Choose the experimental features you want to try

This document is an excerpt from the EUR-Lex website

Document 32022R1925

    Regulation (EU) 2022/1925 of the European Parliament and of the Council of 14 September 2022 on contestable and fair markets in the digital sector and amending Directives (EU) 2019/1937 and (EU) 2020/1828 (Digital Markets Act) (Text with EEA relevance)

    PE/17/2022/REV/1

    OJ L 265, 12.10.2022, p. 1–66 (BG, ES, CS, DA, DE, ET, EL, EN, FR, GA, HR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)

    Legal status of the document In force

    ELI: http://data.europa.eu/eli/reg/2022/1925/oj

    12.10.2022   

    EN

    Official Journal of the European Union

    L 265/1


    REGULATION (EU) 2022/1925 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

    of 14 September 2022

    on contestable and fair markets in the digital sector and amending Directives (EU) 2019/1937 and (EU) 2020/1828 (Digital Markets Act)

    (Text with EEA relevance)

    THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,

    Having regard to the Treaty on the Functioning of the European Union, and in particular Article 114 thereof,

    Having regard to the proposal from the European Commission,

    After transmission of the draft legislative act to the national parliaments,

    Having regard to the opinion of the European Economic and Social Committee (1),

    Having regard to the opinion of the Committee of the Regions (2),

    Acting in accordance with the ordinary legislative procedure (3),

    Whereas:

    (1)

    Digital services in general and online platforms in particular play an increasingly important role in the economy, in particular in the internal market, by enabling businesses to reach users throughout the Union, by facilitating cross-border trade and by opening entirely new business opportunities to a large number of companies in the Union to the benefit of consumers in the Union.

    (2)

    At the same time, among those digital services, core platform services feature a number of characteristics that can be exploited by the undertakings providing them. An example of such characteristics of core platform services is extreme scale economies, which often result from nearly zero marginal costs to add business users or end users. Other such characteristics of core platform services are very strong network effects, an ability to connect many business users with many end users through the multisidedness of these services, a significant degree of dependence of both business users and end users, lock-in effects, a lack of multi-homing for the same purpose by end users, vertical integration, and data driven-advantages. All these characteristics, combined with unfair practices by undertakings providing the core platform services, can have the effect of substantially undermining the contestability of the core platform services, as well as impacting the fairness of the commercial relationship between undertakings providing such services and their business users and end users. In practice, this leads to rapid and potentially far-reaching decreases in business users’ and end users’ choice, and therefore can confer on the provider of those services the position of a so-called gatekeeper. At the same time, it should be recognised that services which act in a non-commercial purpose capacity such as collaborative projects should not be considered as core platform services for the purpose of this Regulation.

    (3)

    A small number of large undertakings providing core platform services have emerged with considerable economic power that could qualify them to be designated as gatekeepers pursuant to this Regulation. Typically, they feature an ability to connect many business users with many end users through their services, which, in turn, enables them to leverage their advantages, such as their access to large amounts of data, from one area of activity to another. Some of those undertakings exercise control over whole platform ecosystems in the digital economy and are structurally extremely difficult to challenge or contest by existing or new market operators, irrespective of how innovative and efficient those market operators may be. Contestability is reduced in particular due to the existence of very high barriers to entry or exit, including high investment costs, which cannot, or not easily, be recuperated in case of exit, and the absence of, or reduced access to, some key inputs in the digital economy, such as data. As a result, the likelihood increases that the underlying markets do not function well, or will soon fail to function well.

    (4)

    The combination of those features of gatekeeper is likely to lead, in many cases, to serious imbalances in bargaining power and, consequently, to unfair practices and conditions for business users, as well as for end users of core platform services provided by gatekeepers, to the detriment of prices, quality, fair competition, choice and innovation in the digital sector.

    (5)

    It follows that the market processes are often incapable of ensuring fair economic outcomes with regard to core platform services. Although Articles 101 and 102 of the Treaty on the Functioning of the European Union (TFEU) apply to the conduct of gatekeepers, the scope of those provisions is limited to certain instances of market power, for example dominance on specific markets and of anti-competitive behaviour, and enforcement occurs ex post and requires an extensive investigation of often very complex facts on a case by case basis. Moreover, existing Union law does not address, or does not address effectively, the challenges to the effective functioning of the internal market posed by the conduct of gatekeepers that are not necessarily dominant in competition-law terms.

    (6)

    Gatekeepers have a significant impact on the internal market, providing gateways for a large number of business users to reach end users everywhere in the Union and on different markets. The adverse impact of unfair practices on the internal market and the particularly weak contestability of core platform services, including the negative societal and economic implications of such unfair practices, have led national legislators and sectoral regulators to act. A number of regulatory solutions have already been adopted at national level or proposed to address unfair practices and the contestability of digital services or at least with regard to some of them. This has created divergent regulatory solutions which results in the fragmentation of the internal market, thus raising the risk of increased compliance costs due to different sets of national regulatory requirements.

    (7)

    Therefore, the purpose of this Regulation is to contribute to the proper functioning of the internal market by laying down rules to ensure contestability and fairness for the markets in the digital sector in general, and for business users and end users of core platform services provided by gatekeepers in particular. Business users and end users of core platform services provided by gatekeepers should be afforded appropriate regulatory safeguards throughout the Union against the unfair practices of gatekeepers, in order to facilitate cross-border business within the Union and thereby improve the proper functioning of the internal market, and to eliminate existing or likely emerging fragmentation in the specific areas covered by this Regulation. Moreover, while gatekeepers tend to adopt global or at least pan-European business models and algorithmic structures, they can adopt, and in some cases have adopted, different business conditions and practices in different Member States, which is liable to create disparities between the competitive conditions for the users of core platform services provided by gatekeepers, to the detriment of integration of the internal market.

    (8)

    By approximating diverging national laws, it is possible to eliminate obstacles to the freedom to provide and receive services, including retail services, within the internal market. A targeted set of harmonised legal obligations should therefore be established at Union level to ensure contestable and fair digital markets featuring the presence of gatekeepers within the internal market to the benefit of the Union’s economy as a whole and ultimately of the Union’s consumers.

    (9)

    Fragmentation of the internal market can only effectively be averted if Member States are prevented from applying national rules which are within the scope of and pursue the same objectives as this Regulation. That does not preclude the possibility of applying to gatekeepers within the meaning of this Regulation other national rules which pursue other legitimate public interest objectives as set out in the TFEU or which pursue overriding reasons of public interest as recognised by the case law of the Court of Justice of the European Union (‘the Court of Justice’).

    (10)

    At the same time, since this Regulation aims to complement the enforcement of competition law, it should apply without prejudice to Articles 101 and 102 TFEU, to the corresponding national competition rules and to other national competition rules regarding unilateral conduct that are based on an individualised assessment of market positions and behaviour, including its actual or potential effects and the precise scope of the prohibited behaviour, and which provide for the possibility of undertakings to make efficiency and objective justification arguments for the behaviour in question, and to national rules concerning merger control. However, the application of those rules should not affect the obligations imposed on gatekeepers under this Regulation and their uniform and effective application in the internal market.

    (11)

    Articles 101 and 102 TFEU and the corresponding national competition rules concerning anticompetitive multilateral and unilateral conduct as well as merger control have as their objective the protection of undistorted competition on the market. This Regulation pursues an objective that is complementary to, but different from that of protecting undistorted competition on any given market, as defined in competition-law terms, which is to ensure that markets where gatekeepers are present are and remain contestable and fair, independently from the actual, potential or presumed effects of the conduct of a given gatekeeper covered by this Regulation on competition on a given market. This Regulation therefore aims to protect a different legal interest from that protected by those rules and it should apply without prejudice to their application.

    (12)

    This Regulation should also apply without prejudice to the rules resulting from other acts of Union law regulating certain aspects of the provision of services covered by this Regulation, in particular Regulations (EU) 2016/679 (4) and (EU) 2019/1150 (5) of the European Parliament and of the Council and a Regulation on a single market for digital services, and Directives 2002/58/EC (6), 2005/29/EC (7), 2010/13/EU (8), (EU) 2015/2366 (9), (EU) 2019/790 (10) and (EU) 2019/882 (11) of the European Parliament and of the Council, and Council Directive 93/13/EEC (12), as well as national rules aimed at enforcing or implementing those Union legal acts.

    (13)

    Weak contestability and unfair practices in the digital sector are more frequent and pronounced for certain digital services than for others. This is the case in particular for widespread and commonly used digital services that mostly directly intermediate between business users and end users and where features such as extreme scale economies, very strong network effects, an ability to connect many business users with many end users through the multisidedness of these services, lock-in effects, a lack of multi-homing or vertical integration are the most prevalent. Often, there is only one or very few large undertakings providing those digital services. Those undertakings have emerged most frequently as gatekeepers for business users and end users, with far-reaching impacts. In particular, they have gained the ability to easily set commercial conditions and terms in a unilateral and detrimental manner for their business users and end users. Accordingly, it is necessary to focus only on those digital services that are most broadly used by business users and end users and where concerns about weak contestability and unfair practices by gatekeepers are more apparent and pressing from an internal market perspective.

    (14)

    In particular, online intermediation services, online search engines, operating systems, online social networking, video sharing platform services, number-independent interpersonal communication services, cloud computing services, virtual assistants, web browsers and online advertising services, including advertising intermediation services, all have the capacity to affect a large number of end users and businesses, which entails a risk of unfair business practices. Therefore, they should be included in the definition of core platform services and fall into the scope of this Regulation. Online intermediation services can also be active in the field of financial services, and they can intermediate or be used to provide such services as listed non-exhaustively in Annex II to Directive (EU) 2015/1535 of the European Parliament and of the Council (13). For the purposes of this Regulation, the definition of core platform services should be technology neutral and should be understood to encompass those provided on or through various means or devices, such as connected TV or embedded digital services in vehicles. In certain circumstances, the notion of end users should encompass users that are traditionally considered business users, but in a given situation do not use the core platform services to provide goods or services to other end users, such as for example businesses relying on cloud computing services for their own purposes.

    (15)

    The fact that a digital service qualifies as a core platform service does not in itself give rise to sufficiently serious concerns of contestability or unfair practices. It is only when a core platform service constitutes an important gateway and is operated by an undertaking with a significant impact in the internal market and an entrenched and durable position, or by an undertaking that will foreseeably enjoy such a position in the near future, that such concerns arise. Accordingly, the targeted set of harmonised rules in this Regulation should apply only to undertakings designated on the basis of those three objective criteria, and they should only apply to those of their core platform services that individually constitute an important gateway for business users to reach end users. The fact that it is possible that an undertaking providing core platform services not only intermediates between business users and end users, but also between end users and end users, for example in the case of number-independent interpersonal communications services, should not preclude the conclusion that such an undertaking is or could be an important gateway for business users to reach end users.

    (16)

    In order to ensure the effective application of this Regulation to undertakings providing core platform services which are most likely to satisfy those objective requirements, and where unfair practices weakening contestability are most prevalent and have the most impact, the Commission should be able to directly designate as gatekeepers those undertakings providing core platform services which meet certain quantitative thresholds. Such undertakings should in any event be subject to a fast designation process which should start once this Regulation becomes applicable.

    (17)

    The fact that an undertaking has a very significant turnover in the Union and provides a core platform service in at least three Member States constitutes compelling indication that that undertaking has a significant impact on the internal market. This is equally true where an undertaking providing a core platform service in at least three Member States has a very significant market capitalisation or equivalent fair market value. Therefore, an undertaking providing a core platform service should be presumed to have a significant impact on the internal market where it provides a core platform service in at least three Member States and where either its group turnover realised in the Union is equal to or exceeds a specific, high threshold, or the market capitalisation of the group is equal to or exceeds a certain high absolute value. For undertakings providing core platform services that belong to undertakings that are not publicly listed, the equivalent fair market value should be used as the reference. It should be possible for the Commission to use its power to adopt delegated acts to develop an objective methodology to calculate that value.

    A high group turnover realised in the Union in conjunction with the threshold number of users in the Union of core platform services reflects a relatively strong ability to monetise those users. A high market capitalisation relative to the same threshold number of users in the Union reflects a relatively significant potential to monetise those users in the near future. This monetisation potential in turn reflects, in principle, the gateway position of the undertakings concerned. Both indicators, in addition, reflect the financial capacity of the undertakings concerned, including their ability to leverage their access to financial markets to reinforce their position. This can, for example, happen where this superior access is used to acquire other undertakings, an ability which has in turn been shown to have potential negative effects on innovation. Market capitalisation can also reflect the expected future position and effect on the internal market of the undertakings concerned, despite a potentially relatively low current turnover. The market capitalisation value should be based on a level that reflects the average market capitalisation of the largest publicly listed undertakings in the Union over an appropriate period.

