negotiations have not yet been finalized, changes are still possible.
Nevertheless, it can already be stated that the scope of the rules to be observed will be strongly linked to the size of a company.
And of course it will be expensive and time-consuming for large companies to implement the new legal requirements.
Entry into force is not planned before 2023. With the planned transition period of 6-12 months, de facto implementation is therefore unlikely to occur until 2024.
We will be happy to keep you informed about further developments here.