WhatsApp is preparing to roll out third-party chat support

With a month away from the Digital Markets Act (DMA) deadline, WhatsApp is preparing to allow other messaging networks in its app. In an interview with Wired, Dick Brouwer, an engineering director at WhatsApp, said that the company is ready to offer interoperability on the platform with over 2 billion users. “There’s real tension between […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Spotify CEO Daniel Ek tells investors Apple’s DMA rules are a ‘farce,’ but says there are ‘future upsides’ too

Spotify, a notable Apple critic, unsurprisingly came out swinging after Apple announced how it was complying with the EU’s new regulation, the Digital Markets Act, or DMA, calling Apple’s plan “extortion” and a “complete and total farce.” But on its Q4 2023 earnings call with investors, Spotify CEO Daniel Ek took a more muted tone […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Setapp announces plans to launch an alt app store for EU users

App subscription service Setapp is preparing to launch as an alternative app store, as soon as new EU regulations come into effect next year. The company is betting on the EU’s Digital Markets Act’s (DMA) rules that should allow users to install third-party apps on iOS without having to go through Apple’s App Store.

However, how Apple chooses to interpret the new law remains unclear.

A December 2022 report from Bloomberg indicated Apple was preparing to allow alternative app stores on iPhones and iPads to come into compliance with the DMA, despite its ongoing concerns over the security issues involved with “sideloading” apps which can impact consumers’ safety and privacy. But, the report noted, the tech giant was still discussing other ideas about how this new system would work — perhaps even requiring these apps to be verified by Apple for a fee.

In the meantime, though, Setapp is moving forward with the assumption that Apple devices will ultimately have to support third-party app stores, and is working on plans to launch its own.

The company today offers an app subscription service where users pay a fee of $9.99 per month in order to gain access to over 240 apps for their Mac, including utilities, productivity software, customization tools, lifestyle applications, and more. Other plans include those which also offer apps for iOS devices ($12.49/mo), for power users with more devices ($14.99/mo), in addition to family plans and Setapp for teams.

For the new standalone app store, Setapp claims to have over 30 partners on board prepared to offer their apps, including Ulysses, Taskheat, NotePlan, PDFSearch, and Soulver, according to its press release. It’s also calling for more developers to submit their own.

The company aims to entice developers with better revenue shares than Apple provides. The company offers a 70/30 split with developers when customers use their app during the month, but it additionally shares 20% with developers who bring in new customers — that means developers have the potential to earn up to 90% from Setapp’s user fees every month.

“With 60% of developers interested in distributing their iOS apps through third-party app stores, we are excited to extend our support to iOS-only developers and provide them with a platform to grow users and add revenue streams”, said Oleksandr Kosovan, Founder and CEO of Setapp, in a statement.

The company is offering a waitlist for customers who want to hear about the new store when it launches.

‘GAFAM’ tech giants, ByteDance and Samsung expect to face EU’s rebooted antitrust regime

Seven tech giants have informed the European Union that its rebooted antitrust regime — the Digital Markets Act (DMA) — will apply to them.

The initial seven, the majority of whom are US-based giants, are: Alphabet (Google), Amazon, Apple, ByteDance (TikTok), Meta (Facebook), Microsoft and Samsung.

The DMA takes an ex ante approach to antitrust enforcement on major platforms that act as intermediaries between other digital businesses and consumers. It does this by laying out an up-front set of obligations and prohibitions which designated gatekeepers must abide by — with the threat of very large penalties (of up to 10% of global annual turnover) for non-compliance.

Examples of DMA ‘dos and don’ts’ that apply to gatekeepers include a ban on self preferencing and limits on how tech giants can use third party data, as well as a requirement to provide third parties with data their apps generate. App store gatekeepers also won’t be able to block sideloading nor require developers to use their own services (such as payment systems).

Tracking users for ads without their consent is also banned under the regime, among other stipulates.

In general, the EU hopes the DMA will level the competitive playing field online by proactively stamping on unfair/exploitative behaviors that tech giants have been indulging in for years by throwing their market muscle around.

The official designation of gatekeepers will be announced later this summer by the Commission — which has until September 6 to do so. This means more names could still technically be added to the list. Although the DMA is intended to target only the most powerful platforms so the list is unlikely to grow much.

Once confirmed falling under the regime, gatekeepers must ensure they are in compliance with the DMA six months after the official designations are announced — which means by spring 2024. Enforcements by the Commission on any rule breakers could then follow next year.

While the DMA list currently contains no European tech giants, homegrown travel booking behemoth, Booking.com, may end up making the cut later this year.

The platform told us it has not yet self notified as a gatekeeper, owing to the impact of COVID-19 on its business which it said meant it does not meet the DMA’s quantitative thresholds for the time period associated with the July 2023 submission deadline. It added that it is continuing discussions with the Commission on the applicability of the regulation to its business.

“We have communicated this to the European Commission,” a Booking spokeswoman said. “However, we expect that these thresholds will likely be met at the end of this year, in which case we would expect to notify the European Commission of that fact within the required deadlines.”

The DMA’s sister regulation, the Digital Services Act, applies more broadly than the DMA, as its name implies — with a full 19 platforms announced by the Commission back in April as falling under the strictest provisions of that regulation which aim to drive algorithmic accountability atop so-called very large online platforms (VLOPs) and search engines (VLOSEs).

Almost all self-notifying DMA gatekeepers have already been designated as VLOPs/VLOSEs under the DSA (Samsung is the only exception) — meaning the five ‘GAFAM’ US giants plus China’s ByteDance are set to face the strictest compliance requirements under the EU’s rebooted digital rulebook.