    (18)

    Whereas a market capitalisation at or above the threshold in the last financial year should give rise to a presumption that an undertaking providing core platform services has a significant impact on the internal market, a sustained market capitalisation of the undertaking providing core platform services at or above the threshold over three or more years should be considered as further strengthening that presumption.

    (19)

    By contrast, there could be a number of factors concerning market capitalisation that would require an in-depth assessment in determining whether an undertaking providing core platform services should be deemed to have a significant impact on the internal market. This could be the case where the market capitalisation of the undertaking providing core platform services in preceding financial years was significantly lower than the threshold and the volatility of its market capitalisation over the observed period was disproportionate to overall equity market volatility or its market capitalisation trajectory relative to market trends was inconsistent with a rapid and unidirectional growth.

    (20)

    Having a very high number of business users that depend on a core platform service to reach a very high number of monthly active end users enables the undertaking providing that service to influence the operations of a substantial part of business users to its advantage and indicate, in principle, that that undertaking is an important gateway. The respective relevant levels for those numbers should be set representing a substantive percentage of the entire population of the Union when it comes to end users and of the entire population of businesses using core platform services to determine the threshold for business users. Active end users and business users should be identified and calculated in such a way as to adequately represent the role and reach of the specific core platform service in question. In order to provide legal certainty for gatekeepers, the elements to determine the number of active end users and business users per core platform service should be set out in an Annex to this Regulation. Such elements can be affected by technological and other developments. The Commission should therefore be empowered to adopt delegated acts to amend this Regulation by updating the methodology and the list of indicators used to determine the number of active end users and active business users.

    (21)

    An entrenched and durable position in its operations or the foreseeability of enjoying such a position in the future occurs notably where the contestability of the position of the undertaking providing the core platform service is limited. This is likely to be the case where that undertaking has provided a core platform service in at least three Member States to a very high number of business users and end users over a period of at least 3 years.

    (22)

    Such thresholds can be affected by market and technical developments. The Commission should therefore be empowered to adopt delegated acts to specify the methodology for determining whether the quantitative thresholds are met, and to regularly adjust it to market and technological developments where necessary. Such delegated acts should not amend the quantitative thresholds set out in this Regulation.

    (23)

    An undertaking providing core platform services should be able, in exceptional circumstances, to rebut the presumption that the undertaking has a significant impact on the internal market by demonstrating that, although it meets the quantitative thresholds set out in this Regulation, it does not fulfil the requirements for designation as a gatekeeper. The burden of adducing evidence that the presumption deriving from the fulfilment of the quantitative thresholds should not apply should be borne by that undertaking. In its assessment of the evidence and arguments produced, the Commission should take into account only those elements which directly relate to the quantitative criteria, namely the impact of the undertaking providing core platform services on the internal market beyond revenue or market cap, such as its size in absolute terms, and the number of Member States in which it is present; by how much the actual business user and end user numbers exceed the thresholds and the importance of the undertaking’s core platform service considering the overall scale of activities of the respective core platform service; and the number of years for which the thresholds have been met.

    Any justification on economic grounds seeking to enter into market definition or to demonstrate efficiencies deriving from a specific type of behaviour by the undertaking providing core platform services should be discarded, as it is not relevant to the designation as a gatekeeper. If the arguments submitted are not sufficiently substantiated because they do not manifestly put into question the presumption, it should be possible for the Commission to reject the arguments within the timeframe of 45 working days provided for the designation. The Commission should be able to take a decision by relying on information available on the quantitative thresholds where the undertaking providing core platform services obstructs the investigation by failing to comply with the investigative measures taken by the Commission.

    (24)

    Provision should also be made for the assessment of the gatekeeper role of undertakings providing core platform services which do not satisfy all of the quantitative thresholds, in light of the overall objective requirements that they have a significant impact on the internal market, act as an important gateway for business users to reach end users and benefit from an entrenched and durable position in their operations or it is foreseeable that they will do so in the near future. When the undertaking providing core platform services is a medium-sized, small or micro enterprise, the assessment should carefully take into account whether such an undertaking would be able to substantially undermine the contestability of the core platform services, since this Regulation primarily targets large undertakings with considerable economic power rather than medium-sized, small or micro enterprises.

    (25)

    Such an assessment can only be done in light of a market investigation, while taking into account the quantitative thresholds. In its assessment the Commission should pursue the objectives of preserving and fostering innovation and the quality of digital products and services, the degree to which prices are fair and competitive, and the degree to which quality or choice for business users and for end users is or remains high. Elements can be taken into account that are specific to the undertakings providing core platform services concerned, such as extreme scale or scope economies, very strong network effects, data-driven advantages, an ability to connect many business users with many end users through the multisidedness of those services, lock-in effects, lack of multi-homing, conglomerate corporate structure or vertical integration. In addition, a very high market capitalisation, a very high ratio of equity value over profit or a very high turnover derived from end users of a single core platform service can be used as indicators of the leveraging potential of such undertakings and of the tipping of the market in their favour. Together with market capitalisation, high relative growth rates are examples of dynamic parameters that are particularly relevant to identifying such undertakings providing core platform services for which it is foreseeable that they will become entrenched and durable. The Commission should be able to take a decision by drawing adverse inferences from facts available where the undertaking providing core platform services significantly obstructs the investigation by failing to comply with the investigative measures taken by the Commission.

    (26)

    A particular subset of rules should apply to those undertakings providing core platform services for which it is foreseeable that they will enjoy an entrenched and durable position in the near future. The same specific features of core platform services make them prone to tipping: once an undertaking providing the core platform service has obtained a certain advantage over rivals or potential challengers in terms of scale or intermediation power, its position could become unassailable and the situation could evolve to the point that it is likely to become entrenched and durable in the near future. Undertakings can try to induce this tipping and emerge as gatekeeper by using some of the unfair conditions and practices regulated under this Regulation. In such a situation, it appears appropriate to intervene before the market tips irreversibly.

    (27)

    However, such early intervention should be limited to imposing only those obligations that are necessary and appropriate to ensure that the services in question remain contestable and enable the qualified risk of unfair conditions and practices to be avoided. Obligations that prevent the undertaking providing core platform services concerned from enjoying an entrenched and durable position in its operations, such as those preventing leveraging, and those that facilitate switching and multi-homing are more directly geared towards this purpose. To ensure proportionality, the Commission should moreover apply from that subset of obligations only those that are necessary and proportionate to achieve the objectives of this Regulation and should regularly review whether such obligations should be maintained, suppressed or adapted.

    (28)

    Applying only those obligations that are necessary and proportionate to achieve the objectives of this Regulation should allow the Commission to intervene in time and effectively, while fully respecting the proportionality of the measures considered. It should also reassure actual or potential market participants about the contestability and fairness of the services concerned.

    (29)

    Gatekeepers should comply with the obligations laid down in this Regulation in respect of each of the core platform services listed in the relevant designation decision. The obligations should apply taking into account the conglomerate position of gatekeepers, where applicable. Furthermore, it should be possible for the Commission to impose implementing measures on the gatekeeper by decision. Those implementing measures should be designed in an effective manner, having regard to the features of core platform services and the possible circumvention risks, and in compliance with the principle of proportionality and the fundamental rights of the undertakings concerned, as well as those of third parties.

    (30)

    The very rapidly changing and complex technological nature of core platform services requires a regular review of the status of gatekeepers, including those that it is foreseen will enjoy an entrenched and durable position in their operations in the near future. To provide all of the market participants, including the gatekeepers, with the required certainty as to the applicable legal obligations, a time limit for such regular reviews is necessary. It is also important to conduct such reviews on a regular basis and at least every 3 years. Furthermore, it is important to clarify that not every change in the facts on the basis of which an undertaking providing core platform services was designated as a gatekeeper should require amendment of the designation decision. Amendment will only be necessary if the change in the facts also leads to a change in the assessment. Whether or not that is the case should be based on a case-by-case assessment of the facts and circumstances.

    (31)

    To safeguard the contestability and fairness of core platform services provided by gatekeepers, it is necessary to provide in a clear and unambiguous manner for a set of harmonised rules with regard to those services. Such rules are needed to address the risk of harmful effects of practices by gatekeepers, to the benefit of the business environment in the services concerned, of users and ultimately of society as a whole. The obligations correspond to those practices that are considered as undermining contestability or as being unfair, or both, when taking into account the features of the digital sector and which have a particularly negative direct impact on business users and end users. It should be possible for the obligations laid down by this Regulation to specifically take into account the nature of the core platform services provided. The obligations in this Regulation should not only ensure contestability and fairness with respect to core platform services listed in the designation decision, but also with respect to other digital products and services into which gatekeepers leverage their gateway position, which are often provided together with, or in support of, the core platform services.

    (32)

    For the purpose of this Regulation, contestability should relate to the ability of undertakings to effectively overcome barriers to entry and expansion and challenge the gatekeeper on the merits of their products and services. The features of core platform services in the digital sector, such as network effects, strong economies of scale, and benefits from data have limited the contestability of those services and the related ecosystems. Such a weak contestability reduces the incentives to innovate and improve products and services for the gatekeeper, its business users, its challengers and customers and thus negatively affects the innovation potential of the wider online platform economy. Contestability of the services in the digital sector can also be limited if there is more than one gatekeeper for a core platform service. This Regulation should therefore ban certain practices by gatekeepers that are liable to increase barriers to entry or expansion, and impose certain obligations on gatekeepers that tend to lower those barriers. The obligations should also address situations where the position of the gatekeeper may be entrenched to such an extent that inter-platform competition is not effective in the short term, meaning that intra-platform competition needs to be created or increased.

    (33)

    For the purpose of this Regulation, unfairness should relate to an imbalance between the rights and obligations of business users where the gatekeeper obtains a disproportionate advantage. Market participants, including business users of core platform services and alternative providers of services provided together with, or in support of, such core platform services, should have the ability to adequately capture the benefits resulting from their innovative or other efforts. Due to their gateway position and superior bargaining power, it is possible that gatekeepers engage in behaviour that does not allow others to capture fully the benefits of their own contributions, and unilaterally set unbalanced conditions for the use of their core platform services or services provided together with, or in support of, their core platform services. Such imbalance is not excluded by the fact that the gatekeeper offers a particular service free of charge to a specific group of users, and may also consist in excluding or discriminating against business users, in particular if the latter compete with the services provided by the gatekeeper. This Regulation should therefore impose obligations on gatekeepers addressing such behaviour.

    (34)

    Contestability and fairness are intertwined. The lack of, or weak, contestability for a certain service can enable a gatekeeper to engage in unfair practices. Similarly, unfair practices by a gatekeeper can reduce the possibility of business users or others to contest the gatekeeper’s position. A particular obligation in this Regulation may, therefore, address both elements.

    (35)

    The obligations laid down in this Regulation are therefore necessary to address identified public policy concerns, there being no alternative and less restrictive measures that would effectively achieve the same result, having regard to the need to safeguard public order, protect privacy and fight fraudulent and deceptive commercial practices.

    (36)

    Gatekeepers often directly collect personal data of end users for the purpose of providing online advertising services when end users use third-party websites and software applications. Third parties also provide gatekeepers with personal data of their end users in order to make use of certain services provided by the gatekeepers in the context of their core platform services, such as custom audiences. The processing, for the purpose of providing online advertising services, of personal data from third parties using core platform services gives gatekeepers potential advantages in terms of accumulation of data, thereby raising barriers to entry. This is because gatekeepers process personal data from a significantly larger number of third parties than other undertakings. Similar advantages result from the conduct of (i) combining end user personal data collected from a core platform service with data collected from other services; (ii) cross-using personal data from a core platform service in other services provided separately by the gatekeeper, notably services which are not provided together with, or in support of, the relevant core platform service, and vice versa; or (iii) signing-in end users to different services of gatekeepers in order to combine personal data. To ensure that gatekeepers do not unfairly undermine the contestability of core platform services, gatekeepers should enable end users to freely choose to opt-in to such data processing and sign-in practices by offering a less personalised but equivalent alternative, and without making the use of the core platform service or certain functionalities thereof conditional upon the end user’s consent. This should be without prejudice to the gatekeeper processing personal data or signing in end users to a service, relying on the legal basis under Article 6(1), points (c), (d) and (e), of Regulation (EU) 2016/679, but not on Article 6(1), points (b) and (f) of that Regulation.

