The European Union’s Digital Markets Act (DMA), designed to regulate Big Tech, supplements current antitrust laws that pursue case-by-case analyses of business conduct with general rules to block potentially anticompetitive behaviors. Detractors criticize the DMA for its lack of nuance. Supporters applaud its general principles as a necessary bulwark against Big Tech’s market powers, which current case-by-case analysis has been unable to rein in. However, neither side appreciates the true complexity of the DMA or how its principles interact to prevent anticompetitive behavior, writes Alba Ribera Martínez.
The European Union’s Digital Markets Act (DMA) is the first regulation of its kind to take on Big Tech to ensure contestable and fair digital markets. The regulation does so by mandating principles or obligations upon gatekeepers—firms that control access to digital platforms by providing at least one core platform service, such as search, social networking, or online intermediation services—that they must comply with, in the form of both prescriptions and proscriptions. For the moment, the regulatory instrument applies to six (extra-EU) designated gatekeepers: Alphabet, Apple, Amazon, ByteDance, Microsoft, and Meta. The DMA’s 23 obligations will be applicable starting March 7, 2024.
The prescriptive mandates require gatekeepers to take certain actions, such as technically enabling end users to easily uninstall app stores on their operating systems or providing effective interoperability of services and hardware with third-party soft- and hardware. The proscriptive provisions prevent gatekeepers from performing “harmful” conduct, such as tying the use of one service with the purchase of another service or using one’s platform to preference one’s own products over those of third-party vendors, as Amazon has been accused of doing.
Importantly, the DMA is distinct from the EU’s antitrust laws—Articles 101 and 102 of the Treaty on the Functioning of the EU (TFEU)—and aims to complement them. The distinction lies in the DMA’s strategy to regulate Big Tech. Whereas EU antitrust relies on a case-by-case analysis of conduct to determine potential harm in sanctioning proceedings, the DMA adopts a per se approach that depends on general principles to prevent anticompetitive behavior. The European Commission will apply the DMA in parallel to Articles 101 and 102 TFEU, and businesses will have to comply with both.
The regulation circumvents the core antitrust concept that prohibited conduct stemming from the finding of an antitrust breach based on a careful calculation of, for example, changes in consumer prices. With the DMA, the EC now only needs to show that conduct violates one of its 23 obligations to find an infringement of the regulatory instrument. Practically, the DMA reverses the burden of proof from the regulators to the gatekeepers. Big Tech plaintiffs must now demonstrate that their conduct complies with the premises and mandates of the DMA, rather than the EC having to prove conduct is anticompetitive through a sanctioning proceeding.
The scholarly debate around the DMA’s nature revolves around its reliance on the prohibition and imposition of general categories of conduct without the analysis of assessing whether those same conducts produce a procompetitive or anticompetitive impact in specific cases. Big Tech companies will not be able to overcome these per se obligations with showings of efficiencies.
Critics claim that the DMA rips nuance from compliance and that the DMA’s per se approach will harm society by preventing procompetitive conduct. Furthermore, many of the DMA’s regulations rely on principles whose procompetitive effects are highly contested in the antitrust literature, such as the prohibition on wide and narrow parity clauses or tying. For the critics, the regulatory and per se nature of the DMA represents a serious overreach on the part of the EC in its efforts to regulate Big Tech.
EC officials reply in the reverse that they are vested with wide discretion to interpret and apply the law without the constraints of the thresholds and standards of antitrust. To the DMA’s supporters, the same approach will sacrifice some procompetitive conduct to prevent much more anticompetitive conduct, a sacrifice that is necessary to allow antitrust enforcers to contest market power in the digital markets. The DMA’s 23 obligations will filter out almost all anticompetitive conduct when any one of those 23 obligations can raise a concern.
The arguments of both sides have their merits, but what both critics and supporters of the DMA overlook is that the regulation does not simply constitute a general and predetermined set of rules that apply en bloc to gatekeepers automatically and without a thread of nuance to them. Rather than a list of boxes that the gatekeepers must check off, the obligations present a complex interplay of mandated conduct in which no obligation can be read in isolation from the next.
The DMA in practice
Both the gatekeepers and the EU regulator must appreciate this intricacy. To do so, they should observe a layered approach to the DMA’s obligations based on two core ideas. First, the DMA’s obligations do not constitute an end in themselves. Rather, they point to the greater objective of pursuing contestable and fair markets. Second, the obligations cannot be read in a vacuum. Instead, the fulfillment of one serves to measure the fulfillment of the rest. Conversely, if one is not achieved, one knows a priori that the others haven’t been either.
For example, the DMA compels gatekeepers to provide business users with fair, reasonable, and non-discriminatory (FRAND) access to their software application programs, online search engines, and online social networking services. Another obligation prohibits gatekeepers from favoring (self-preferencing) their own services in ranking, indexing, and crawling. Although the obligations are separate in principle, they both work to achieve different strands of the broader objective of pursuing contestable and fair markets. The former strives to counterbalance the inequalities of power that normally confer a disproportionate advantage to the gatekeeper in setting prices or other conditions of access to its services for business users. The latter addresses the conflicts of interest that arise in vertically integrated digital environments that crystallize gatekeepers’ self-preferencing.
To illustrate the intertwining of these two obligations, consider the example of Apple’s App Store. In the past, Apple has imposed harsh burdens on third-party app developers if they wished to access its App Store, which today would violate the obligation of FRAND. Separately, Apple could rank (self-preference) its own apps over third-party apps, thus harming third-party users and competition. In both cases, Apple would be using its market power to harm third-party app vendors, and meeting one obligation could only be done effectively if the other were met, too.
This layered approach is particularly applicable to the DMA’s obligations surrounding the siloing of data. Three different obligations prohibit the cross-use, combination, and processing of personal data across platform services (Article 5(2)); prohibit the use of any data that is not publicly available and generated or provided by business users in the context of their platforms (Article 6(2)); and oblige gatekeepers to provide business users with the data they generated on the gatekeeper’s platforms (Article 6(10)). Together, these obligations seek to establish fair and competitive markets by opening up the gatekeepers’ trove of user data.
Furthermore, additional obligations pronounced in Article 6(9) protect the data of end users in their capacity as consumers, notably by establishing a right to data portability in which a platform user can request access to the data they generated on the platform in a legible manner. Because the protection of end-users’ data cannot practically be achieved unless gatekeepers are protecting the data of business users, as articulated in the previous three obligations, and vice versa, regulators can measure gatekeeper compliance with any one of these four obligations by studying compliance with any single obligation.
Once the end user requests and receives the data that it has generated on the gatekeeper’s services, they may well gain an all-encompassing view of the gatekeeper’s data operations. As such, the end user will have the capacity to check whether all the data is stored in only one file without distinguishing what data corresponds to what service. This hint may prompt a violation of the prohibition on gatekeepers to cross-use and combine personal data across core platform services.
A layered approach to the DMA reveals the troubles with treating the obligations in isolation from one another. Such an approach falls short of describing the intricate relationships and interdependent connections of business conduct. In a digital economy in which services and products overlap, the enforcement of digital regulation must likewise reflect this intertwined and complex nature.
Articles represent the opinions of their writers, not necessarily those of ProMarket, the University of Chicago, the Booth School of Business, or its faculty.