‘GAFAM’ tech giants, ByteDance and Samsung expect to face EU’s rebooted antitrust regime by Natasha Lomas originally published on TechCrunch

EU urged to reject ‘weak’ Amazon offer to end antitrust probe

A series of commitments offered by Amazon in the EU, where regulators are investigating competition concerns linked to its use of third party data, has been dubbed “weak, vague and full of loopholes” in a critical submission signed by a dozen civil society and digital rights groups, non-governmental organizations and trade unions.

The submission, which was made public today, goes on to urge the bloc’s regulators to reject Amazon’s proposals and press on with a full antitrust investigation of the two-sided marketplace. “We urge the European Commission to reject Amazon’s commitments outright and in full, and instead continue vigorously to pursue its antitrust cases against Amazon, imposing remedies and penalties (on the Commission’s own terms) as necessary,” the 12 signatories write.

The full list of signatories are as follows: Austrian Federal Chamber of Labour (AK Europa); Balanced Economy Project; Digitale Gesellschaft e.V.; European Public Services Union (EPSU); Foxglove; Goliathwatch; FairVote UK; LobbyControl; Simply Secure; Centre for Research on Multinational Corporations (SOMO); UNI Europa; and WEED (Weltwirtschaft, Ökologie & Entwicklung e.V.).

Their submission argues that much of what Amazon has proposed to try to settle the EU’s investigation into its handling of merchant data will be required under an incoming pan-EU law anyway — called the Digital Markets Act (DMA) — that’s expected to start applying from spring 2023, bringing in major penalties for non-compliance.

The incoming regulation reforms the bloc’s approach to competition enforcement around Big Tech — introducing up-front requirements for so-called “gatekeepers”, whose core platform services fall in-scope, in oft-complained-about areas like self-preferencing and data use.

But the signatories warn there’s a risk of a confusing “dual-track” of regulatory requirements opening up around the ecommerce giant if the Commission decides to accept Amazon’s commitments as it could soon be subject to the DMA. They also point out that “most” of what Amazon is offering will be required under the DMA anyway (such as a ban on self-preferencing; or restrictions on not using non-public data generated by business users) — asserting that Amazon is offering less extensive obligations, hence there’s a risk of one undermining the other.

“[T]he DMA’s obligations are more extensive than those offered by Amazon, and will be enforced by the Commission rather than by the company itself. From the point of view of both efficacy and rule of law, it is not appropriate for a private company to make voluntary commitments parallel to those that will imminently be imposed on it by European law,” the signatories argue, implying that, if accepted as is, the commitments could become a vehicle for Amazon to evade the full force of beefed up EU antitrust law (and the full sweep of associated obligations on its business).

“It should be made very clear that any commitments by Amazon cannot be used to prevent enforcement by the Commission based on the DMA,” they warn the Commission. “Moreover, accepting both Amazon’s commitments while simultaneously imposing obligations on it via the DMA would create a dual-track regulatory regime that would be confusing, inefficient and vulnerable to manipulation by Amazon.”

The signatories are also critical that Amazon is offering to apply the suggested commitments for only five years, arguing that such a short time — or, indeed, “any time horizon” on limits to its market power — is “unjustifiable”.

Their submission also calls for EU regulators to enforce “structural” remedies that put hard limits on Amazon’s market power — such as by legally separating its marketplace business from its retail and logistics operations — and to limit its ability to continue to build out market power through acquisitions of smaller entities. 

Additionally, the submission flags what it describes as “Amazon’s systematic labour rights violations” — arguing that the company’s”unfair business practices” extend to issues linked to compliance with working time laws, statutory and collectively agreed minimum wages and employee data protection throughout Europe. We therefore call on the Commission to also examine this aspect of competition law, which has so far often been at the expense of local businesses and workers,” they add. 

Amazon was contacted for a response to the critical submission but a spokesperson just reiterated an earlier statement in which the company took the opportunity to take a pot-shot at the DMA — writing:

“While we have serious concerns about the Digital Markets Act unfairly targeting Amazon and a few other U.S. companies, and disagree with several conclusions the European Commission made, we have engaged constructively with the Commission to address their concerns and preserve our ability to serve European customers and the more than 185,000 European small and medium-sized businesses selling through our stores. No company cares more about small businesses or has done more to support them over the past two decades than Amazon.”

In additional background remarks the tech giant flagged what it claimed has been a heavy investment by its business in Europe over the past two decades+, including directing an unspecified amount of money to the 900,000+ European independent sellers, authors, content creators, delivery providers, developers and IT solution providers it said work with across the region.

In 2020, Amazon also said that European SMEs selling on its marketplace recorded over €12.5BN in export sales.

Conflicts of interest

The EU’s probe of Amazon’s use of third party data has been public since 2019. The Commission published a first set of antitrust charges back in November 2020 — saying at the time that its preliminary conclusion was the ecommerce behemoth had abused its market position in France and Germany, its biggest markets in the EU, via its use of big data to “illegally distort” competition into online retail markets.

Last fall, news reports suggested Amazon was seeking to settle the EU investigation by offering concessions on how it operates. Then, earlier this summer, details of Amazon’s proposal were confirmed by the EU which published a summary — saying the company was offering concessions attached to how it uses third party seller data; around its programming of the influential Buy Box; and for Prime, its membership program (which links to Amazon’s own logistics business such as via preferential delivery options). 

Specifically, on marketplace seller data, Amazon offered to refrain from using non-public data relating to, or derived from, the activities of independent sellers on its marketplace, for its retail business that competes with those sellers. Re: the Buy Box, it proposed applying equal treatment to all sellers when ranking offers to make the selection for the Buy Box, as well as offering to display a second competing option to the winner in certain circumstances.

While, on Prime — which emerged as a second strand of the EU’s probe — Amazon offered to set non-discriminatory conditions and criteria for the qualification of marketplace sellers and offers to Prime; to let Prime sellers freely choose any carrier for logistics and delivery services (and negotiate terms directly); as well as offering not to use any information obtained through Prime about the terms and performance of third-party carriers, for its own (competing) logistics services.