    (37)

    The less personalised alternative should not be different or of degraded quality compared to the service provided to the end users who provide consent, unless a degradation of quality is a direct consequence of the gatekeeper not being able to process such personal data or signing in end users to a service. Not giving consent should not be more difficult than giving consent. When the gatekeeper requests consent, it should proactively present a user-friendly solution to the end user to provide, modify or withdraw consent in an explicit, clear and straightforward manner. In particular, consent should be given by a clear affirmative action or statement establishing a freely given, specific, informed and unambiguous indication of agreement by the end user, as defined in Regulation (EU) 2016/679. At the time of giving consent, and only where applicable, the end user should be informed that not giving consent can lead to a less personalised offer, but that otherwise the core platform service will remain unchanged and that no functionalities will be suppressed. Exceptionally, if consent cannot be given directly to the gatekeeper's core platform service, end users should be able to give consent through each third-party service that makes use of that core platform service, to allow the gatekeeper to process personal data for the purposes of providing online advertising services.

    Lastly, it should be as easy to withdraw consent as to give it. Gatekeepers should not design, organise or operate their online interfaces in a way that deceives, manipulates or otherwise materially distorts or impairs the ability of end users to freely give consent. In particular, gatekeepers should not be allowed to prompt end users more than once a year to give consent for the same processing purpose in respect of which they initially did not give consent or withdrew their consent. This Regulation is without prejudice to Regulation (EU) 2016/679, including its enforcement framework, which remains fully applicable with respect to any claims by data subjects relating to an infringement of their rights under that Regulation.

    (38)

    Children merit specific protection with regard to their personal data, in particular as regards the use of their personal data for the purposes of commercial communication or creating user profiles. The protection of children online is an important objective of the Union and should be reflected in the relevant Union law. In this context, due regard should be given to a Regulation on a single market for digital services. Nothing in this Regulation exempts gatekeepers from the obligation to protect children laid down in applicable Union law.

    (39)

    In certain cases, for instance through the imposition of contractual terms and conditions, gatekeepers can restrict the ability of business users of their online intermediation services to offer products or services to end users under more favourable conditions, including price, through other online intermediation services or through direct online sales channels. Where such restrictions relate to third-party online intermediation services, they limit inter-platform contestability, which in turn limits choice of alternative online intermediation services for end users. Where such restrictions relate to direct online sales channels, they unfairly limit the freedom of business users to use such channels. To ensure that business users of online intermediation services of gatekeepers can freely choose alternative online intermediation services or direct online sales channels and differentiate the conditions under which they offer their products or services to end users, it should not be accepted that gatekeepers limit business users from choosing to differentiate commercial conditions, including price. Such a restriction should apply to any measure with equivalent effect, such as increased commission rates or de-listing of the offers of business users.

    (40)

    To prevent further reinforcing their dependence on the core platform services of gatekeepers, and in order to promote multi-homing, the business users of those gatekeepers should be free to promote and choose the distribution channel that they consider most appropriate for the purpose of interacting with any end users that those business users have already acquired through core platform services provided by the gatekeeper or through other channels. This should apply to the promotion of offers, including through a software application of the business user, and any form of communication and conclusion of contracts between business users and end users. An acquired end user is an end user who has already entered into a commercial relationship with the business user and, where applicable, the gatekeeper has been directly or indirectly remunerated by the business user for facilitating the initial acquisition of the end user by the business user. Such commercial relationships can be on either a paid or a free basis, such as free trials or free service tiers, and can have been entered into either on the core platform service of the gatekeeper or through any other channel. Conversely, end users should also be free to choose offers of such business users and to enter into contracts with them either through core platform services of the gatekeeper, if applicable, or from a direct distribution channel of the business user or another indirect channel that such business user uses.

    (41)

    The ability of end users to acquire content, subscriptions, features or other items outside the core platform services of the gatekeeper should not be undermined or restricted. In particular, a situation should be avoided whereby gatekeepers restrict end users from access to, and use of, such services via a software application running on their core platform service. For example, subscribers to online content purchased outside a software application, software application store or virtual assistant should not be prevented from accessing such online content on a software application on the core platform service of the gatekeeper simply because it was purchased outside such software application, software application store or virtual assistant.

    (42)

    To safeguard a fair commercial environment and protect the contestability of the digital sector it is important to safeguard the right of business users and end users, including whistleblowers, to raise concerns about unfair practices by gatekeepers raising any issue of non-compliance with the relevant Union or national law with any relevant administrative or other public authorities, including national courts. For example, it is possible that business users or end users will want to complain about different types of unfair practices, such as discriminatory access conditions, unjustified closing of business user accounts or unclear grounds for product de-listings. Any practice that would in any way inhibit or hinder those users in raising their concerns or in seeking available redress, for instance by means of confidentiality clauses in agreements or other written terms, should therefore be prohibited. This prohibition should be without prejudice to the right of business users and gatekeepers to lay down in their agreements the terms of use including the use of lawful complaints-handling mechanisms, including any use of alternative dispute resolution mechanisms or of the jurisdiction of specific courts in compliance with respective Union and national law. This should also be without prejudice to the role gatekeepers play in the fight against illegal content online.

    (43)

    Certain services provided together with, or in support of, relevant core platform services of the gatekeeper, such as identification services, web browser engines, payment services or technical services that support the provision of payment services, such as payment systems for in-app purchases, are crucial for business users to conduct their business and allow them to optimise services. In particular, each browser is built on a web browser engine, which is responsible for key browser functionality such as speed, reliability and web compatibility. When gatekeepers operate and impose web browser engines, they are in a position to determine the functionality and standards that will apply not only to their own web browsers, but also to competing web browsers and, in turn, to web software applications. Gatekeepers should therefore not use their position to require their dependent business users to use any of the services provided together with, or in support of, core platform services by the gatekeeper itself as part of the provision of services or products by those business users. In order to avoid a situation in which gatekeepers indirectly impose on business users their own services provided together with, or in support of, core platform services, gatekeepers should also be prohibited from requiring end users to use such services, when that requirement would be imposed in the context of the service provided to end users by the business user using the core platform service of the gatekeeper. That prohibition aims to protect the freedom of the business user to choose alternative services to the ones of the gatekeeper, but should not be construed as obliging the business user to offer such alternatives to its end users.

    (44)

    The conduct of requiring business users or end users to subscribe to, or register with, any other core platform services of gatekeepers listed in the designation decision or which meet the thresholds of active end users and business users set out in this Regulation, as a condition for using, accessing, signing up for or registering with a core platform service gives the gatekeepers a means of capturing and locking-in new business users and end users for their core platform services by ensuring that business users cannot access one core platform service without also at least registering or creating an account for the purposes of receiving a second core platform service. That conduct also gives gatekeepers a potential advantage in terms of accumulation of data. As such, this conduct is liable to raise barriers to entry and should be prohibited.

    (45)

    The conditions under which gatekeepers provide online advertising services to business users, including both advertisers and publishers, are often non-transparent and opaque. This opacity is partly linked to the practices of a few platforms, but is also due to the sheer complexity of modern day programmatic advertising. That sector is considered to have become less transparent after the introduction of new privacy legislation. This often leads to a lack of information and knowledge for advertisers and publishers about the conditions of the online advertising services they purchase and undermines their ability to switch between undertakings providing online advertising services. Furthermore, the costs of online advertising services under these conditions are likely to be higher than they would be in a fairer, more transparent and contestable platform environment. Those higher costs are likely to be reflected in the prices that end users pay for many daily products and services relying on the use of online advertising services. Transparency obligations should therefore require gatekeepers to provide advertisers and publishers to whom they supply online advertising services, when requested, with free of charge information that allows both sides to understand the price paid for each of the different online advertising services provided as part of the relevant advertising value chain.

    This information should be provided, upon request, to an advertiser at the level of an individual advertisement in relation to the price and fees charged to that advertiser and, subject to an agreement by the publisher owning the inventory where the advertisement is displayed, the remuneration received by that consenting publisher. The provision of this information on a daily basis will allow advertisers to receive information that has a sufficient level of granularity necessary to compare the costs of using the online advertising services of gatekeepers with the costs of using online advertising services of alternative undertakings. Where some publishers do not provide their consent to the sharing of the relevant information with the advertiser, the gatekeeper should provide the advertiser with the information about the daily average remuneration received by those publishers for the relevant advertisements. The same obligation and principles of sharing the relevant information concerning the provision of online advertising services should apply in respect of requests by publishers. Since gatekeepers can use different pricing models for the provision of online advertising services to advertisers and publishers, for instance a price per impression, per view or any other criterion, gatekeepers should also provide the method with which each of the prices and remunerations are calculated.

    (46)

    In certain circumstances, a gatekeeper has a dual role as an undertaking providing core platform services, whereby it provides a core platform service, and possibly other services provided together with, or in support of, that core platform service to its business users, while also competing or intending to compete with those same business users in the provision of the same or similar services or products to the same end users. In those circumstances, a gatekeeper can take advantage of its dual role to use data, generated or provided by its business users in the context of activities by those business users when using the core platform services or the services provided together with, or in support of, those core platform services, for the purpose of its own services or products. The data of the business user can also include any data generated by or provided during the activities of its end users. This can be the case, for instance, where a gatekeeper provides an online marketplace or a software application store to business users, and at the same time provides services as an undertaking providing online retail services or software applications. To prevent gatekeepers from unfairly benefitting from their dual role, it is necessary to ensure that they do not use any aggregated or non-aggregated data, which could include anonymised and personal data that is not publicly available to provide similar services to those of their business users. That obligation should apply to the gatekeeper as a whole, including but not limited to its business unit that competes with the business users of a core platform service.

    (47)

    Business users can also purchase online advertising services from an undertaking providing core platform services for the purpose of providing goods and services to end users. In this case, it can happen that the data are not generated on the core platform service, but are provided to the core platform service by the business user or are generated based on its operations through the core platform service concerned. In certain instances, that core platform service providing advertising can have a dual role as both an undertaking providing online advertising services and an undertaking providing services competing with business users. Accordingly, the obligation prohibiting a dual role gatekeeper from using data of business users should apply also with respect to the data that a core platform service has received from businesses for the purpose of providing online advertising services related to that core platform service.

    (48)

    In relation to cloud computing services, the obligation not to use the data of business users should extend to data provided or generated by business users of the gatekeeper in the context of their use of the cloud computing service of the gatekeeper, or through its software application store that allows end users of cloud computing services access to software applications. That obligation should not affect the right of the gatekeeper to use aggregated data for providing other services provided together with, or in support of, its core platform service, such as data analytics services, subject to compliance with Regulation (EU) 2016/679 and Directive 2002/58/EC, as well as with the relevant obligations in this Regulation concerning such services.

    (49)

    A gatekeeper can use different means to favour its own or third-party services or products on its operating system, virtual assistant or web browser, to the detriment of the same or similar services that end users could obtain through other third parties. This can for instance happen where certain software applications or services are pre-installed by a gatekeeper. To enable end user choice, gatekeepers should not prevent end users from un-installing any software applications on their operating system. It should be possible for the gatekeeper to restrict such un-installation only when such software applications are essential to the functioning of the operating system or the device. Gatekeepers should also allow end users to easily change the default settings on the operating system, virtual assistant and web browser when those default settings favour their own software applications and services. This includes prompting a choice screen, at the moment of the users’ first use of an online search engine, virtual assistant or web browser of the gatekeeper listed in the designation decision, allowing end users to select an alternative default service when the operating system of the gatekeeper directs end users to those online search engine, virtual assistant or web browser and when the virtual assistant or the web browser of the gatekeeper direct the user to the online search engine listed in the designation decision.

    (50)

    The rules that a gatekeeper sets for the distribution of software applications can, in certain circumstances, restrict the ability of end users to install and effectively use third-party software applications or software application stores on hardware or operating systems of that gatekeeper and restrict the ability of end users to access such software applications or software application stores outside the core platform services of that gatekeeper. Such restrictions can limit the ability of developers of software applications to use alternative distribution channels and the ability of end users to choose between different software applications from different distribution channels and should be prohibited as unfair and liable to weaken the contestability of core platform services. To ensure contestability, the gatekeeper should furthermore allow the third-party software applications or software application stores to prompt the end user to decide whether that service should become the default and enable that change to be carried out easily.

    In order to ensure that third-party software applications or software application stores do not endanger the integrity of the hardware or operating system provided by the gatekeeper, it should be possible for the gatekeeper concerned to implement proportionate technical or contractual measures to achieve that goal if the gatekeeper demonstrates that such measures are necessary and justified and that there are no less-restrictive means to safeguard the integrity of the hardware or operating system. The integrity of the hardware or the operating system should include any design options that need to be implemented and maintained in order for the hardware or the operating system to be protected against unauthorised access, by ensuring that security controls specified for the hardware or the operating system concerned cannot be compromised. Furthermore, in order to ensure that third-party software applications or software application stores do not undermine end users’ security, it should be possible for the gatekeeper to implement strictly necessary and proportionate measures and settings, other than default settings, enabling end users to effectively protect security in relation to third-party software applications or software application stores if the gatekeeper demonstrates that such measures and settings are strictly necessary and justified and that there are no less-restrictive means to achieve that goal. The gatekeeper should be prevented from implementing such measures as a default setting or as pre-installation.

