The digital markets act of the European Union – a legal revolution in the digital environment

Digital services in the modern technical-technological environment are of increasing importance both for the daily use of the Internet and the opportunities offered to ordinary users on the Internet, as well as in the performance of various economic activities and jobs for which various Internet platforms are used. Recognizing the importance of regulating the digital market and the obligations of participants in that market, the European Union adopted two regulations at the end of 2022 that regulate digital markets and digital services in the European Union. The first of these regulations is the Digital Markets Act of the European Union, which has been applicable since May 2, 2023. This Act was adopted in the form of a regulation and is directly applicable on the territory of all Member States of the European Union.

As the reasons for the adoption of this regulation, the European Parliament and the Council of the European Union point out at the very beginning that digital services and internet platforms perform an increasingly significant role in the economy, especially in the internal market, because they enable economic entities to reach users throughout the European Union, then facilitate cross-border trade and open completely new business opportunities for a considerable number of companies in the European Union, to the benefit of consumers in the European Union. At the same time, the essential services of the platform have a number of features that can be used by economic entities that provide them, which are characterized by low or almost no marginal costs for adding business users or end users, strong network effects, the ability to connect a large number of participants, vertical integration, benefits realized based on the use of data, etc. All these characteristics, in combination with certain unfair practices of companies providing core platform services, can significantly impair the possibility of unrestricted market competition in the field of core platform services, and ultimately affect the fairness of the commercial relationship between entities that provide such services, on the one hand, and business users or end users, on the other hand. Precisely for the stated reasons, the legislative bodies of the European Union decided to take a step forward in regulating the provision of digital services and especially internet platform services, to prevent unfair practices and set up a fairer ecosystem of internet platforms. Services provided for non-commercial purposes, such as certain cooperation projects, remain outside the scope of the Digital Markets Act.

The primary model through which the Digital Markets Act tries to regulate the digital environment and create more reasonable and equivalent conditions for all digital companies is the introduction of the status of so-called “gatekeeper”. The status of the gatekeeper is determined for the company in the following cases:

a) if the company has a significant impact on the internal market,

b) provide a core platform service which represents an important access point through which business users reach end users, and

c) retain a firm and constant position in the area of its business or is foreseeable it will retain such a position in the near future.

It is assumed that the conditions related to the significance of the impact on the internal market are met if the company generates an annual revenue at the level of the European Union corresponding to or exceeding the amount of 7.5 billion EUR during each of the previous three financial years or if its average market capitalization or equivalent fair market value was at least 75 billion EUR in the previous financial year, and if it provides the same basic platform service in at least three Member States.

When it comes to the requirement that the company is an important point of access through which business users reach end users, it is considered to be fulfilled if it provides the core service of a platform that in the previous financial year has at least 45 million monthly active end users established or located in the European Union, and at least 10 thousand annually active business users established in the European Union.

If the company that provides the core services of the platform reaches the specified thresholds, it is obliged to inform the European Commission about it without delay, and in any case within two months after those thresholds are reached. The company, along with the notification, submits to the European Commission the relevant information about the facts related to reaching the thresholds for qualification as a gatekeeper. Without undue delay and no later than within 45 working days after receiving complete information, the Commission determines the status of the gatekeeper for the company that provides the core services of the platform, and which reaches all the mentioned thresholds.

Since the qualification of a gatekeeper requires that the company provides core platform services, it is necessary to indicate which services it includes. The Act defines the core platform services any of the following:

(a) online intermediation services (e.g. Amazon, eBay, etc.),

(b) online search engines (e.g. Google, Yahoo, etc.),

(c) online social networking services (e.g. Facebook, Instagram, etc.),

(d) video sharing platform services (e.g. YouTube, Vimeo, etc.),

(e) number-independent interpersonal communication services (e.g. WhatsApp, Facebook Messenger, etc.),

(f) operating systems (e.g. Microsoft Windows, Apple iOS, etc.),

(g) web browsers (e.g. Chrome, Safari, etc.),

(h) virtual assistants (e.g. Google Assistant),

(i) cloud computing services (e.g. Google Cloud),

(j) online advertising services, including all advertising networks, ad exchanges and any other advertising intermediation services, provided by a company that provides any of the aforementioned platform services.

In September 2023, the European Commission has appointed six gatekeepers for the first time: Alphabet, Amazon, Apple, Byte Dance, Meta, and Microsoft. They were given a deadline of six months to ensure full compliance with the provisions of the EU Digital Markets Act, for each of their designated platform services, which means that the practical application of the Act to these entities will begin in March 2024, and thus this Act will come to life in practice.