However the 12 groups critical of Amazon’s proposals in the aforementioned submission argue that what it’s offered both does “not materially improve” the position of third-party sellers vis-à-vis the ecommerce giant and risks muddying the water around the application of the DMA.

“The commitments do not address the root causes of Amazon’s abuse of its dominant position, which are i) its sheer size, ii) its power over sellers and consumers iii) its control of a whole ecosystem of interrelated services generating fundamental conflicts of interest,” they argue.

“Commitments not to abuse market power generated by these conflicts are a pale shadow of what is needed: Elimination of those conflicts. In our view, the only way ultimately to eliminate these conflicts is structural legal remedies, such as legally separating Amazon’s marketplace from its retail and logistics operations.”

We reached out to the Commission with questions on the general concern raised by the signatories that there could be a risk of parallel requirements being introduced — given the incoming DMA — but at press time it had not responded to questions.

As regards structural remedies, the EU’s competition chief, Margrethe Vestager, has frequently signalled a reluctance to go so far in her big tech-related interventions — expressing a preference for alternatives such as putting controls around data use — so calls to break up Big Tech are likely to fall on deaf ears. However the EU’s digital strategy EVP and competition chief will certainly be keen for the DMA to arrive as both the shiniest and sharpest possible instrument in the bloc’s updated toolbox so warnings about muddying the legal waters may get more attention. 

Nonetheless, it remains to be seen which way the Commission will jump on the Amazon probe — which was opened prior to the draft DMA being presented.

The EU was soliciting and accepting feedback on Amazon’s suggested commitments up until last Friday. Its decision-making process continues — but now it will be assessing submissions and, ultimately, making a judgement call on whether Amazon’s offer is good enough to close out the investigation — or whether to ask for (or enforce) more substantial remedies on the ecommerce giant. 

Asked for a view on whether the Commission will be minded to accept Amazon’s commitments, a policy advisor who has been working with the NGOs for this submission flagged the public consultation process as a sign that EU lawmakers are looking at what Amazon has suggested seriously. Although he also argued they will likely be applying a sceptical eye — not least given some of the issues being raised in submissions such as this one but also as he suggested the Commission will be wary about preempting Amazon’s obligations under the DMA (which he said “touch on similar practices but are more comprehensive and now have a foundation in EU law”).

“If I had to make an educated guess, I think the Commission will eventually accept a set of commitments from Amazon but only after significant revisions based on DG COMP’s feedback,” Global Counsel’s Max von Thun added. “I would also expect them to make it explicit that Amazon — if designated as a gatekeeper [under the DMA] — will still have to demonstrate separately how they are complying with the DMA’s obligations, and perhaps even specify that the commitments will be superseded by the DMA obligations once they take effect in early 2024.”

EU urged to reject ‘weak’ Amazon offer to end antitrust probe by Natasha Lomas originally published on TechCrunch

Germany’s antitrust watchdog latest to probe Apple’s app privacy framework

A major privacy feature Apple launched last year, called App Tracking Transparency (ATT) — which requires third party apps to request permission from iOS users to track their digital activity for ad targeting — is facing another antitrust probe in Europe: Germany’s Federal Cartel Office (FCO) has just announced it’s investigating the framework over concerns that Apple could be breaching competition rules by self-preferencing or creating unfair barriers for other companies.

Last year, France’s antitrust regulator declined to pre-emptively block Apple from implementing ATT — but said it would be watching how Apple operates the feature. Poland also opened probe of the feature at the end of last year.

The UK’s Competition and Markets Authority (CMA) also set out concerns about Apple’s implementation of ATT in a deep dive mobile market study published last week. However the UK watchdog has so far deferred intervention over the feature — prioritizing other areas of Apple’s business to investigate (such as App Store rules) as it continues to wait for the government to enact a major competition reform targeting tech giants’ market power which was confirmed as incoming in November 2020 but is still pending legislation (that’s not now expected until next year at the earliest).

Germany is ahead of the curve here as its ex ante digital competition reboot came into force at the start of 2021 — targeting tech giants that are judged to have so-called “paramount significance for competition across markets” with tighter abuse controls.

Since then the FCO has been busy determining which giants the regime applies to — confirming, in a first decision in January, that Google meets the bar.

A number of other assessments are ongoing. And it’s still considering whether or not Apple’s business is in scope of the updated regime after opening a market power procedure last summer. But — as regards the ATT probe being announced today — the regulator says it’s taking action against conduct that “can possibly” be classified as meeting the definition for the ex ante powers to apply.

So it looks like the FCO is leaning towards a view that Apple will be in scope of the beefed up regime — and, consequently, trying to optimize  future enforcement by opening a probe of Apple’s tracking rules now that’s based on the updated law (specifically it cites Section 19a(2) sentence 1 of the updated competition act). Such parallel procedures should save time vs sequential working (i.e. if it waited for the market power procedure to complete first before probing ATT).

“In this context, the possibilities for Apple itself to combine data across services and users’ options regarding the processing of their data by Apple can be relevant, just like the question whether these rules may lead to a reduction of users’ choice of apps financed through advertising,” the FCO notes in a press release which gives some further hints of its concerns.

Commenting in a statement, Andreas Mundt, president of the regulator, added:

“We welcome business models which use data carefully and give users choice as to how their data are used. A corporation like Apple which is in a position to unilaterally set rules for its ecosystem, in particular for its app store, should make pro-competitive rules. We have reason to doubt that this is the case when we see that Apple’s rules apply to third parties but not to Apple itself. This would allow Apple to preference its own offers or impede other companies. Our proceeding is largely based on the new competencies we received as part of the stricter abuse control rules regarding large digital companies which were introduced last year (Section 19a German Competition Act — GWB). On this basis, we are conducting or have already concluded proceedings against Google/Alphabet, Meta/Facebook and Amazon.”