    (51)

    Gatekeepers are often vertically integrated and offer certain products or services to end users through their own core platform services, or through a business user over which they exercise control which frequently leads to conflicts of interest. This can include the situation whereby a gatekeeper provides its own online intermediation services through an online search engine. When offering those products or services on the core platform service, gatekeepers can reserve a better position, in terms of ranking, and related indexing and crawling, for their own offering than that of the products or services of third parties also operating on that core platform service. This can occur for instance with products or services, including other core platform services, which are ranked in the results communicated by online search engines, or which are partly or entirely embedded in online search engines results, groups of results specialised in a certain topic, displayed along with the results of an online search engine, which are considered or used by certain end users as a service distinct or additional to the online search engine.

    Other instances are those of software applications which are distributed through software application stores, or videos distributed through a video-sharing platform, or products or services that are given prominence and display in the newsfeed of an online social networking service, or products or services ranked in search results or displayed on an online marketplace, or products or services offered through a virtual assistant. Such reserving of a better position of gatekeeper’s own offering can take place even before ranking following a query, such as during crawling and indexing. For example, already during crawling, as a discovery process by which new and updated content is being found, as well as indexing, which entails storing and organising of the content found during the crawling process, the gatekeeper can favour its own content over that of third parties. In those circumstances, the gatekeeper is in a dual-role position as intermediary for third-party undertakings and as undertaking directly providing products or services. Consequently, such gatekeepers have the ability to undermine directly the contestability for those products or services on those core platform services, to the detriment of business users which are not controlled by the gatekeeper.

    (52)

    In such situations, the gatekeeper should not engage in any form of differentiated or preferential treatment in ranking on the core platform service, and related indexing and crawling, whether through legal, commercial or technical means, in favour of products or services it offers itself or through a business user which it controls. To ensure that this obligation is effective, the conditions that apply to such ranking should also be generally fair and transparent. Ranking should in this context cover all forms of relative prominence, including display, rating, linking or voice results and should also include instances where a core platform service presents or communicates only one result to the end user. To ensure that this obligation is effective and cannot be circumvented, it should also apply to any measure that has an equivalent effect to the differentiated or preferential treatment in ranking. The guidelines adopted pursuant to Article 5 of Regulation (EU) 2019/1150 should also facilitate the implementation and enforcement of this obligation.

    (53)

    Gatekeepers should not restrict or prevent the free choice of end users by technically or otherwise preventing switching between or subscription to different software applications and services. This would allow more undertakings to offer their services, thereby ultimately providing greater choice to the end users. Gatekeepers should ensure a free choice irrespective of whether they are the manufacturer of any hardware by means of which such software applications or services are accessed and should not raise artificial technical or other barriers so as to make switching impossible or ineffective. The mere offering of a given product or service to consumers, including by means of pre-installation, as well as the improvement of the offering to end users, such as price reductions or increased quality, should not be construed as constituting a prohibited barrier to switching.

    (54)

    Gatekeepers can hamper the ability of end users to access online content and services, including software applications. Therefore, rules should be established to ensure that the rights of end users to access an open internet are not compromised by the conduct of gatekeepers. Gatekeepers can also technically limit the ability of end users to effectively switch between different undertakings providing internet access service, in particular through their control over hardware or operating systems. This distorts the level playing field for internet access services and ultimately harms end users. It should therefore be ensured that gatekeepers do not unduly restrict end users in choosing the undertaking providing their internet access service.

    (55)

    A gatekeeper can provide services or hardware, such as wearable devices, that access hardware or software features of a device accessed or controlled via an operating system or virtual assistant in order to offer specific functionalities to end users. In that case, competing service or hardware providers, such as providers of wearable devices, require equally effective interoperability with, and access for the purposes of interoperability to, the same hardware or software features to be able to provide a competitive offering to end users.

    (56)

    Gatekeepers can also have a dual role as developers of operating systems and device manufacturers, including any technical functionality that such a device may have. For example, a gatekeeper that is a manufacturer of a device can restrict access to some of the functionalities in that device, such as near-field-communication technology, secure elements and processors, authentication mechanisms and the software used to operate those technologies, which can be required for the effective provision of a service provided together with, or in support of, the core platform service by the gatekeeper as well as by any potential third-party undertaking providing such service.

    (57)

    If dual roles are used in a manner that prevents alternative service and hardware providers from having access under equal conditions to the same operating system, hardware or software features that are available or used by the gatekeeper in the provision of its own complementary or supporting services or hardware, this could significantly undermine innovation by such alternative providers, as well as choice for end users. The gatekeepers should, therefore, be required to ensure, free of charge, effective interoperability with, and access for the purposes of interoperability to, the same operating system, hardware or software features that are available or used in the provision of its own complementary and supporting services and hardware. Such access can equally be required by software applications related to the relevant services provided together with, or in support of, the core platform service in order to effectively develop and provide functionalities interoperable with those provided by gatekeepers. The aim of the obligations is to allow competing third parties to interconnect through interfaces or similar solutions to the respective features as effectively as the gatekeeper’s own services or hardware.

    (58)

    The conditions under which gatekeepers provide online advertising services to business users, including both advertisers and publishers, are often non-transparent and opaque. This often leads to a lack of information for advertisers and publishers about the effect of a given advertisement. To further enhance fairness, transparency and contestability of online advertising services listed in the designation decision, as well as those that are fully integrated with other core platform services of the same undertaking, gatekeepers should provide advertisers and publishers, and third parties authorised by advertisers and publishers, when requested, with free of charge access to the gatekeepers’ performance measuring tools and the data, including aggregated and non-aggregated data, necessary for advertisers, authorised third parties such as advertising agencies acting on behalf of a company placing advertising, as well as for publishers to carry out their own independent verification of the provision of the relevant online advertising services.

    (59)

    Gatekeepers benefit from access to vast amounts of data that they collect while providing the core platform services, as well as other digital services. To ensure that gatekeepers do not undermine the contestability of core platform services, or the innovation potential of the dynamic digital sector, by restricting switching or multi-homing, end users, as well as third parties authorised by an end user, should be granted effective and immediate access to the data they provided or that was generated through their activity on the relevant core platform services of the gatekeeper. The data should be received in a format that can be immediately and effectively accessed and used by the end user or the relevant third party authorised by the end user to which the data is ported. Gatekeepers should also ensure, by means of appropriate and high quality technical measures, such as application programming interfaces, that end users or third parties authorised by end users can freely port the data continuously and in real time. This should apply also to any other data at different levels of aggregation necessary to effectively enable such portability. For the avoidance of doubt, the obligation on the gatekeeper to ensure effective portability of data under this Regulation complements the right to data portability under the Regulation (EU) 2016/679. Facilitating switching or multi-homing should lead, in turn, to an increased choice for end users and acts as an incentive for gatekeepers and business users to innovate.

    (60)

    Business users that use core platform services provided by gatekeepers, and end users of such business users provide and generate a vast amount of data. In order to ensure that business users have access to the relevant data thus generated, the gatekeeper should, upon their request, provide effective access, free of charge, to such data. Such access should also be given to third parties contracted by the business user, who are acting as processors of this data for the business user. The access should include access to data provided or generated by the same business users and the same end users of those business users in the context of other services provided by the same gatekeeper, including services provided together with or in support of core platform services, where this is inextricably linked to the relevant request. To this end, a gatekeeper should not use any contractual or other restrictions to prevent business users from accessing relevant data and should enable business users to obtain consent of their end users for such data access and retrieval, where such consent is required under Regulation (EU) 2016/679 and Directive 2002/58/EC. Gatekeepers should also ensure the continuous and real time access to such data by means of appropriate technical measures, for example by putting in place high quality application programming interfaces or integrated tools for small volume business users.

    (61)

    The value of online search engines to their respective business users and end users increases as the total number of such users increases. Undertakings providing online search engines collect and store aggregated datasets containing information about what users searched for, and how they interacted with, the results with which they were provided. Undertakings providing online search engines collect these data from searches undertaken on their own online search engine and, where applicable, searches undertaken on the platforms of their downstream commercial partners. Access by gatekeepers to such ranking, query, click and view data constitutes an important barrier to entry and expansion, which undermines the contestability of online search engines. Gatekeepers should therefore be required to provide access, on fair, reasonable and non-discriminatory terms, to those ranking, query, click and view data in relation to free and paid search generated by consumers on online search engines to other undertakings providing such services, so that those third-party undertakings can optimise their services and contest the relevant core platform services. Such access should also be given to third parties contracted by a provider of an online search engine, who are acting as processors of this data for that online search engine. When providing access to its search data, a gatekeeper should ensure the protection of the personal data of end users, including against possible re-identification risks, by appropriate means, such as anonymisation of such personal data, without substantially degrading the quality or usefulness of the data. The relevant data is anonymised if personal data is irreversibly altered in such a way that information does not relate to an identified or identifiable natural person or where personal data is rendered anonymous in such a manner that the data subject is not or is no longer identifiable.

    (62)

    For software application stores, online search engines and online social networking services listed in the designation decision, gatekeepers should publish and apply general conditions of access that should be fair, reasonable and non-discriminatory. Those general conditions should provide for a Union based alternative dispute settlement mechanism that is easily accessible, impartial, independent and free of charge for the business user, without prejudice to the business user’s own cost and proportionate measures aimed at preventing the abuse of the dispute settlement mechanism by business users. The dispute settlement mechanism should be without prejudice to the right of business users to seek redress before judicial authorities in accordance with Union and national law. In particular, gatekeepers which provide access to software application stores are an important gateway for business users that seek to reach end users. In view of the imbalance in bargaining power between those gatekeepers and business users of their software application stores, those gatekeepers should not be allowed to impose general conditions, including pricing conditions, that would be unfair or lead to unjustified differentiation.

    Pricing or other general access conditions should be considered unfair if they lead to an imbalance of rights and obligations imposed on business users or confer an advantage on the gatekeeper which is disproportionate to the service provided by the gatekeeper to business users or lead to a disadvantage for business users in providing the same or similar services as the gatekeeper. The following benchmarks can serve as a yardstick to determine the fairness of general access conditions: prices charged or conditions imposed for the same or similar services by other providers of software application stores; prices charged or conditions imposed by the provider of the software application store for different related or similar services or to different types of end users; prices charged or conditions imposed by the provider of the software application store for the same service in different geographic regions; prices charged or conditions imposed by the provider of the software application store for the same service the gatekeeper provides to itself. This obligation should not establish an access right and it should be without prejudice to the ability of providers of software application stores, online search engines and online social networking services to take the required responsibility in the fight against illegal and unwanted content as set out in a Regulation on a single market for digital services.

    (63)

    Gatekeepers can hamper the ability of business users and end users to unsubscribe from a core platform service that they have previously subscribed to. Therefore, rules should be established to avoid a situation in which gatekeepers undermine the rights of business users and end users to freely choose which core platform service they use. To safeguard free choice of business users and end users, a gatekeeper should not be allowed to make it unnecessarily difficult or complicated for business users or end users to unsubscribe from a core platform service. Closing an account or un-subscribing should not be made be more complicated than opening an account or subscribing to the same service. Gatekeepers should not demand additional fees when terminating contracts with their end users or business users. Gatekeepers should ensure that the conditions for terminating contracts are always proportionate and can be exercised without undue difficulty by end users, such as, for example, in relation to the reasons for termination, the notice period, or the form of such termination. This is without prejudice to national legislation applicable in accordance with the Union law laying down rights and obligations concerning conditions of termination of provision of core platform services by end users.

    (64)

    The lack of interoperability allows gatekeepers that provide number-independent interpersonal communications services to benefit from strong network effects, which contributes to the weakening of contestability. Furthermore, regardless of whether end users ‘multi-home’, gatekeepers often provide number-independent interpersonal communications services as part of their platform ecosystem, and this further exacerbates entry barriers for alternative providers of such services and increases costs for end users to switch. Without prejudice to Directive (EU) 2018/1972 of the European Parliament and of the Council (14) and, in particular, the conditions and procedures laid down in Article 61 thereof, gatekeepers should therefore ensure, free of charge and upon request, interoperability with certain basic functionalities of their number-independent interpersonal communications services that they provide to their own end users, to third-party providers of such services.

    Gatekeepers should ensure interoperability for third-party providers of number-independent interpersonal communications services that offer or intend to offer their number-independent interpersonal communications services to end users and business users in the Union. To facilitate the practical implementation of such interoperability, the gatekeeper concerned should be required to publish a reference offer laying down the technical details and general terms and conditions of interoperability with its number-independent interpersonal communications services. It should be possible for the Commission, if applicable, to consult the Body of European Regulators for Electronic Communications, in order to determine whether the technical details and the general terms and conditions published in the reference offer that the gatekeeper intends to implement or has implemented ensures compliance with this obligation.