The question arises as to list of the obligations of gatekeepers under the Digital Markets Act. In this regard, the Act stipulates the gatekeepers must not do the following:

(a) process, for the purpose of providing internet advertising services, the personal data of end users who use the services of third parties who use the core services of the gatekeeper’s platform,

(b) combine personal data from the relevant core platform service with personal data from any additional core platform service or from any other service provided by the gatekeeper or with personal data from third-party services,

(c) cross-use personal data from the relevant platform core service in other services that the gatekeeper separately provides, including other platform core services, and vice versa, nor

(d) log end users to other gatekeeper’s services to combine personal data.

The exception in which the gatekeeper will be permitted to undertake any of the listed actions related to the protection of personal data is if the end user has been provided the opportunity to make a choice or if the end user provided a consent in terms of Article 4, Item 11, and Article 7 of the EU General Data Protection Regulation (GDPR).

The gatekeeper may not prevent business users from offering the same products or services to end users through third-party online intermediation services or through its own direct online sales channels at prices or on terms that differ from those offered through the gatekeeper’s online intermediation services.

In addition, the gatekeeper allows business users free of charge to inform and promote offers to end users acquired through its basic platform service or through other channels, among others under various conditions, and to conclude contracts with those end users regardless of whether they use for this purpose, the core services of the gatekeeper.

Further, the gatekeeper permits end users to access and use content, subscriptions, features, or other products through its underlying Platform Services, including if such end users have acquired such products from a relevant business user without using the gatekeeper’s platform.

The gatekeeper may not require end users to use its identification service, web browser or payment service, or its technical services that support the provision of payment services, like payment systems for in-app purchases or require business users to use or offer that services or ensure interoperability with them, in the context of services provided by business users using the core services of that gatekeeper’s platform.

The gatekeeper provides information about every advertisement, i.e. which is displayed in the publisher’s space to all advertisers or publishers to whom the same provides internet advertising services or third parties authorized by advertisers or publishers, at the request of the advertiser or publisher, in relation to:

(a) the price and fees, including any deductions and surcharges, for each relevant internet advertising service provided by the gatekeeper,

(b) the fee paid to the publisher and the fee paid by the advertiser, including all deductions and surcharges, subject to the consent of the advertiser; and

(c) the criteria on the basis of which prices and fees are calculated.

Therefore, the Act contains a number of legal norms whose goal is to prevent self-preferencing, unfair practices of data use, and the promotion of interoperability, all in order to ensure a more significant degree of competition on the European digital market and prevent large companies from anti-competitive activities, abuse of market power and preventing new players from entering the market. By preventing unfair market practices of the gatekeeper, the freedom of information exchange and democracy in the modern digital environment is promoted.

Self-preferencing can manifest itself in several forms of behaviour in the digital market, such as manipulation of search results, privileged access to data, preferential treatment for customers using a first-party comparison product, preferential access to platform functions, tying and bundling, etc.

For example, there is a familiar case of manipulating search results, i.e. treating one’s own products and services more favourably than competitors’ products and services when ranking and indexing results in the Google Shopping case from 2017. In this case, the European Commission found that Google violated the provisions of EU Competition Act (Article 102 of the Treaty on the Functioning of the EU), by misusing its dominant position on the market, by giving preference to its own comparison-shopping service on its general search page (Google Shopping), compared to competing comparison-shopping services. The European Commission imposed a fine of 2.4 billion euros on Google, and the decision regarding the amount of the fine was confirmed by the General Court of the European Union.

As an example of impermissible self-preference in the form of binding and grouping, we can cite the case of Google Android. Google’s anti-competitive behaviour in this case was reflected in the following: first, Google required manufacturers to pre-install the Google Search and Google Chrome applications as a condition for licensing the Google Play Store. Furthermore, Google made payments to other manufacturers and mobile network operators only on the condition that they pre-installed the Google Search application on their devices. Finally, Google prevented manufacturers who wanted to pre-install Google apps from selling smartphones running alternative versions of Android that were not approved by Google (so-called “Android forks”). Therefore, it is a complex of conditioning and tying of products that are not mutually dependent, i.e., preventing the use of certain functions without using other products, which put other manufacturers in an unequal position. Such behaviour was qualified as tying and grouping, and Google was fined over 4 billion EUR.