Apple was contacted for comment — and it sent this statement, attributed to a spokesperson:

“Apple believes in thriving and competitive markets, and through the App Store, we’ve helped millions of developers turn their brightest ideas into apps that change the world. In Germany alone, the iOS app economy supports hundreds of thousands of jobs and has given developers of all sizes the same opportunity to share their passion and creativity with users, while creating a secure and trusted place for customers to download the apps they love.

“Privacy has always been at the center of our products and features. At Apple, we believe that a user’s data belongs to them and they should get to decide whether to share their data and with whom. We have long believed in the power of advertising to connect businesses with customers — and that you can have great advertising with great privacy. App Tracking Transparency (ATT) simply gives users the choice whether or not they want to allow apps to track them or share their information with data brokers. ATT does not prevent companies from advertising or restrict their use of the first-party data they obtain from users with their consent.

“These rules apply equally to all developers — including Apple — and we have received strong support from regulators and privacy advocates for this feature. Apple holds itself to a higher privacy standard than almost any other company by providing users with an affirmative choice as to whether or not they would like personalized ads at all.

“We will continue to engage constructively with the FCO to address any of their questions and discuss how our approach promotes competition and choice, while protecting users’ privacy and security.”

European regulators’ concerns over ATT appear to be centered — not on the fact that Apple is requiring app developers to ask users for consent to track them, which has been acknowledged by several competition watchdogs as a privacy benefit for users — but rather on the concern that Apple is tilting the playing field by not applying the same user-facing process to its own ‘personalized’ ads, which do not trigger the ATT pop-up that’s been accused of generating friction for rivals’ ads.

For its part, Apple argues such a comparison is an unfair one — since it’s using first party (i.e. iOS user) data for ads; and further claims higher privacy standards vs third parties in how it targets ads.

However European antitrust regulators may take a different view, given their overriding focus on competition — and they could force Apple to make changes to how it implements ATT in these markets as they continue to scrutinze the operational detail.

For example, in a section in its mobile market report on Apple’s ATT privacy framework, the UK’s competition regulator writes: “It is clear that there are privacy benefits associated with the introduction of ATT as it enhances users’ privacy and control over their personal data and significantly improves developers’ compliance with data protection law, which requires developers to have user or subscriber consent to access information from their device” — before switching gears to assess “whether and to what extent ATT undermines the current model of advertising to users of mobile devices”; and discuss how its implementation “may benefit Apple’s own advertising services and reinforce its position in app distribution”, with the CMA concluding that Apple’s choice architecture for ATT is “potentially problematic”.

The UK regulator also goes on to raise concerns that Apple’s current implementation of ATT “is likely to result in harm to competition, make it harder for app developers to find customers and to monetise their apps, and ultimately harm consumers [by raising app prices and/or reducing quality/variety]”, adding: “[W]e consider that there are a number of ways in which the potential competition harms of ATT could be mitigated while retaining the benefits in terms of user choice and privacy.”

Another recent regulatory development is hanging over tech giants operating in the region: Incoming changes to European Union competition law aimed at setting ‘rules of the road’ for how so called Internet gatekeepers must do business — which are set to pre-emptively ban stuff like self-preferencing — were agreed earlier this year; and are due to come into force in Spring 2023.

EU’s new rules for Big Tech will come into force in Spring 2023, says Vestager

The European Union’s flagship reform for tackling Big Tech platform power, the Digital Markets Act (DMA), will come into force in early 2023, Commission EVP Margrethe Vestager has said — rowing back from an earlier suggested timeframe of this fall.

But she also implied that enforcements against unruly Internet “gatekeepers” could flow soon after the regulation is in place.

“The DMA will enter into force next spring and we are getting ready for enforcement as soon as the first notifications come in,” Vestager said today in a speech to the International Competition Network conference in Berlin.

“This next chapter is exciting. It means a lot of concrete preparations,” the EU’s competition chief went on. “It’s about setting up new structures within the Commission, pooling resources from DG Comp [Directorate-General for Competition] and Cnect [Directorate-General for Communications] based on relevant experience. It’s about hiring staff. It’s about preparing the IT systems. It’s about drafting further legal texts on procedures or notification forms. Our teams are currently busy with all these preparations and we’re aiming to come forward with the new structures very soon.”

EU lawmakers reached political agreement on the ex ante regulation back in March, paving the way for full adoption later this year of a draft law which was only proposed by the Commission at the end of 2020 — underscoring how much consensus there is across the bloc’s institutions of the need to rein in Big Tech.

However there has been some concern that the Commission will not be immediately ready for the new, centralized enforcement role it’s taking on as the DMA’s ‘sheriff’ of Big Tech — a role which will consist of assessing whether platform giants are sticking to the ex ante regulation’s long list of up-front ‘dos and don’ts’, which cover detailed (and sometimes technically complex) compliance obligations related to issues such as self-preferencing, FRAND terms, interoperability and portability, to name a few.

The Commission will also be responsible for taking effective enforcement action to bring any obligation-breaching gatekeepers quickly into line.

The tech giants that will be subject to the DMA have not yet been designated. But the criteria of “a core platform service” with “significant” impact on the EU’s internal market; a market capitalisation of at least €75BN (or an annual turnover of €7.5BN); at least 45M monthly end users in the EU and 10,000+ annual business users, as well as an entrenched market position means the usual GAFAM giants are certainly in the frame. 

Vestager herself has previously implied the task of effectively enforcing the incoming rules against such well-resourced tech giants will be difficult — citing, earlier this year, the ongoing tug-of-war between the Netherlands’ antitrust authority and Apple over App Store rules — so her remarks today may be intended to subtly correct any perceived lack of confidence in the Commission’s understanding of its mission.