    In all cases, the gatekeeper and the requesting provider should ensure that interoperability does not undermine a high level of security and data protection in line with their obligations laid down in this Regulation and applicable Union law, in particular Regulation (EU) 2016/679 and Directive 2002/58/EC. The obligation related to interoperability should be without prejudice to the information and choices to be made available to end users of the number-independent interpersonal communication services of the gatekeeper and the requesting provider under this Regulation and other Union law, in particular Regulation (EU) 2016/679.

    (65)

    To ensure the effectiveness of the obligations laid down by this Regulation, while also making certain that those obligations are limited to what is necessary to ensure contestability and tackling the harmful effects of the unfair practices by gatekeepers, it is important to clearly define and circumscribe them so as to allow the gatekeeper to fully comply with them, whilst fully complying with applicable law, and in particular Regulation (EU) 2016/679 and Directive 2002/58/EC and legislation on consumer protection, cyber security, product safety and accessibility requirements, including Directive (EU) 2019/882 and Directive (EU) 2016/2102 of the European Parliament and of the Council (15). The gatekeepers should ensure the compliance with this Regulation by design. Therefore, the necessary measures should be integrated as much as possible into the technological design used by the gatekeepers.

    It may in certain cases be appropriate for the Commission, following a dialogue with the gatekeeper concerned and after enabling third parties to make comments, to further specify some of the measures that the gatekeeper concerned should adopt in order to effectively comply with obligations that are susceptible of being further specified or, in the event of circumvention, with all obligations. In particular, such further specification should be possible where the implementation of an obligation susceptible to being further specified can be affected by variations of services within a single category of core platform services. For this purpose, it should be possible for the gatekeeper to request the Commission to engage in a process whereby the Commission can further specify some of the measures that the gatekeeper concerned should adopt in order to effectively comply with those obligations.

    The Commission should have discretion as to whether and when such further specification should be provided, while respecting the principles of equal treatment, proportionality, and good administration. In this respect, the Commission should provide the main reasons underlying its assessment, including any enforcement priorities. This process should not be used to undermine the effectiveness of this Regulation. Furthermore, this process is without prejudice to the powers of the Commission to adopt a decision establishing non-compliance with any of the obligations laid down in this Regulation by a gatekeeper, including the possibility to impose fines or periodic penalty payments. The Commission should be able to reopen proceedings, including where the specified measures turn out not to be effective. A reopening due to an ineffective specification adopted by decision should enable the Commission to amend the specification prospectively. The Commission should also be able to set a reasonable time period within which the proceedings can be reopened if the specified measures turn out not to be effective.

    (66)

    As an additional element to ensure proportionality, gatekeepers should be given an opportunity to request the suspension, to the extent necessary, of a specific obligation in exceptional circumstances that lie beyond the control of the gatekeeper, such as an unforeseen external shock that has temporarily eliminated a significant part of end user demand for the relevant core platform service, where compliance with a specific obligation is shown by the gatekeeper to endanger the economic viability of the Union operations of the gatekeeper concerned. The Commission should identify the exceptional circumstances justifying the suspension and review it on a regular basis in order to assess whether the conditions for granting it are still viable.

    (67)

    In exceptional circumstances, justified on the limited grounds of public health or public security laid down in Union law and interpreted by the Court of Justice, the Commission should be able to decide that a specific obligation does not apply to a specific core platform service. If harm is caused to such public interests that could indicate that the cost to society as a whole of enforcing a certain obligation is, in a specific exceptional case, too high and thus disproportionate. Where appropriate, the Commission should be able to facilitate compliance by assessing whether a limited and duly justified suspension or exemption is justified. This should ensure the proportionality of the obligations in this Regulation without undermining the intended ex ante effects on fairness and contestability. Where such an exemption is granted, the Commission should review its decision every year.

    (68)

    Within the timeframe for complying with their obligations under this Regulation, gatekeepers should inform the Commission, through mandatory reporting, about the measures they intend to implement or have implemented in order to ensure effective compliance with those obligations, including those measures concerning compliance with Regulation (EU) 2016/679, to the extent they are relevant for compliance with the obligations provided under this Regulation, which should allow the Commission to fulfil its duties under this Regulation. In addition, a clear and comprehensible non-confidential summary of such information should be made publicly available while taking into account the legitimate interest of gatekeepers in the protection of their business secrets and other confidential information. This non-confidential publication should enable third parties to assess whether the gatekeepers comply with the obligations laid down in this Regulation. Such reporting should be without prejudice to any enforcement action by the Commission at any time following the reporting. The Commission should publish online a link to the non-confidential summary of the report, as well as all other public information based on information obligations under this Regulation, in order to ensure accessibility of such information in a usable and comprehensive manner, in particular for small and medium enterprises (SMEs).

    (69)

    The obligations of gatekeepers should only be updated after a thorough investigation into the nature and impact of specific practices that may be newly identified, following an in-depth investigation, as unfair or limiting contestability in the same manner as the unfair practices laid down in this Regulation while potentially escaping the scope of the current set of obligations. The Commission should be able to launch an investigation with a view to determining whether the existing obligations need to be updated, either on its own initiative or following a justified request of at least three Member States. When presenting such justified requests, it should be possible for Member States to include information on newly introduced offers of products, services, software or features which raise concerns of contestability or fairness, whether implemented in the context of existing core platform services or otherwise. Where, following a market investigation, the Commission deems it necessary to modify essential elements of this Regulation, such as the inclusion of new obligations that depart from the same contestability or fairness issues addressed by this Regulation, the Commission should advance a proposal to amend this Regulation.

    (70)

    Given the substantial economic power of gatekeepers, it is important that the obligations are applied effectively and are not circumvented. To that end, the rules in question should apply to any practice by a gatekeeper, irrespective of its form and irrespective of whether it is of a contractual, commercial, technical or any other nature, insofar as the practice corresponds to the type of practice that is the subject of one of the obligations laid down by this Regulation. Gatekeepers should not engage in behaviour that would undermine the effectiveness of the prohibitions and obligations laid down in this Regulation. Such behaviour includes the design used by the gatekeeper, the presentation of end-user choices in a non-neutral manner, or using the structure, function or manner of operation of a user interface or a part thereof to subvert or impair user autonomy, decision-making, or choice. Furthermore, the gatekeeper should not be allowed to engage in any behaviour undermining interoperability as required under this Regulation, such as for example by using unjustified technical protection measures, discriminatory terms of service, unlawfully claiming a copyright on application programming interfaces or providing misleading information. Gatekeepers should not be allowed to circumvent their designation by artificially segmenting, dividing, subdividing, fragmenting or splitting their core platform services to circumvent the quantitative thresholds laid down in this Regulation.

    (71)

    To ensure the effectiveness of the review of gatekeeper status, as well as the possibility to adjust the list of core platform services provided by a gatekeeper, the gatekeepers should inform the Commission of all of their intended acquisitions, prior to their implementation, of other undertakings providing core platform services or any other services provided within the digital sector or other services that enable the collection of data. Such information should not only serve the review process regarding the status of individual gatekeepers, but will also provide information that is crucial to monitoring broader contestability trends in the digital sector and can therefore be a useful factor for consideration in the context of the market investigations provided for by this Regulation. Furthermore, the Commission should inform Member States of such information, given the possibility of using the information for national merger control purposes and as, under certain circumstances, it is possible for the national competent authority to refer those acquisitions to the Commission for the purposes of merger control. The Commission should also publish annually a list of acquisitions of which it has been informed by the gatekeeper. To ensure the necessary transparency and usefulness of such information for different purposes provided for by this Regulation, gatekeepers should provide at least information about the undertakings concerned by the concentration, their Union and worldwide annual turnover, their field of activity, including activities directly related to the concentration, the transaction value or an estimation thereof, a summary of the concentration, including its nature and rationale, as well as a list of the Member States concerned by the operation.

    (72)

    The data protection and privacy interests of end users are relevant to any assessment of potential negative effects of the observed practice of gatekeepers to collect and accumulate large amounts of data from end users. Ensuring an adequate level of transparency of profiling practices employed by gatekeepers, including, but not limited to, profiling within the meaning of Article 4, point (4), of Regulation (EU) 2016/679, facilitates contestability of core platform services. Transparency puts external pressure on gatekeepers not to make deep consumer profiling the industry standard, given that potential entrants or start-ups cannot access data to the same extent and depth, and at a similar scale. Enhanced transparency should allow other undertakings providing core platform services to differentiate themselves better through the use of superior privacy guarantees.

    To ensure a minimum level of effectiveness of this transparency obligation, gatekeepers should at least provide an independently audited description of the basis upon which profiling is performed, including whether personal data and data derived from user activity in line with Regulation (EU) 2016/679 is relied on, the processing applied, the purpose for which the profile is prepared and eventually used, the duration of the profiling, the impact of such profiling on the gatekeeper’s services, and the steps taken to effectively enable end users to be aware of the relevant use of such profiling, as well as steps to seek their consent or provide them with the possibility of denying or withdrawing consent. The Commission should transfer the audited description to the European Data Protection Board to inform the enforcement of Union data protection rules. The Commission should be empowered to develop the methodology and procedure for the audited description, in consultation with the European Data Protection Supervisor, the European Data Protection Board, civil society and experts, in line with Regulations (EU) No 182/2011 (16) and (EU) 2018/1725 (17) of the European Parliament and of the Council.

    (73)

    In order to ensure the full and lasting achievement of the objectives of this Regulation, the Commission should be able to assess whether an undertaking providing core platform services should be designated as a gatekeeper without meeting the quantitative thresholds laid down in this Regulation; whether systematic non-compliance by a gatekeeper warrants imposing additional remedies; whether more services within the digital sector should be added to the list of core platform services; and whether additional practices that are similarly unfair and limiting the contestability of digital markets need to be investigated. Such assessment should be based on market investigations to be carried out in an appropriate timeframe, by using clear procedures and deadlines, in order to support the ex ante effect of this Regulation on contestability and fairness in the digital sector, and to provide the requisite degree of legal certainty.

    (74)

    The Commission should be able to find, following a market investigation, that an undertaking providing a core platform service fulfils all of the overarching qualitative criteria for being identified as a gatekeeper. That undertaking should then, in principle, comply with all of the relevant obligations laid down by this Regulation. However, for gatekeepers that have been designated by the Commission because it is foreseeable that they will enjoy an entrenched and durable position in the near future, the Commission should only impose those obligations that are necessary and appropriate to prevent that the gatekeeper concerned achieves an entrenched and durable position in its operations. With respect to such emerging gatekeepers, the Commission should take into account that this status is in principle of a temporary nature, and it should therefore be decided at a given moment whether such an undertaking providing core platform services should be subjected to the full set of gatekeeper obligations because it has acquired an entrenched and durable position, or the conditions for designation are ultimately not met and therefore all previously imposed obligations should be waived.

    (75)

    The Commission should investigate and assess whether additional behavioural, or, where appropriate, structural remedies are justified, in order to ensure that the gatekeeper cannot frustrate the objectives of this Regulation by systematic non-compliance with one or several of the obligations laid down in this Regulation. This is the case where the Commission has issued against a gatekeeper at least three non-compliance decisions within the period of 8 years, which can concern different core platform services and different obligations laid down in this Regulation, and if the gatekeeper has maintained, extended or further strengthened its impact in the internal market, the economic dependency of its business users and end users on the gatekeeper’s core platform services or the entrenchment of its position. A gatekeeper should be deemed to have maintained, extended or strengthened its gatekeeper position where, despite the enforcement actions taken by the Commission, that gatekeeper still holds or has further consolidated or entrenched its importance as a gateway for business users to reach end users.

    The Commission should in such cases have the power to impose any remedy, whether behavioural or structural, having due regard to the principle of proportionality. In this context, the Commission should have the power to prohibit, to the extent that such remedy is proportionate and necessary in order to maintain or restore fairness and contestability as affected by the systematic non-compliance, during a limited time-period, the gatekeeper from entering into a concentration regarding those core platform services or the other services provided in the digital sector or services enabling the collection of data that are affected by the systematic non-compliance. In order to enable effective involvement of third parties and the possibility to test remedies before its application, the Commission should publish a detailed non-confidential summary of the case and the measures to be taken. The Commission should be able to reopen proceedings, including where the specified remedies turn out not to be effective. A reopening due to ineffective remedies adopted by decision should enable the Commission to amend the remedies prospectively. The Commission should also be able to set a reasonable time period within which it should be possible to reopen the proceedings if the remedies prove not to be effective.

