As the name suggests, DMA is for large online platforms, including the platforms that consumers and businesses interact with and use on a daily basis, including search engines, social media, technology providers online advertising, cloud computing and online messaging.
Globally, including in the US and EU, lawmakers and government agencies have raised concerns that major online platforms are able to “keep access and engage in anti-competitive behavior that negatively impacts both the daily lives of consumers and the ability of businesses to operate. The DMA is the EU’s effort to open up a fairer online market.
DMA does not come alone. As noted in our previous alert, the DMA was developed in close compliance with the Digital Services Act (“DSA”), together forming the “Digital Services Package”. The DSA applies to “digital services”, which broadly includes intermediary services, hosting services, online platforms and very large platforms. When implemented and effective in January 2024, the DSA will set the standard for fairness, transparency, and accountability requirements that online services must meet. Along the same lines, the DMA focuses on the regulation of anti-competitive and monopolistic behavior in the technology and online platform sectors (digital and mobile). The DMA is at the forefront of a global trend to view antitrust law as a way to regulate technology companies and online services.
In addition to anti-competition rules and prohibitions, the DMA also places the principles of processing personal data and minimizing data on the entities concerned.
Some of the most important aspects of the DMA are that it will require, among many requirements, that affected companies (1) allow end users to unsubscribe from online service as easily as registering; (2) obtain consent from end users if the relevant business tracks end users outside of the actual online service for the purpose of targeted advertising; and (3) allow third-party apps and app stores to interact with companies’ online service (eg, can no longer require users to use only relevant business apps and app stores) .
With the official adoption of the DMA, here is some essential information to help affected entities prepare for the implementation of the legislation.
Who does DMA impact?
Although the DMA is a component of the EU’s broad regulation on online platforms, it will only impose obligations on a small number of very large online platforms that act as ‘gatekeepers’. This contrasts with the DSA, which is likely to apply to a wider sample of businesses operating online.
These Gatekeepers, under the DMA, are essential online platforms, such as online search engines, marketplaces and social networks, which provide gateway services between consumers and businesses that have become indispensable to thousands of businesses and millions of users. Some of these platforms wield control over entire platform ecosystems in the digital economy and are structurally difficult to challenge or challenge by existing or new market operators, regardless of how innovative and efficient these market operators are. market. Accordingly, the likelihood increases that the underlying markets will not operate efficiently with respect to such entities.
Thus, the intention of the DMA (according to EU governing bodies) is to regulate these largely uncontestable platforms to circumvent these market failures, while opening markets to wider competition for the benefit of businesses and consumers. consumers.
To qualify as a Gatekeeper, a company must meet the DMA’s objective, quantitative and narrowly defined criteria. To obtain “Gatekeeper status”, the company must meet the following conditions:
(1) Significant impact on the internal market. The company must have an annual turnover in the EU greater than 7.5 billion euros, a market capitalization greater than 75 billion euros and it must provide the same basic platform service in at least least three Member States;
(2) Provide basic platform service for business users to reach end users. Company must have at least forty-five (45) million monthly active end users and ten thousand (10,000) annual business users in the EU; and
(3) Sustainable and stable market position. The company must have an established and sustainable position in the market, i.e. stable over time if the company has fulfilled the criteria of point (2) above during each of the three (3) last exercises.
Platforms and companies that meet these criteria are presumed to be a Gatekeeper and are required to notify the European Commission within two (2) months of meeting the thresholds. The Commission then appoints the company as Gatekeeper unless the company provides convincing evidence to the contrary. Gatekeeper status is then reassessed every three (3) years.
Obligations and restrictions
The DMA establishes obligations for Gatekeepers and describes what Gatekeepers can no longer do.
The bulk of the DMA’s regulatory requirements are to make it easier for other companies to promote their online offerings to end users on Gatekeeper platforms and to allow end users to access other services and similar online offers from third-party companies via the Gatekeeper. platforms. This essentially amounts to requiring Gatekeepers to allow more direct access and communication between third-party companies and consumers.
For example, the DMA requires Gatekeepers to (i) allow third parties to interact with the Gatekeeper’s own services in certain situations, (ii) allow their business users to access the data they generate while using them Gatekeeper’s Platform, (iii) provide companies that advertise on their Platform with the tools and information necessary for advertisers and publishers to conduct their own independent verification of their Gatekeeper-hosted advertisements, and (iv) allow their professional users to promote their offer and conclude contracts with their customers outside the Guardian’s platform.
Alternatively, Gatekeepers may no longer (i) treat services and products offered by Gatekeeper itself more favorably in ranking than similar services or products offered by third parties on Gatekeeper’s platform, (ii) prevent consumers from connecting to businesses outside of their platforms, (iii) preventing users from uninstalling any pre-installed software or applications, and (iv) tracking end users outside of Gatekeeper’s core platform service at targeted advertising purposes, without actual consent.
Impact on online advertising
Importantly, the DMA also implements personal data and tracking regulations that align closely with the EU data collection principles originally set out in the General Data Protection Regulation (“GDPR”).
Without obtaining the specific consent of the end user, Gatekeepers are prohibited from (i) processing personal data for advertising purposes if the personal data arises from an end user’s interactions with a third party using the platform or the Gatekeeper online service (e.g. end user does not have a direct connection to Gatekeeper); (ii) combine personal data obtained from a basic online platform service with personal data obtained from third-party services; (iii) use personal data obtained through one of the main Gatekeeper online platforms or services in the other Gatekeeper online platforms or services; and (iv) connect end users to other services provided by Gatekeeper for the purpose of combining personal data.
The above prohibitions and consent requirements relate to the GDPR data minimization principle – using the minimum amount of personal data and only for the purpose for which a company has informed the end user.
Gatekeepers will need to have consent mechanisms and procedures in place if they hope to continue the above data collection and processing practices for their own purposes and as part of the services they provide to third parties (for example, advertising and analytics services).
The European Commission, supported by national competition authorities, will enforce the DMA. The Commission alone will be empowered to prosecute and take decisions on infringements. The DMA sets maximum fines based on a percentage of a company’s overall annual revenue. If a Gatekeeper fails to comply with the DMA requirements, the Commission can impose fines of up to 10% of the company’s total worldwide annual revenue, and up to 20% for repeated violations . In addition, the Commission may impose periodic penalty payments of up to 5% of the Gatekeeper’s average daily turnover. In cases of systematic violation of DMA obligations, the Commission also has the power to impose additional corrective measures necessary to ensure compliance. These remedies may include behavioral and structural remedies such as the forced sale of parts of the business, or a ban on acquiring other businesses in the digital sector, but in all cases they must be proportionate to the infringement committed. .
Key points to remember
The DMA will be applicable from May 2023. This gives potentially affected entities approximately six (6) months to assess their Gatekeeper status and reinvigorate their compliance efforts. Once in force, the DMA aims to provide a fairer online business environment and intends to create new opportunities for innovators and tech start-ups to compete in the online platform environment without having to comply with terms. inequities limiting their development. Finally, the DMA foresees that consumers will have the choice between more and better services, more possibilities to switch providers, direct access to services and fairer prices. Simply put, the DMA plans to prevent Gatekeepers from engaging in unfair practices against businesses and customers who rely on them to gain an unfair market advantage.
#formally #passes #Digital #Markets #Act #target #anticompetitive #behavior #online #marketplace #Supra