The slightly longer lead in time for the DMA coming into force also gives the EU more time to get properly ready, of course.

But more prep times inevitably means a longer runway before any enforcement is possible — which may redirect fresh criticism at the Commission as any delay in addressing glaringly obvious Big Tech breaches will bolster the critique that the EU failed to take the mission seriously enough for the legislation to have the sought for impact of ensuring digital markets remain (or, well, become) open and contestable fast.

The regulation provides for a three month notification period for gatekeepers to declare themselves to the Commission — and up to around two additional months for the EU’s executive body to confirm the designation — so there will still be a multi month period after the DMA enters into force before any enforcements are likely to flow.

Indeed, it could be fall 2023 before we see any real fireworks. So the Commission may quickly find itself taking flak that even its new ‘faster’ ex ante regulatory regime isn’t quick enough to put meaningful limits on the ‘move fast and break things’ Big Tech cartel.

Vestager’s speech also only tentatively frames the EU as being perhaps “slightly ahead” on the global stage when it comes to laying “the future of digital markets” with a “hybrid approach… in which both ex ante regulation and traditional competition tools will both play their part”.

Is that more subtle managing of expectations on her part? EU citizens can only wait to find out — but how long the Commission will leave consumers and markets waiting for DMA enforcement is the killer question.

A big chunk of Vestager’s speech at the ICN conference also focused on the need for wide-ranging cooperation between competition regulators to, as she argued it, effectively tackle the challenges posed by digital markets — a theme she’s often talked up before. Although cynics might say that linking the EU’s success here to global alignment with its regulatory approach smacks of pro-active buck passing — especially given the competition commissioner’s long stated preference for less radical remedies for tackling platform power in digital markets vs the stronger medicine of actually breaking tech giants up.

“For that next chapter, close cooperation with competition authorities, both inside and outside the EU will be crucial,” she emphasized today. “This is irrespective of whether they apply traditional enforcement tools or have developed their own specific regulatory instruments, like the German digital regulation. Close cooperation will be necessary because we will not be short of work and we will not be short of novel services or practices to look at. And the efforts needed at a global scale are enormous. So we will need to work together more than ever.”

Vestager suggested cooperation is already happening as part of preparatory work for the DMA — which she said will involve “discussing with national competition authorities our future cooperation within the DMA, as well as coordination between the DMA and existing national regulations”.

“Many of you will be watching the roll out of the DMA with great interest. This will be a mutual learning experience. The EU has worked hard to find the right balance, and I think we have come up with something that is tough but also very fair,” she also said, before schooling her audience that: “It goes without saying that the more we, as an international competition community, are able to harmonise our approach, the less opportunity there will be for global tech giants to exploit enforcement gaps between our jurisdictions.”

How Europe has expanded its bid to disrupt Big Tech

The European Union’s co-legislators reached political agreement on a major reform of digital competition rules late yesterday which will introduce up-front obligations and restrictions (literally a list of ‘dos and don’ts’) on the most powerful Internet giants — enforced by the threat of substantial fines and other types of penalties if they fail to meet the requirements.

The Digital Markets Act (DMA) is the bloc’s response to systemic misbehavior in digital markets over many years.

The regulation has been informed by a string of major EU antitrust cases against tech giants like Amazon, Google and Apple, and an accompanying frustration that Big Tech’s dominance has simply continued to entrench itself, as cases take years to conclude, leaving abuse largely unchecked in the meanwhile.

The EU’s habit of letting tech giants define their own remedies even when they do (finally) get hit with antitrust enforcement — with only a general pronouncement that identified infringements must stop — has also allowed platforms plenty of wiggle room to keep stacking their hand. (Hence the Commission having to intervene again, years later, in the Google Android case to pressure Google to drop a paid auction model which rivals had declaimed as unfair from the start.)

The DMA proposes to flip this hindsight-riven dynamic by fixing conditions up front and applying an expectation of compliance with fixed rules of the road for giants that fall in scope, with the goal of ushering in a new era of more proactive and effective tech regulation. The bloc’s conviction is that an ex ante competition regime will supplement the usual ex post antitrust procedures to ensure that digital markets remain fair and contestable.

Despite EU policymakers spending long years mulling whether and then how exactly to act, a formal legislative proposal was only presented in December 2020 — so it’s taken less than 18 months for the EU’s institutions to reach agreement on a provisional text. That looks remarkably fast, underlining how much consensus there is around Europe on the need to reign in Big Tech’s market power.

The EU has also doubled down — agreeing yesterday to expand the DMA’s asks on Big Tech, including with a new interoperability obligation for messaging platforms.

Whether the regulation will actually succeed in boosting competition in digital markets that remain dominated by core platform services is really the €75BN+ question.

The EU argues that having a common set of rules across the single market for Big Tech will foster innovation, growth and competitiveness, as well as supporting the scaling up of smaller platforms, SMEs and start-ups — who it suggests will benefit from the existence of a single, clear framework at EU level.

But some experts have expressed doubt about this thesis — arguing that the best way to improve competition in digital markets might be by encouraging more direct competition between gatekeeping giants themselves, which isn’t how the Commission has configured its approach.

Whether the DMA will do what the EU hopes, and stop platform giants from unfairly throwing their weight around at the same time as firing up fresh competition and innovation, is likely to take longer to assess than the relatively short order it took for the bloc to agree on the detail of the new regime. But one thing is clear: Change it coming — and it’s coming relatively fast.

Read on for a breakdown of key developments in the compromise reached between the European Council, parliament and Commission yesterday…

Who will the DMA apply to? 

The regulation will apply to intermediating platforms of a certain size and market cap which play a ‘gatekeeping’ role — meaning these are companies which get to set the ‘rules of play’ for other businesses and consumers via their platforms T&Cs and as a result of their market power.