    (76)

    Where, in the course of an investigation into systematic non-compliance, a gatekeeper offers commitments to the Commission, the latter should be able to adopt a decision making these commitments binding on the gatekeeper concerned, where it finds that the commitments ensure effective compliance with the obligations set out in this Regulation. That decision should also find that there are no longer grounds for action by the Commission as regards the systematic non-compliance under investigation. In assessing whether the commitments offered by the gatekeeper are sufficient to ensure effective compliance with the obligations under this Regulation, the Commission should be allowed to take into account tests undertaken by the gatekeeper to demonstrate the effectiveness of the offered commitments in practice. The Commission should verify that the commitments decision is fully respected and reaches its objectives, and should be entitled to reopen the decision if it finds that the commitments are not effective.

    (77)

    The services in the digital sector and the types of practices relating to these services can change quickly and to a significant extent. To ensure that this Regulation remains up to date and constitutes an effective and holistic regulatory response to the problems posed by gatekeepers, it is important to provide for a regular review of the lists of core platform services, as well as of the obligations provided for in this Regulation. This is particularly important to ensure that a practice that is likely to limit the contestability of core platform services or is unfair is identified. While it is important to conduct a review on a regular basis, given the dynamically changing nature of the digital sector, in order to ensure legal certainty as to the regulatory conditions, any reviews should be conducted within a reasonable and appropriate timeframe. Market investigations should also ensure that the Commission has a solid evidentiary basis on which it can assess whether it should propose to amend this Regulation in order to review, expand, or further detail, the lists of core platform services. They should equally ensure that the Commission has a solid evidentiary basis on which it can assess whether it should propose to amend the obligations laid down in this Regulation or whether it should adopt a delegated act updating such obligations.

    (78)

    With regard to conduct by gatekeepers that is not covered by the obligations set out in this Regulation, the Commission should have the possibility to open a market investigation into new services and new practices for the purposes of identifying whether the obligations set out in this Regulation are to be supplemented by means of a delegated act falling within the scope of the empowerment set out for such delegated acts in this Regulation, or by presenting a proposal to amend this Regulation. This is without prejudice to the possibility for the Commission to, in appropriate cases, open proceedings under Article 101 or 102 TFEU. Such proceedings should be conducted in accordance with Council Regulation (EC) No 1/2003 (18). In cases of urgency due to the risk of serious and irreparable damage to competition, the Commission should consider adopting interim measures in accordance with Article 8 of Regulation (EC) No 1/2003.

    (79)

    In the event that gatekeepers engage in a practice that is unfair or that limits the contestability of the core platform services that are already designated under this Regulation but without such practices being explicitly covered by the obligations laid down by this Regulation, the Commission should be able to update this Regulation through delegated acts. Such updates by way of delegated act should be subject to the same investigatory standard and therefore should be preceded by a market investigation. The Commission should also apply a predefined standard in identifying such types of practices. This legal standard should ensure that the type of obligations that gatekeepers could at any time face under this Regulation are sufficiently predictable.

    (80)

    In order to ensure effective implementation and compliance with this Regulation, the Commission should have strong investigative and enforcement powers, to allow it to investigate, enforce and monitor the rules laid down in this Regulation, while at the same time ensuring the respect for the fundamental right to be heard and to have access to the file in the context of the enforcement proceedings. The Commission should dispose of these investigative powers also for the purpose of carrying out market investigations, including for the purpose of updating and reviewing this Regulation.

    (81)

    The Commission should be empowered to request information necessary for the purpose of this Regulation. In particular, the Commission should have access to any relevant documents, data, database, algorithm and information necessary to open and conduct investigations and to monitor the compliance with the obligations laid down in this Regulation, irrespective of who possesses such information, and regardless of their form or format, their storage medium, or the place where they are stored.

    (82)

    The Commission should be able to directly request that undertakings or associations of undertakings provide any relevant evidence, data and information. In addition, the Commission should be able to request any relevant information from competent authorities within the Member State, or from any natural person or legal person for the purpose of this Regulation. When complying with a decision of the Commission, undertakings are obliged to answer factual questions and to provide documents.

    (83)

    The Commission should also be empowered to conduct inspections of any undertaking or association of undertakings and to interview any persons who could be in possession of useful information and to record the statements made.

    (84)

    Interim measures can be an important tool to ensure that, while an investigation is ongoing, the infringement being investigated does not lead to serious and irreparable damage for business users or end users of gatekeepers. This tool is important to avoid developments that could be very difficult to reverse by a decision taken by the Commission at the end of the proceedings. The Commission should therefore have the power to order interim measures in the context of proceedings opened in view of the possible adoption of a non-compliance decision. This power should apply in cases where the Commission has made a prima facie finding of infringement of obligations by gatekeepers and where there is a risk of serious and irreparable damage for business users or end users of gatekeepers. Interim measures should only apply for a specified period, either one ending with the conclusion of the proceedings by the Commission, or for a fixed period which can be renewed insofar as it is necessary and appropriate.

    (85)

    The Commission should be able to take the necessary actions to monitor the effective implementation of and compliance with the obligations laid down in this Regulation. Such actions should include the ability of the Commission to appoint independent external experts and auditors to assist the Commission in this process, including, where applicable, from competent authorities of the Member States, such as data or consumer protection authorities. When appointing auditors, the Commission should ensure sufficient rotation.

    (86)

    Compliance with the obligations imposed by this Regulation should be enforceable by means of fines and periodic penalty payments. To that end, appropriate levels of fines and periodic penalty payments should also be laid down for non-compliance with the obligations and breach of the procedural rules subject to appropriate limitation periods, in accordance with the principles of proportionality and ne bis in idem. The Commission and the relevant national authorities should coordinate their enforcement efforts in order to ensure that those principles are respected. In particular, the Commission should take into account any fines and penalties imposed on the same legal person for the same facts through a final decision in proceedings relating to an infringement of other Union or national rules, so as to ensure that the overall fines and penalties imposed correspond to the seriousness of the infringements committed.

    (87)

    In order to ensure effective recovery of fines imposed on associations of undertakings for infringements that they have committed, it is necessary to lay down the conditions on which it should be possible for the Commission to require payment of the fine from the members of that association of undertakings where it is not solvent.

    (88)

    In the context of proceedings carried out under this Regulation, the undertaking concerned should be accorded the right to be heard by the Commission and the decisions taken should be widely publicised. While ensuring the rights to good administration, the right of access to the file and the right to be heard, it is essential to protect confidential information. Furthermore, while respecting the confidentiality of the information, the Commission should ensure that any information on which the decision is based is disclosed to an extent that allows the addressee of the decision to understand the facts and considerations that led to the decision. It is also necessary to ensure that the Commission only uses information collected pursuant to this Regulation for the purposes of this Regulation, except where specifically envisaged otherwise. Finally, it should be possible, under certain conditions, for certain business records, such as communication between lawyers and their clients, to be considered confidential if the relevant conditions are met.

    (89)

    When preparing non-confidential summaries for publication in order to effectively enable interested third parties to provide comments, the Commission should give due regard to the legitimate interest of undertakings in the protection of their business secrets and other confidential information.

    (90)

    The coherent, effective and complementary enforcement of available legal instruments applied to gatekeepers requires cooperation and coordination between the Commission and national authorities within the remit of their competences. The Commission and national authorities should cooperate and coordinate their actions necessary for the enforcement of the available legal instruments applied to gatekeepers within the meaning of this Regulation and respect the principle of sincere cooperation laid down in Article 4 of the Treaty on European Union (TEU). It should be possible for the support from national authorities to the Commission to include providing the Commission with all necessary information in their possession or assisting the Commission, at its request, with the exercise of its powers so that the Commission is better able to carry out its duties under this Regulation.

    (91)

    The Commission is the sole authority empowered to enforce this Regulation. In order to support the Commission, it should be possible for Member States to empower their national competent authorities enforcing competition rules to conduct investigations into possible non-compliance by gatekeepers with certain obligations under this Regulation. This could in particular be relevant for cases where it cannot be determined from the outset whether a gatekeeper’s behaviour is capable of infringing this Regulation, the competition rules which the national competent authority is empowered to enforce, or both. The national competent authority enforcing competition rules should report on its findings on possible non-compliance by gatekeepers with certain obligations under this Regulation to the Commission in view of the Commission opening proceedings to investigate any non-compliance as the sole enforcer of the provisions laid down by this Regulation.

    The Commission should have full discretion to decide whether to open such proceedings. In order to avoid overlapping investigations under this Regulation, the national competent authority concerned should inform the Commission before taking its first investigative measure into a possible non-compliance by gatekeepers with certain obligations under this Regulation. The national competent authorities should also closely cooperate and coordinate with the Commission when enforcing national competition rules against gatekeepers, including with regard to the setting of fines. To that end, they should inform the Commission when initiating proceedings based on national competition rules against gatekeepers, as well as prior to imposing obligations on gatekeepers in such proceedings. In order to avoid duplication, it should be possible for information of the draft decision pursuant to Article 11 of Regulation (EC) No 1/2003, where applicable, to serve as notification under this Regulation.

    (92)

    In order to safeguard the harmonised application and enforcement of this Regulation, it is important to ensure that national authorities, including national courts, have all necessary information to ensure that their decisions do not run counter to a decision adopted by the Commission under this Regulation. National courts should be allowed to ask the Commission to send them information or opinions on questions concerning the application of this Regulation. At the same time, the Commission should be able to submit oral or written observations to national courts. This is without prejudice to the ability of national courts to request a preliminary ruling under Article 267 TFEU.

    (93)

    In order to ensure coherence and effective complementarity in the implementation of this Regulation and of other sectoral regulations applicable to gatekeepers, the Commission should benefit from the expertise of a dedicated high-level group. It should be possible for that high-level group to also assist the Commission by means of advice, expertise and recommendations, when relevant, in general matters relating to the implementation or enforcement of this Regulation. The high-level group should be composed of the relevant European bodies and networks, and its composition should ensure a high level of expertise and a geographical balance. The members of the high-level group should regularly report to the bodies and networks they represent regarding the tasks performed in the context of the group, and consult them in that regard.

    (94)

    Since the decisions taken by the Commission under this Regulation are subject to review by the Court of Justice in accordance with the TFEU, in accordance with Article 261 TFEU, the Court of Justice should have unlimited jurisdiction in respect of fines and penalty payments.

    (95)

    It should be possible for the Commission to develop guidelines to provide further guidance on different aspects of this Regulation or to assist undertakings providing core platform services in the implementation of the obligations under this Regulation. It should be possible for such guidance to be based in particular on the experience that the Commission obtains through the monitoring of compliance with this Regulation. The issuing of any guidelines under this Regulation is a prerogative and at the sole discretion of the Commission and should not be considered to be a constitutive element in ensuring that the undertakings or associations of undertakings concerned comply with the obligations under this Regulation.

    (96)

    The implementation of some of the gatekeepers’ obligations, such as those related to data access, data portability or interoperability could be facilitated by the use of technical standards. In this respect, it should be possible for the Commission, where appropriate and necessary, to request European standardisation bodies to develop them.

    (97)

    In order to ensure contestable and fair markets in the digital sector across the Union where gatekeepers are present, the power to adopt acts in accordance with Article 290 TFEU should be delegated to the Commission in respect of amending the methodology for determining whether the quantitative thresholds regarding active end users and active business users for the designation of gatekeepers are met, which is contained in an Annex to this Regulation, in respect of further specifying the additional elements of the methodology not falling in that Annex for determining whether the quantitative thresholds regarding the designation of gatekeepers are met, and in respect of supplementing the existing obligations laid down in this Regulation where, based on a market investigation, the Commission has identified the need for updating the obligations addressing practices that limit the contestability of core platform services or are unfair, and the update considered falls within the scope of the empowerment set out for such delegated acts in this Regulation.

    (98)

    When adopting delegated acts under this Regulation, it is of particular importance that the Commission carries out appropriate consultations during its preparatory work, including at expert level, and that those consultations be conducted in accordance with the principles laid down in the Interinstitutional Agreement of 13 April 2016 on Better Law-Making (19). In particular, to ensure equal participation in the preparation of delegated acts, the European Parliament and the Council should receive all documents at the same time as Member States' experts, and their experts systematically have access to meetings of Commission expert groups dealing with the preparation of delegated acts.