Furthermore, the Act additionally defines the obligations of the gatekeeper and stipulates that in market competition with business users, the gatekeeper may not use data that is not publicly available, and that was generated or provided by those business users when using the relevant core services of the platform or the services provided together with or in support of the relevant platform core services, including data generated or provided by clients of those business users.

Gatekeeper also allows and technically enables end users to easily uninstall any software application on the gatekeeper’s operating system. Gatekeeper permits and technically enables the installation and effective use of third-party software applications or trade in third-party software applications that use its operating system or are interoperable with its operating system.

It is a particularly important obligation of the gatekeeper not to favour its own services and products over similar services or products of third parties when ranking and related indexing and searching for indexing purposes. In this regard, the gatekeeper is obliged to apply transparent, fair, and non-discriminatory conditions for such ranking.

The gatekeeper may not, technically or in any other way, limit the possibilities of end users to replace one software application and service, accessed through the core services of the gatekeeper’s platform, with others and subscribe to them, including the choice of Internet access services for end users.

There is, in addition, a considerable significance of gatekeeper’s duty to allow Service Providers and Hardware Providers free and effective interoperability and access for the purpose of interoperability with the same hardware and software features that are accessed or managed through the operating system or virtual assistant.

In the context of advertising obligations, the gatekeeper provides advertisers and publishers, as well as third parties authorized by advertisers and publishers, at their request and free of charge, access to its performance measurement tools and data that advertisers and publishers need to conduct their own independent verification advertising space.

The gatekeeper is also obliged to provide the end and business users, as well as third parties, with access to data as well as their portability, including personal data provided or generated by them through the use of the platform’s core services or services provided jointly with the platform’s core services or in support thereof services.

Further, the gatekeeper for business users applies fair, reasonable, and non-discriminatory general terms of access to its software application stores, Internet browsers and social network services, and for this purpose publishes general terms of access, including an alternative dispute resolution mechanism.

In addition, there is a whole series of obligations prescribed in relation to gatekeepers when talking about the interoperability of numerically independent interpersonal communication services (e.g. WhatsApp, Facebook Messenger, etc.), which are fulfilled successively, in a certain period after determining the status of gatekeepers.

Regarding the burden of proving compliance, the Act stipulates it is on the gatekeeper to ensure and prove compliance with the obligations from the Act, while the European Commission exercises supervisory and regulatory functions regarding the implementation of the obligations in question.

Related to this issue there is a whole series of mechanisms and powers of the Commission, as well as the obligations of gatekeepers, in order to enable the application of the provisions of the Act. As follows, for example, the Commission may, due to extraordinary circumstances, suspend the fulfilment of an obligation for the reasons specified in the Act, may decide to exempt the gatekeeper from a certain obligation due to national health or safety, while on the other hand, the gatekeeper has the obligation to submit and update reports on the measures implemented for the purpose of harmonizing with the Act. In addition, the Commission has the authority to conduct market research to determine the status of gatekeeper or other relevant data. For the purpose of exercising its powers, the Commission may request entrepreneurs and associations of entrepreneurs to provide all necessary information, then it may conduct an interview with any individual or legal person who agrees to it, conduct all necessary inspections, including entry to the premises, inspection of business books, access to the IT infrastructure, and order measures to eliminate established irregularities.

In case of non-compliance, the Commission can impose fines on the gatekeeper not exceeding 10% of its total worldwide income in the previous financial year. On the other hand, in order to achieve compliance, the Commission may issue a decision imposing periodic penalties that do not exceed 5% of the average daily income at the world level in the previous financial year per day, counting from the date specified in that decision, in order to enforce compliance with the prescribed measures.

The Act also regulates the cooperation of the Commission with the national authorities of the member states, including courts and authorities that enforce market competition rules.

Bearing in mind the previously stated observations regarding the Act, it can be concluded that the EU Digital Markets Act establishes a category of gatekeepers in which the most significant players in the market of digital services and internet platforms will be classified and prescribes obligations in order to establish a proper and non-discriminatory environment in this sphere, prevent the setting up of barriers to entry to the relevant market, and ultimately provide end users (whether they are business or “private” users) that their participation in the Internet environment and the use of gatekeeper services is under fair and reasonable conditions. In order to fulfil the stated goals, the European Commission is given broad powers to manage the application and impose repressive measures on those entities that do not comply with their obligations. Due to the fact that the first gatekeepers were appointed recently, and the practical application of the Act begins in March this year, it remains to be seen in which direction the implementation of the comprehensive regulation of rights and obligations on the digital market will go.

Autor: Igor Letica

About the author