Long standing examples given include search engines and social networks. Marketplaces and booking platforms also seem likely categories to fall in-scope.

The EU co-legislators also added virtual assistants and web browsers to the list, apparently with an eye on further future-proofing the regulation.

What are the criteria for being designated a gatekeeper? 

The EU institutions agreed to meet in the middle on this: The law will apply to tech giants with a market capitalisation of at least €75BN or an annual turnover of €7.5BN (rejecting a slightly lower threshold the Commission originally proposed and a higher one proposed by some MEPs).

Companies must also have at least 45M monthly end users in the EU and 10,000+ annual business users.

Likely suspects to fall in scope include Apple, Amazon, Google and Meta (Facebook). The European booking platform giant, Booking.com, may also joint the ex ante club. As might the Chinese ecommerce giant Alibaba.

It will be the Commission’s job to designate gatekeepers so there will be something of a front-loaded sprint of work once the regime starts operating for the EU to identify all the gatekeepers (and see off any legal challenges to a designation) before a segue into the wider, ongoing work of monitoring, investigations and enforcements.

What must gatekeepers do and not do to comply with the DMA? 

There’s a long list of requirements which the EU hopes will shape the behavior of market giants in a way that ensures digital market stay open and contestable (or, well, can be cracked open in cases where they may have already tipped).

Many of these have been maintained since the Commission’s original proposal — which we covered at the time here — or else have been strengthened and extended. A few new ones have also been added.

Articles 5 and 6 if the DMA are where these key lists appear.

One major new requirement introduced via the trilogue process is interoperability for messaging platforms.

This is focused on ‘basic’ functionality — such as the ability to send text messages, photos, video and files, rather than full feature parity. It will also start with one-to-one messaging; group chats will be phased in over two years and video calling/conferencing over four.

The way this will work is smaller messaging platforms will be able to request interoperability from gatekeepers (who will be obliged to provide it). But there is no obligation for such platforms to take up the entitlement; it’s their choice.

Their users would also need to choose to opt in to being able to send messages cross platform — and so users will not be forced to accept off-platform messages just because the service has elected to plug into the APIs of a gatekeeper. Hence the co-legislators talk about this being an “asymmetrical” interoperability requirement.

We understand there is no literal limitation in the DMA that would prevent a gatekeeper from requesting interoperability from another gatekeeper. But whether platform giants — such as Apple with its iMessage service or Facebook with Messenger — would choose to do so is a whole other question.

EU lawmakers emphasize that they are very focused on the security element of messaging interoperability — stipulating that all cross-platform comms must maintain the same level of security (so, for example, if it’s E2EE it cannot be lowered to a lesser level of encryption).

Beyond messaging, the bloc’s co-legislators only agreed to assess social media interoperability in the future — so for now that’s off the table, likely owing to perceived additional technical complexity.

They also agreed to set up a new high level advisor group to support the Commission with cross-cutting technical sectoral advice to support its work in areas like interoperability.

In another major new addition to the DMA stipulations, a parliamentary push to include limits on how personal data can be used for tracking ads survived the trilogue negotiations.

Moreover, there was further accord to ensure this issue will also be tackled in the DMA’s sister regulation, the more broadly applying Digital Services Act (which is still going through trilogue).

So the consensus here spans two separate (if linked) pieces of legislation. Which is notable given that the ads component was a late addition and given how much counter lobbying the tracking ads industry has done to try top evade limits.

As regards the DMA component of this, gatekeepers must gain explicit consent from users to combine their personal data for advertising — a provision that could finally force Meta (Facebook) to provide users in Europe with a choice not to be tracked and profiled when using its services.

There was also agreement between EU co-legislators on extending mandatory choice screens for consumers to pick their own preference of search engine, browser and virtual assistant — i.e. rather than gatekeepers being able to preselect or force use of their own products through bundling. Although lawmakers appear to have resisted calls to further widen the scope to other key services (such as email) as they were concerned about the risk of over-burdening the user experience.

Fair access rights to core services — originally in the DMA with a focus on third party developers and gatekeepers operating mobile app stores — has also been extended to cover search and social media.

This puts obligations on gatekeepers to be transparent about the terms they apply to business users and to offer a dispute settlement mechanism. (Idea being this will also help the Commission spot potentially unfair terms and/or behavior more quicker so it can tackle problems faster; but the Commission itself won’t be overseeing FRAND down to the level of an individual business’ Facebook page, for example.)

An obligation on mobile OSes to allow sideloading of apps and app stores has also been retained — but with some reworking to try to reach a compromise that balances consumer choice against security concerns like the risk of introducing malware (an argument that’s been repeatedly raised by tech giants like Apple in their lobbying against this provision).

The exact detail of this compromise isn’t clear but we understand it will involve somehow letting users define their own level of risk, such as by options available to them at the settings level.

Elsewhere, a ban on self-preferencing of gatekeepers’ own services, such as in content rankings they curate and present to users, remains intact; as does a stipulation that gatekeepers cannot block users from uninstalling preloaded apps, along with wider support measures to enable service switching — and plenty more besides.

What are the penalties gatekeepers face for non-compliance? 

Fines of up to 10% of global annual turnover can be levied on a gatekeeper for a breach of the regime — or up to 20% for repeated breaches.

The latter refers to a situation of systemic non-compliance which, as we understand it, is being defined as at least three non-compliance decisions over a period of eight years. (It would also require a legal test to be carried out that indicates the gatekeeper in question has maintained or strengthened their position.)

The DMA’s penalty regime also allows for non-financial penalties in the case of system infringements, retaining the possibility that the Commission could order structural remedies, such as the break up of a gatekeeper’s business empire.