    (99)

    In order to ensure uniform conditions for the implementation of this Regulation, implementing powers should be conferred on the Commission to specify measures to be implemented by gatekeepers in order to effectively comply with the obligations under this Regulation; to suspend, in whole or in part, a specific obligation imposed on a gatekeeper; to exempt a gatekeeper, in whole or in part, from a specific obligation; to specify the measures to be implemented by a gatekeeper when it circumvents the obligations under this Regulation; to conclude a market investigation for designating gatekeepers; to impose remedies in the case of systematic non-compliance; to order interim measures against a gatekeeper; to make commitments binding on a gatekeeper; to set out its finding of a non-compliance; to set the definitive amount of the periodic penalty payment; to determine the form, content and other details of notifications, submissions of information, reasoned requests and regulatory reports transmitted by gatekeepers; to lay down operational and technical arrangements in view of implementing interoperability and the methodology and procedure for the audited description of techniques used for profiling consumers; to provide for practical arrangements for proceedings, extensions of deadlines, exercising rights during proceedings, terms of disclosure, as well as for the cooperation and coordination between the Commission and national authorities. Those powers should be exercised in accordance with Regulation (EU) No 182/2011.

    (100)

    The examination procedure should be used for the adoption of an implementing act on the practical arrangements for the cooperation and coordination between the Commission and Member States. The advisory procedure should be used for the remaining implementing acts envisaged by this Regulation. This is justified by the fact that those remaining implementing acts relate to practical aspects of the procedures laid down in this Regulation, such as form, content and other details of various procedural steps, to practical arrangements of different procedural steps, such as, for example, extension of procedural deadlines or right to be heard, as well as to individual implementing decisions addressed to a gatekeeper.

    (101)

    In accordance with Regulation (EU) No 182/2011, each Member State should be represented in the advisory committee and decide on the composition of its delegation. Such delegation can include, inter alia, experts from the competent authorities within the Member States, which hold the relevant expertise for a specific issue presented to the advisory committee.

    (102)

    Whistleblowers can bring new information to the attention of competent authorities which can help the competent authorities detect infringements of this Regulation and enable them to impose penalties. It should be ensured that adequate arrangements are in place to enable whistleblowers to alert the competent authorities to actual or potential infringements of this Regulation and to protect the whistleblowers from retaliation. For that purpose, it should be provided in this Regulation that Directive (EU) 2019/1937 of the European Parliament and of the Council (20) is applicable to the reporting of breaches of this Regulation and to the protection of persons reporting such breaches.

    (103)

    To enhance legal certainty, the applicability, pursuant to this Regulation, of Directive (EU) 2019/1937 to reports of breaches of this Regulation and to the protection of persons reporting such breaches should be reflected in that Directive. The Annex to Directive (EU) 2019/1937 should therefore be amended accordingly. It is for the Member States to ensure that that amendment is reflected in their transposition measures adopted in accordance with Directive (EU) 2019/1937, although the adoption of national transposition measures is not a condition for the applicability of that Directive to the reporting of breaches of this Regulation and to the protection of reporting persons from the date of application of this Regulation.

    (104)

    Consumers should be entitled to enforce their rights in relation to the obligations imposed on gatekeepers under this Regulation through representative actions in accordance with Directive (EU) 2020/1828 of the European Parliament and of the Council (21). For that purpose, this Regulation should provide that Directive (EU) 2020/1828 is applicable to the representative actions brought against infringements by gatekeepers of provisions of this Regulation that harm or can harm the collective interests of consumers. The Annex to that Directive should therefore be amended accordingly. It is for the Member States to ensure that that amendment is reflected in their transposition measures adopted in accordance with Directive (EU) 2020/1828, although the adoption of national transposition measures in this regard is not a condition for the applicability of that Directive to those representative actions. The applicability of Directive (EU) 2020/1828 to the representative actions brought against infringements by gatekeepers of provisions of this Regulation that harm or can harm the collective interests of consumers should start from the date of application of Member States’ laws, regulations and administrative provisions necessary to transpose that Directive, or from the date of application of this Regulation, whichever is the later.

    (105)

    The Commission should periodically evaluate this Regulation and closely monitor its effects on the contestability and fairness of commercial relationships in the online platform economy, in particular with a view to determining the need for amendments in light of relevant technological or commercial developments. That evaluation should include the regular review of the list of core platform services and the obligations addressed to gatekeepers, as well as their enforcement, in view of ensuring that digital markets across the Union are contestable and fair. In that context, the Commission should also evaluate the scope of the obligation concerning the interoperability of number-independent electronic communications services. In order to obtain a broad view of developments in the digital sector, the evaluation should take into account the experiences of Member States and relevant stakeholders. It should be possible for the Commission in this regard also to consider the opinions and reports presented to it by the Observatory on the Online Platform Economy that was first established by Commission Decision C(2018)2393 of 26 April 2018. Following the evaluation, the Commission should take appropriate measures. The Commission should maintain a high level of protection and respect for the common rights and values, particularly equality and non-discrimination, as an objective when conducting the assessments and reviews of the practices and obligations provided in this Regulation.

    (106)

    Without prejudice to the budgetary procedure and through existing financial instruments, adequate human, financial and technical resources should be allocated to the Commission to ensure that it can effectively perform its duties and exercise its powers in respect of the enforcement of this Regulation.

    (107)

    Since the objective of this Regulation, namely to ensure a contestable and fair digital sector in general and core platform services in particular, with a view to promoting innovation, high quality of digital products and services, fair and competitive prices, as well as a high quality and choice for end users in the digital sector, cannot be sufficiently achieved by the Member States, but can rather, by reason of the business model and operations of the gatekeepers and the scale and effects of their operations, be better achieved at Union level, the Union may adopt measures, in accordance with the principle of subsidiarity as set out in Article 5 TEU. In accordance with the principle of proportionality, as set out in that Article, this Regulation does not go beyond what is necessary in order to achieve that objective.

    (108)

    The European Data Protection Supervisor was consulted in accordance with Article 42 of Regulation (EU) 2018/1725 and delivered an opinion on 10 February 2021 (22).

    (109)

    This Regulation respects the fundamental rights and observes the principles recognised by the Charter of Fundamental Rights of the European Union, in particular Articles 16, 47 and 50 thereof. Accordingly, the interpretation and application of this Regulation should respect those rights and principles,

    HAVE ADOPTED THIS REGULATION:

    CHAPTER I

    SUBJECT MATTER, SCOPE AND DEFINITIONS

    Article 1

    Subject matter and scope

    1.   The purpose of this Regulation is to contribute to the proper functioning of the internal market by laying down harmonised rules ensuring for all businesses, contestable and fair markets in the digital sector across the Union where gatekeepers are present, to the benefit of business users and end users.

    2.   This Regulation shall apply to core platform services provided or offered by gatekeepers to business users established in the Union or end users established or located in the Union, irrespective of the place of establishment or residence of the gatekeepers and irrespective of the law otherwise applicable to the provision of service.

    3.   This Regulation shall not apply to markets related to:

    (a)

    electronic communications networks as defined in Article 2, point (1), of Directive (EU) 2018/1972;

    (b)

    electronic communications services as defined in Article 2, point (4), of Directive (EU) 2018/1972, other than those related to number-independent interpersonal communications services.

    4.   With regard to interpersonal communications services as defined in Article 2, point (5) of Directive (EU) 2018/1972, this Regulation is without prejudice to the powers and responsibilities granted to the national regulatory and other competent authorities by virtue of Article 61 of that Directive.

    5.   In order to avoid the fragmentation of the internal market, Member States shall not impose further obligations on gatekeepers by way of laws, regulations or administrative measures for the purpose of ensuring contestable and fair markets. Nothing in this Regulation precludes Member States from imposing obligations on undertakings, including undertakings providing core platform services, for matters falling outside the scope of this Regulation, provided that those obligations are compatible with Union law and do not result from the fact that the relevant undertakings have the status of a gatekeeper within the meaning of this Regulation.

    6.   This Regulation is without prejudice to the application of Articles 101 and 102 TFEU. It is also without prejudice to the application of:

    (a)

    national competition rules prohibiting anti-competitive agreements, decisions by associations of undertakings, concerted practices and abuses of dominant positions;

    (b)

    national competition rules prohibiting other forms of unilateral conduct insofar as they are applied to undertakings other than gatekeepers or amount to the imposition of further obligations on gatekeepers; and

    (c)

    Council Regulation (EC) No 139/2004 (23) and national rules concerning merger control.

    7.   National authorities shall not take decisions which run counter to a decision adopted by the Commission under this Regulation. The Commission and Member States shall work in close cooperation and coordinate their enforcement actions on the basis of the principles established in Articles 37 and 38.

    Article 2

    Definitions

    For the purposes of this Regulation, the following definitions apply:

    (1)

    ‘gatekeeper’ means an undertaking providing core platform services, designated pursuant to Article 3;

    (2)

    ‘core platform service’ means any of the following:

    (a)

    online intermediation services;

    (b)

    online search engines;

    (c)

    online social networking services;

    (d)

    video-sharing platform services;

    (e)

    number-independent interpersonal communications services;

    (f)

    operating systems;

    (g)

    web browsers;

    (h)

    virtual assistants;

    (i)

    cloud computing services;

    (j)

    online advertising services, including any advertising networks, advertising exchanges and any other advertising intermediation services, provided by an undertaking that provides any of the core platform services listed in points (a) to (i);

    (3)

    ‘information society service’ means any service as defined in Article 1(1), point (b), of Directive (EU) 2015/1535;

    (4)

    ‘digital sector’ means the sector of products and services provided by means of, or through, information society services;

    (5)

    ‘online intermediation services’ means online intermediation services as defined in Article 2, point (2), of Regulation (EU) 2019/1150;

    (6)

    ‘online search engine’ means an online search engine as defined in Article 2, point (5), of Regulation (EU) 2019/1150;

    (7)

    ‘online social networking service’ means a platform that enables end users to connect and communicate with each other, share content and discover other users and content across multiple devices and, in particular, via chats, posts, videos and recommendations;

    (8)

    ‘video-sharing platform service’ means a video-sharing platform service as defined in Article 1(1), point (aa), of Directive 2010/13/EU;

    (9)

    ‘number-independent interpersonal communications service’ means a number-independent interpersonal communications service as defined in Article 2, point (7), of Directive (EU) 2018/1972;

    (10)

    ‘operating system’ means a system software that controls the basic functions of the hardware or software and enables software applications to run on it;

    (11)

    ‘web browser’ means a software application that enables end users to access and interact with web content hosted on servers that are connected to networks such as the Internet, including standalone web browsers as well as web browsers integrated or embedded in software or similar;

    (12)

    ‘virtual assistant’ means a software that can process demands, tasks or questions, including those based on audio, visual, written input, gestures or motions, and that, based on those demands, tasks or questions, provides access to other services or controls connected physical devices;

    (13)

    ‘cloud computing service’ means a cloud computing service as defined in Article 4, point (19), of Directive (EU) 2016/1148 of the European Parliament and of the Council (24);

    (14)

    ‘software application stores’ means a type of online intermediation services, which is focused on software applications as the intermediated product or service;

    (15)

    ‘software application’ means any digital product or service that runs on an operating system;

    (16)

    ‘payment service’ means a payment service as defined in Article 4, point (3) of Directive (EU) 2015/2366;

    (17)

    ‘technical service supporting payment service’ means a service within the meaning of Article 3, point (j), of Directive (EU) 2015/2366;

    (18)

    ‘payment system for in-app purchases’ means a software application, service or user interface which facilitates purchases of digital content or digital services within a software application, including content, subscriptions, features or functionality, and the payments for such purchases;

    (19)

    ‘identification service’ means a type of service provided together with or in support of core platform services that enables any type of verification of the identity of end users or business users, regardless of the technology used;

    (20)

    ‘end user’ means any natural or legal person using core platform services other than as a business user;

    (21)

    ‘business user’ means any natural or legal person acting in a commercial or professional capacity using core platform services for the purpose of or in the course of providing goods or services to end users;

    (22)

    ‘ranking’ means the relative prominence given to goods or services offered through online intermediation services, online social networking services, video-sharing platform services or virtual assistants, or the relevance given to search results by online search engines, as presented, organised or communicated by the undertakings providing online intermediation services, online social networking services, video-sharing platform services, virtual assistants or online search engines, irrespective of the technological means used for such presentation, organisation or communication and irrespective of whether only one result is presented or communicated;

    (23)

    ‘search results’ means any information in any format, including textual, graphic, vocal or other outputs, returned in response to, and related to, a search query, irrespective of whether the information returned is a paid or an unpaid result, a direct answer or any product, service or information offered in connection with the organic results, or displayed along with or partly or entirely embedded in them;

    (24)

    ‘data’ means any digital representation of acts, facts or information and any compilation of such acts, facts or information, including in the form of sound, visual or audiovisual recording;

    (25)

    ‘personal data’ means personal data as defined in Article 4, point (1), of Regulation (EU) 2016/679;

    (26)

    ‘non-personal data’ means data other than personal data;

    (27)

    ‘undertaking’ means an entity engaged in an economic activity, regardless of its legal status and the way in which it is financed, including all linked enterprises or connected undertakings that form a group through the direct or indirect control of an enterprise or undertaking by another;

    (28)

    ‘control’ means the possibility of exercising decisive influence on an undertaking, within the meaning of Article 3(2) of Regulation (EC) No 139/2004;

    (29)

    ‘interoperability’ means the ability to exchange information and mutually use the information which has been exchanged through interfaces or other solutions, so that all elements of hardware or software work with other hardware and software and with users in all the ways in which they are intended to function;

    (30)

    ‘turnover’ means the amount derived by an undertaking within the meaning of Article 5(1) of Regulation (EC) No 139/2004;

    (31)

    ‘profiling’ means profiling as defined in Article 4, point (4), of Regulation (EU) 2016/679;

    (32)

    ‘consent’ means consent as defined in Article 4, point (11), of Regulation (EU) 2016/679;

    (33)

    ‘national court’ means a court or tribunal of a Member State within the meaning of Article 267 TFEU.

