Digital Markets Act

KEY POINTS

The regulation designates certain large online platforms as ‘gatekeepers’ if they:

• have an annual turnover of a minimum of €7.5 billion in the European Union (EU) in the previous 3 years, or a market valuation of at least €75 billion;
• have at least 45 million monthly end users and at least 10,000 business users established in the EU;
• control one or more core platform services in at least three EU Member States;
• have a strong economic position and significant impact on the internal market;
• provide a core platform service, which is an important gateway for business users to reach customers;
• have an entrenched and durable position in the market, either now or in the near future.

Core platform services include, among other things:

• marketplaces
• app stores
• search engines
• social media
• cloud services
• advertising.

Gatekeepers must:

• allow third parties to interoperate with the gatekeeper’s services in some specific situations;
• allow their business users to access the data generated while using the gatekeeper’s platform;
• allow their business users to promote their product offering and conclude contracts with their customers outside the gatekeeper’s platform;
• provide tools and information to companies who advertise on their platform to carry out independent verification of their advertisements hosted by the gatekeeper.

Gatekeepers must not:

• treat the gatekeeper’s own services and products more favourably in ranking than similar offerings by third parties on the platform;
• track end users outside the gatekeeper’s core platform service to target advertising without consent;
• prevent developers from using third-party payment platforms for app sales;
• process users’ personal data for targeted advertising, unless consent is granted;
• pre-install certain software applications or prevent users from easily uninstalling them.

Compliance

The European Commission is the sole enforcer of the regulation, with an advisory committee and a high-level group set up to assist and facilitate its work.

When a large online company is identified as a gatekeeper, it has to comply with the rules of the regulation within 6 months.

If a gatekeeper violates the rules laid down in the regulation, it risks:

• a fine of up to 10% of its total worldwide turnover;
• a potential fine of up to 20% of its worldwide turnover for repeat offences;
• periodic penalty payments of up to 5% of its average daily turnover;
• non-financial structural remedies such as the selling-off of (parts of) its business, as a last resort for systematic failure to comply.

Implementing act

• Implementing Regulation (EU) 2023/814 sets out detailed rules for the conduct of certain proceedings by the Commission in implementing Regulation (EU) 2022/1925. These relate to aspects such as notification and submissions to the Commission, the opening of proceedings, the right to be heard, access to files, time limits and the transmission and receipt of documents.
• There are two annexes to Regulation (EU) 2023/814:
  • the first is a form relating to the notification for the purposes of gatekeeper designation (form GD) – information about the notifying undertaking, core platform services, quantitative thresholds, along with the declaration to be signed by or on behalf of the notifying undertaking (Annex I); and
  • the second includes the format and length of documents to be submitted to the Commission under Regulation (EU) 2022/1925 (Annex II) – this annex covers documents such as notifications, submissions of information, substantiated arguments, reasoned requests and replies to preliminary findings.

Amended directives

The regulation also amends two directives:

• Directive (EU) 2019/1937 on the protection of persons who report breaches of EU law (see summary);
• Directive (EU) 2020/1828 on the protection of the collective interests of consumers (see summary).