That said, the regime looks explicitly intended to avoid such a one-way outcome as this power is very much held in deferred reserve (as a nuclear option; more to scare that it’s there than to use), with the bulk of enforcement resources set to be directed toward achieving compliance with the up-front market rules.

Furthermore, the Commission is able to engage in a regulatory dialogue with gatekeepers to ensure they understand the rules and requirements — so it can also push platforms to make changes that help them avoid fines in the first place.

However — for those gatekeepers that do decide to thumb their noise at the EU’s ex ante competition rules — another interesting addition to the DMA’s penalty pot is the possibility that a gatekeeper could be temporarily banned from making mergers and acquisitions.

It’s a step that looks geared towards preventing the phenomenon of killer acquisitions. But how long such an M&A ban might last isn’t clear.

During a press conference today, competition commissioner and EVP Margrethe Vestager talked around the topic, making passing reference to the recent Google-Fitbit acquisition (which completed last year) — and to conditions the EU had accepted for allowing that to go ahead (including a time-limited ban on Google using Fitbit health data for ad targeting), going on to note that the EU has been trying to look into more big tech acquisitions to assess effects “on the ground” and has already increased its merger enforcement as a result of that.

The DMA putting sanctions on gatekeepers that limit their ability to do M&A is appropriate within a behavioral framework, Vestager argued, also pointing to how many European startups are getting snapped up by big tech. “This entire legislation deals exactly with the behavior of the gatekeeper and how to make sure that markets remains competitive and of course here mergers play a role as we see it in our specific merger control,” she added.

As part of general DMA reporting requirements, all gatekeepers are required to notify the Commission in advance of M&A too.

Who will enforce the DMA?

The European Commission itself will be the sole enforcer — but its original proposal has been amended to allow a bigger involvement for national authorities on the investigation side.

That may, at least in part, be a measure of how much (new) work the Commission is taking on with the DMA.

Some joint-working with Member State agencies with relevant expertise could help lighten the load and expedite enforcements.

That said, if a national authority starts an investigation which the Commission subsequently picks up we understand that the national probe would be expected to end.

The Commission says it expects to need to add around 80 people to deal with the DMA workload. Some of this headcount will come from redeploying existing staff, others will be new hires — the latter with a focus on beefing up its technical expertise.

When does the Commission expect the DMA to come into force?

Some time in October is said to be “likely” — though not set in stone — at this stage.

The provisional text still needs to be checked over to produce a final legal document (in all the various EU languages) for approval by the Council and Parliament (the latter in a plenary vote). But the main hurdle to EU legislation is the political negotiation which concluded witjh agreement yesterday.

There is a six month period allowed for Member States to transpose the pan-EU regime into national legislation. So it may be that 2023 will be when we see the real DMA fireworks.

What has the reaction been to the plan so far? 

It’s been interesting to see how much shock/surprise and even horror greeted yesterday’s trilogue agreement announcement from US-based industry watchers — who seem not to have been paying attention to a flagship reform EU lawmakers proposed in detail years ago.

On the flip side, Europeans, both consumers and businesses, plus the myriad civil society groups that have been advocating for competition reform to untip digital markets for years, are sounding — broadly — supportive, while being very keen to remind the Commission that the best-crafted regulation is only as good as the quality of enforcement that accompanies it.

All eyes in the region will be on how the Commission executes on this sizeable challenge.

As regards more specific criticism, the measure that’s garnering the most criticism is the interoperability obligation for messaging apps — which is attracting flak from a technical and/or product experience point of view from some quarters, with concerns being raised about the potential impact on security or other safety specific processes which platforms may carry out in areas like abuse-monitoring or content moderation.

Concerns include that interoperability might introduce vulnerabilities and could also break delicate safety systems — at times combined with a strong dash of paranoia that the EU is trying to use competition reform as a pretext to, er, break strong encryption…

Again, though, it’s possible to find opposing technical views: The Europe-based messaging company Element — which develops apps atop the decentralized Matrix protocol — has been a keen proponent of interoperability from the start.

Albeit it was advocating for EU lawmakers to go further and adopt a standards-based approach, which would support more fully featured interoperability vs the open API route plus core functionality the Commission has opted for.

Even so, Element co-founder and COO, Amandine Le Pape, is still happy that (some) interoperability for messaging has been included in the DMA. “Any interoperability would be better than the current walled gardens,” she told us. “An open standard approach could come later, especially if it’s pushed bottom up by the industry which may eventually understand that by all speaking the same language it makes everyone’s life easier and more secure.”

Europe says yes to messaging interoperability as it agrees major new regime for big tech

Late Thursday the European Union secured agreement on the detail of a major competition reform that will see the most powerful, intermediating tech platforms subject to a set of up-front rules on how they can and cannot operate — with the threat of fines of up to 10% of global annual turnover should they breach requirements (or even 20% for repeat violations).

In three-way discussions between the European Council, parliament and Commission, which ran for around eight hours today, it was finally agreed that the Digital Markets Act (DMA) will apply to large companies providing “core platform services” — such as social networks or search engines — which have a market capitalisation of at least €75 billion or an annual turnover of €7.5 billion.

To be designated a so-called “gatekeepers”, and thus fall in scope of the DMA, companies must also have at least 45 million monthly end users in the EU and 10,000+ annual business users.

This puts US tech giants, including Apple, Google and Meta (Facebook), clearly in scope. While some less gigantic but still large homegrown European tech platforms — such as the music streaming platform Spotify — look set to avoid being subject to the regime as it stands. (Although other European platforms may already have — or gain — the scale to fall in scope.)

SMEs are generally excluded from being designated gatekeepers as the DMA is intended to take targeted aim at big tech.

The regulation has been years in the making — and is set to usher in a radically different ex ante regime for the most powerful tech platforms in contrast to the after-the-fact antitrust enforcement certain giants have largely been able to shrug off to date, with no discernible impact to marketshare.

