Part I, 18 December 2023. In the autumn of 2022, a package of regulations adopted by the Commission and the European Parliament concerning digital services entered into force, namely:
the Digital Services Act (DSA),
and the Digital Markets Act (DMA).
The DSA and DMA regulations are intended to ensure the protection of users' rights and fair competition on the Internet.
Both regulations are being described as a "revolution on the web" comparable to the entry into force of the GDPR.
Will that really be the case?
In this part of the article, we will outline the circumstances and objectives behind the adoption of the new regulations and take a closer look at the DMA regulation.
Why were the new regulations adopted?
The DSA and DMA regulations form the two pillars of an EU reform aimed at addressing the imbalances that currently exist between the so-called cyber giants of the Internet and smaller platforms.
While the DSA focuses on protecting the online rights of ordinary Internet users, the DMA is addressed to the aforementioned cyber giants, and its purpose is to establish appropriate rules of competition and to curb unfair practices on the web.
In this part of the article, we will take a closer look at the DMA regulation, explain the term "cyber giants," indicate what new obligations and restrictions the new regulations impose on these entities, and what effects the implementation of the EU act may have in the near future.
Who are the "cyber giants"?
The DMA regulation addresses its provisions to "gatekeepers," commonly referred to as "cyber giants," who are to be designated on a case-by-case basis by the European Commission.
Cyber giants are platforms with a dominant market position.
In order for an entity to be classified as a "gatekeeper," it must, in accordance with the regulation, 1) provide one of the services specified in the DMA (for example, a cloud service or an online search engine), 2) exert a significant impact on the online market, and 3) hold an entrenched position in the activity it carries out.
The regulation assesses these criteria on the basis of, among other things, the level of annual turnover and the number of users held.
On 6 September 2023,
the European Commission designated six gatekeepers.
These are the companies behind the GAFA acronym: Google, Amazon, Facebook, Apple, as well as ByteDance and Microsoft 1.
These entities now have six months to comply with the obligations set out in the regulation in respect of each of the platform services they operate.
Prohibitions and obligations of the cyber giants. First and foremost, the DMA prohibits gatekeepers from: combining the personal data of users from various services and tracking them outside the platform service they provide for marketing purposes without obtaining the user's prior consent; in other words, combining information from services such as Facebook or YouTube that use Google Analytics will not be possible, and services such as Instagram or WhatsApp will not be able to use the data obtained in this way to create a single account for a person using them simultaneously.
This change is intended to limit online profiling, intrusive advertising practices, and above all the acquisition of a significant market advantage by certain platforms as a result of the data they hold about users; preferential treatment in ranking, within the service provided, of the products or services they offer themselves, which means that, for example, a phone running Apple's system will not be able to favour the Safari browser, and one running Android will not be able to favour the Google browser; a prohibition on forcing users to combine services exclusively from a platform's own offering or to log in using the same account to the services offered, in practice for example Google Play apps should not require a Gmail account; a prohibition on preventing or hindering the uninstallation of default applications or the changing of the default settings of the operating system, virtual assistant, and web browser, since these default settings may favour the cyber giants' own applications and services 2.
In addition to a long list of prohibitions, the DMA introduces a range of obligations for gatekeepers.
Among the most important are: the requirement to ensure the interoperability of online messaging services, which, to put it plainly, means that as a user of, for example,
WhatsApp, we should be able to communicate with a user of, for example,
Signal who does not have a WhatsApp account; fair cooperation with business users, whereby gatekeepers will be required to give their business users access to the data they generate while using their platform and to allow them to promote their offerings and conclude contracts with customers outside the platform; making information available to advertisers, whereby gatekeepers will provide companies advertising on their platform with the appropriate tools and information to enable them to independently verify their advertisements 3.
For non-compliance with the DMA's provisions, the European Commission may impose financial penalties on gatekeepers, including fines of up to 10% of total annual worldwide turnover, or, if a company has committed an infringement again, up to as much as 20%.
What impact might the DMA have on the largest online platforms and their users?
If the regulations are implemented by the largest players on the Internet, then, as a result of levelling the competitive playing field, we may soon expect a rise in innovation among mobile application providers.
Curbing the ability to make unlimited use of user data will lead to stronger online privacy.
In turn, breaking the monopoly of the largest app stores may translate into the possibility of reducing the commissions charged to app developers.
If you have further questions about the provisions of the DMA regulation, or you are wondering whether the DMA may affect the business you run, we invite you to get in touch.
We will be glad to answer your questions! https://digital-strategy.ec.europa.eu/pl/news/digital-markets-act-commission-designates-six-gatekeepers, accessed: 03.10.2023.
Regulation (EU) 2022/1925 of the European Parliament and of the Council of 14 September 2022 on contestable and fair markets in the digital sector and amending Directives (EU) 2019/1937 and (EU) 2020/1828 (Digital Markets Act) (OJ
EU.
L of 2022,
No. 265, p. 1). https://commission.europa.eu/strategy-and-policy/priorities-2019-2024/europe-fit-digital-age/digital-markets-act-ensuring-fair-and-open-digital-markets_pl#nowe-przepisy-w-skr%C3%B3cie, accessed: 02.10.2023.
Have a question?
Let's talk. A 20-minute conversation.
No briefs, no forms.
We'll answer you directly.
Book a call → See more articles
dotlaw is an AI-native law firm for technology companies. Specializations: AI Act, GDPR, MiCA, ISO 27001, IT contracts, M&A in tech.
Meet the author