Frustration with flagship EU competition investigations and enforcements against tech giants like Google — and widespread concern over the need to reboot tipped digital markets and restore the possibility of vibrant competition — have been core driving forces for the bloc’s lawmakers.

Commenting in a statement Andreas Schwab, the European Parliament’s Rapporteur for the file, said: “The agreement ushers in a new era of tech regulation worldwide. The Digital Markets Act puts an end to the ever-increasing dominance of Big Tech companies. From now on, they must show that they also allow for fair competition on the internet. The new rules will help enforce that basic principle. Europe is thus ensuring more competition, more innovation and more choice for users.”

In another supporting statement, Cédric O, French minister of state with responsibility for digital, added: “The European Union has had to impose record fines over the past 10 years for certain harmful business practices by very large digital players. The DMA will directly ban these practices and create a fairer and more competitive economic space for new players and European businesses. These rules are key to stimulating and unlocking digital markets, enhancing consumer choice, enabling better value sharing in the digital economy and boosting innovation. The European Union is the first to take such decisive action in this regard and I hope that others will join us soon.”

Key requirements agreed by the EU’s co-legislators include interoperability for messaging platforms, meaning smaller platforms will be able to request that dominant gatekeeper services open up on request and enable their users to be able to exchange messages, send files or make video calls across messaging apps, expanding choice and countering the typical social platform network effects that create innovation-chilling service lock in.

That could be hugely significant in empowering consumers who object to the policies of a giant like Meta, which owns Facebook Messenger and WhatsApp, but feel unable to switch to a rival since their social graph is held by the gatekeeper to actually leave without having to give up the ability to message their friends.

There had been some debate over whether messaging interoperability would survive the trilogues. It has — although group messaging interoperability is set to be phased in over a longer period than one-to-one messaging.

Speaking to TechCrunch ahead of today’s fourth and final trilogue, Schwab, emphasized the importance of messaging interoperability provisions.

“The Parliament has always been clear that interoperability for messaging has to come,” he told us. “It will come — at the same time, it also has to be secure. If the Telecoms Regulators say it is not possible to deliver end-to-end encrypted group chats within the next nine months, then it will come as soon as it is possible, there will be no doubt about that.”

Per Schwab, messenger services that are subject to the interoperability requirement will have to open up their APIs for competitors to provide interoperable messaging for basic features — with the requirement intentionally asymmetrical, meaning that smaller messaging services which are not in the scope of the DMA will not be required to open up to gatekeepers but can themselves connect into Big Tech.

“The first basic messaging features will be user-to-user messages, video and voice calls, as well as basic file transfer (photos, videos), and then over time, more features such as group chats will come,” noted Schwab, adding: “Everything must be end-to-end encrypted.”

Interoperability for social media services has been put on ice for now — with the EU co-legislators agreeing that such provisions will be assessed in the future.

In another important decision which could have major ramifications for dominant digital business models, the parliament managed to keep an amendment to an earlier version of the proposal — which means that explicit consent from users will be required for a gatekeeper to combine personal data for targeted advertising.

“Data combination and cross use will only be possible with explicit consent,” said Schwab. “This is especially true for the purpose of advertising and also applies to combination with third party data (e.g. Facebook with third parties). This means more control for users whether they want to be tracked across devices/services, even outside of the networks of Big Tech (hence the third party data), and whether they want to receive tracking ads.”

“Lastly, to avoid consent fatigue, Parliament will limit how many times Gatekeepers can ask again for consent if you refused it or withdrawn consent to these practices: Once per year. This has been very important to me — otherwise, consent would be meaningless if gatekeeper can simply spam users until they give in,” he added.

Another parliament-backed requirement which survived the trilogue negotiations is a stipulation that users should be able to freely choose their browser, virtual assistants or search engines when such a service is operated by a gatekeeper — meaning choice screens, not pre-selected defaults, will be the new norm in those areas for in scope platforms.

Although email — another often bundled choice which European end-to-end encrypted email service ProtonMail had been arguing should also get a choice screen — does not appear to have been included, with lawmakers narrowing this down to “the most important software”, as the Council put it.

Other obligations on gatekeepers in the agreed text include requirements to:

  • ensure that users have the right to unsubscribe from core platform services under similar conditions to subscription
  • allow app developers fair access to the supplementary functionalities of smartphones (e.g. NFC chip)
  • give sellers access to their marketing or advertising performance data on the platform
  • inform the European Commission of their acquisitions and mergers

And among the restrictions are stipulations that gatekeepers cannot:

  • rank their own products or services higher than those of others (aka a ban on self-preferencing)
  • reuse private data collected during a service for the purposes of another service
  • establish unfair conditions for business users
  • pre-install certain software applications
  • require app developers to use certain services (e.g. payment systems or identity providers) in order to be listed in app stores

The Commission will be solely responsible for enforcing the DMA — and it will have some leeway over whether to immediately  crack down on duty-breaching tech giants, with the text allowing the possibility of engaging in regulatory dialogue to ensure gatekeepers have a clear understanding of the rules (i.e. rather than reaching straight for a chunky penalty).

Today’s agreement on a provisional text of the DMA marks almost the last milestone on a multi-year journey towards the DMA proposal becoming law. But there are still a few hoops for European lawmakers to jump through.

It’s still pending approval of the finalized legal text by the Parliament and Council (but getting consensus agreement in the first place is typically the far harder ask). Then, after that final vote, the text will be published in the EU’s official journey and the regulation will come into force 20 days later — with six months allowed for Member States to implement it in national legislation.

EU commissioners will be holding a series of — doubtless very jubilant — briefings tomorrow to flesh out the finer detail of what’s been agreed so stay tuned for more analysis…