    CHAPTER II

    GATEKEEPERS

    Article 3

    Designation of gatekeepers

    1.   An undertaking shall be designated as a gatekeeper if:

    (a)

    it has a significant impact on the internal market;

    (b)

    it provides a core platform service which is an important gateway for business users to reach end users; and

    (c)

    it enjoys an entrenched and durable position, in its operations, or it is foreseeable that it will enjoy such a position in the near future.

    2.   An undertaking shall be presumed to satisfy the respective requirements in paragraph 1:

    (a)

    as regards paragraph 1, point (a), where it achieves an annual Union turnover equal to or above EUR 7,5 billion in each of the last three financial years, or where its average market capitalisation or its equivalent fair market value amounted to at least EUR 75 billion in the last financial year, and it provides the same core platform service in at least three Member States;

    (b)

    as regards paragraph 1, point (b), where it provides a core platform service that in the last financial year has at least 45 million monthly active end users established or located in the Union and at least 10 000 yearly active business users established in the Union, identified and calculated in accordance with the methodology and indicators set out in the Annex;

    (c)

    as regards paragraph 1, point (c), where the thresholds in point (b) of this paragraph were met in each of the last three financial years.

    3.   Where an undertaking providing core platform services meets all of the thresholds in paragraph 2, it shall notify the Commission thereof without delay and in any event within 2 months after those thresholds are met and provide it with the relevant information identified in paragraph 2. That notification shall include the relevant information identified in paragraph 2 for each of the core platform services of the undertaking that meets the thresholds in paragraph 2, point (b). Whenever a further core platform service provided by the undertaking that has previously been designated as a gatekeeper meets the thresholds in paragraph 2, points (b) and (c), such undertaking shall notify the Commission thereof within 2 months after those thresholds are satisfied.

    Where the undertaking providing the core platform service fails to notify the Commission pursuant to the first subparagraph of this paragraph and fails to provide within the deadline set by the Commission in the request for information pursuant to Article 21 all the relevant information that is required for the Commission to designate the undertaking concerned as gatekeeper pursuant to paragraph 4 of this Article, the Commission shall still be entitled to designate that undertaking as a gatekeeper, based on information available to the Commission.

    Where the undertaking providing core platform services complies with the request for information pursuant to the second subparagraph of this paragraph or where the information is provided after the expiration of the deadline referred to in that subparagraph, the Commission shall apply the procedure set out in paragraph 4.

    4.   The Commission shall designate as a gatekeeper, without undue delay and at the latest within 45 working days after receiving the complete information referred to in paragraph 3, an undertaking providing core platform services that meets all the thresholds in paragraph 2.

    5.   The undertaking providing core platform services may present, with its notification, sufficiently substantiated arguments to demonstrate that, exceptionally, although it meets all the thresholds in paragraph 2, due to the circumstances in which the relevant core platform service operates, it does not satisfy the requirements listed in paragraph 1.

    Where the Commission considers that the arguments submitted pursuant to the first subparagraph by the undertaking providing core platform services are not sufficiently substantiated because they do not manifestly call into question the presumptions set out in paragraph 2 of this Article, it may reject those arguments within the time limit referred to in paragraph 4, without applying the procedure laid down in Article 17(3).

    Where the undertaking providing core platform services does present such sufficiently substantiated arguments manifestly calling into question the presumptions in paragraph 2 of this Article, the Commission may, notwithstanding the first subparagraph of this paragraph, within the time limit referred to in paragraph 4 of this Article, open the procedure laid down in Article 17(3).

    If the Commission concludes that the undertaking providing core platform services was not able to demonstrate that the relevant core platform services that it provides do not satisfy the requirements of paragraph 1 of this Article, it shall designate that undertaking as a gatekeeper in accordance with the procedure laid down in Article 17(3).

    6.   The Commission is empowered to adopt delegated acts in accordance with Article 49 to supplement this Regulation by specifying the methodology for determining whether the quantitative thresholds laid down in paragraph 2 of this Article are met, and to regularly adjust that methodology to market and technological developments, where necessary.

    7.   The Commission is empowered to adopt delegated acts in accordance with Article 49 to amend this Regulation by updating the methodology and the list of indicators set out in the Annex.

    8.   The Commission shall designate as a gatekeeper, in accordance with the procedure laid down in Article 17, any undertaking providing core platform services that meets each of the requirements of paragraph 1 of this Article, but does not satisfy each of the thresholds in paragraph 2 of this Article.

    For that purpose, the Commission shall take into account some or all of the following elements, insofar as they are relevant for the undertaking providing core platform services under consideration:

    (a)

    the size, including turnover and market capitalisation, operations and position of that undertaking;

    (b)

    the number of business users using the core platform service to reach end users and the number of end users;

    (c)

    network effects and data driven advantages, in particular in relation to that undertaking’s access to, and collection of, personal data and non-personal data or analytics capabilities;

    (d)

    any scale and scope effects from which the undertaking benefits, including with regard to data, and, where relevant, to its activities outside the Union;

    (e)

    business user or end user lock-in, including switching costs and behavioural bias reducing the ability of business users and end users to switch or multi-home;

    (f)

    a conglomerate corporate structure or vertical integration of that undertaking, for instance enabling that undertaking to cross subsidise, to combine data from different sources or to leverage its position; or

    (g)

    other structural business or service characteristics.

    In carrying out its assessment under this paragraph, the Commission shall take into account foreseeable developments in relation to the elements listed in the second subparagraph, including any planned concentrations involving another undertaking providing core platform services or providing any other services in the digital sector or enabling the collection of data.

    Where an undertaking providing a core platform service that does not satisfy the quantitative thresholds of paragraph 2 fails to comply with the investigative measures ordered by the Commission in a significant manner, and that failure persists after that undertaking has been invited to comply within a reasonable time limit and to submit observations, the Commission may designate that undertaking as a gatekeeper on the basis of the facts available to the Commission.

    9.   For each undertaking designated as a gatekeeper pursuant to paragraph 4 or 8, the Commission shall list in the designation decision the relevant core platform services that are provided within that undertaking and which individually are an important gateway for business users to reach end users as referred to in paragraph 1, point (b).

    10.   The gatekeeper shall comply with the obligations laid down in Articles 5, 6 and 7 within 6 months after a core platform service has been listed in the designation decision pursuant to paragraph 9 of this Article.

    Article 4

    Review of the status of gatekeeper

    1.   The Commission may, upon request or on its own initiative, reconsider, amend or repeal at any moment a designation decision adopted pursuant to Article 3 for one of the following reasons:

    (a)

    there has been a substantial change in any of the facts on which the designation decision was based;

    (b)

    the designation decision was based on incomplete, incorrect or misleading information.

    2.   The Commission shall regularly, and at least every 3 years, review whether the gatekeepers continue to satisfy the requirements laid down in Article 3(1). That review shall also examine whether the list of core platform services of the gatekeeper which are individually an important gateway for business users to reach end users, as referred to in Article 3(1), point (b), needs to be amended. Those reviews shall have no suspending effect on the gatekeeper’s obligations.

    The Commission shall also examine at least every year whether new undertakings providing core platform services satisfy those requirements.

    Where the Commission, on the basis of the reviews pursuant to the first subparagraph, finds that the facts on which the designation of the undertakings providing core platform services as gatekeepers was based, have changed, it shall adopt a decision confirming, amending or repealing the designation decision.

    3.   The Commission shall publish and update a list of gatekeepers and the list of the core platform services for which they need to comply with the obligations laid down in Chapter III on an on-going basis.

    CHAPTER III

    PRACTICES OF GATEKEEPERS THAT LIMIT CONTESTABILITY OR ARE UNFAIR

    Article 5

    Obligations for gatekeepers

    1.   The gatekeeper shall comply with all obligations set out in this Article with respect to each of its core platform services listed in the designation decision pursuant to Article 3(9).

    2.   The gatekeeper shall not do any of the following:

    (a)

    process, for the purpose of providing online advertising services, personal data of end users using services of third parties that make use of core platform services of the gatekeeper;

    (b)

    combine personal data from the relevant core platform service with personal data from any further core platform services or from any other services provided by the gatekeeper or with personal data from third-party services;

    (c)

    cross-use personal data from the relevant core platform service in other services provided separately by the gatekeeper, including other core platform services, and vice versa; and

    (d)

    sign in end users to other services of the gatekeeper in order to combine personal data,

    unless the end user has been presented with the specific choice and has given consent within the meaning of Article 4, point (11), and Article 7 of Regulation (EU) 2016/679.

    Where the consent given for the purposes of the first subparagraph has been refused or withdrawn by the end user, the gatekeeper shall not repeat its request for consent for the same purpose more than once within a period of one year.

    This paragraph is without prejudice to the possibility for the gatekeeper to rely on Article 6(1), points (c), (d) and (e) of Regulation (EU) 2016/679, where applicable.

    3.   The gatekeeper shall not prevent business users from offering the same products or services to end users through third-party online intermediation services or through their own direct online sales channel at prices or conditions that are different from those offered through the online intermediation services of the gatekeeper.

    4.   The gatekeeper shall allow business users, free of charge, to communicate and promote offers, including under different conditions, to end users acquired via its core platform service or through other channels, and to conclude contracts with those end users, regardless of whether, for that purpose, they use the core platform services of the gatekeeper.

    5.   The gatekeeper shall allow end users to access and use, through its core platform services, content, subscriptions, features or other items, by using the software application of a business user, including where those end users acquired such items from the relevant business user without using the core platform services of the gatekeeper.

    6.   The gatekeeper shall not directly or indirectly prevent or restrict business users or end users from raising any issue of non-compliance with the relevant Union or national law by the gatekeeper with any relevant public authority, including national courts, related to any practice of the gatekeeper. This is without prejudice to the right of business users and gatekeepers to lay down in their agreements the terms of use of lawful complaints-handling mechanisms.

    7.   The gatekeeper shall not require end users to use, or business users to use, to offer, or to interoperate with, an identification service, a web browser engine or a payment service, or technical services that support the provision of payment services, such as payment systems for in-app purchases, of that gatekeeper in the context of services provided by the business users using that gatekeeper’s core platform services.

    8.   The gatekeeper shall not require business users or end users to subscribe to, or register with, any further core platform services listed in the designation decision pursuant to Article 3(9) or which meet the thresholds in Article 3(2), point (b), as a condition for being able to use, access, sign up for or registering with any of that gatekeeper’s core platform services listed pursuant to that Article.

    9.   The gatekeeper shall provide each advertiser to which it supplies online advertising services, or third parties authorised by advertisers, upon the advertiser’s request, with information on a daily basis free of charge, concerning each advertisement placed by the advertiser, regarding:

    (a)

    the price and fees paid by that advertiser, including any deductions and surcharges, for each of the relevant online advertising services provided by the gatekeeper,

    (b)

    the remuneration received by the publisher, including any deductions and surcharges, subject to the publisher’s consent; and

    (c)

    the metrics on which each of the prices, fees and remunerations are calculated.

    In the event that a publisher does not consent to the sharing of information regarding the remuneration received, as referred to in point (b) of the first subparagraph, the gatekeeper shall provide each advertiser free of charge with information concerning the daily average remuneration received by that publisher, including any deductions and surcharges, for the relevant advertisements.

    10.   The gatekeeper shall provide each publisher to which it supplies online advertising services, or third parties authorised by publishers, upon the publisher’s request, with free of charge information on a daily basis, concerning each advertisement displayed on the publisher’s inventory, regarding:

    (a)

    the remuneration received and the fees paid by that publisher, including any deductions and surcharges, for each of the relevant online advertising services provided by the gatekeeper;

    (b)

    the price paid by the advertiser, including any deductions and surcharges, subject to the advertiser’s consent; and

    (c)

    the metrics on which each of the prices and remunerations are calculated.

    In the event an advertiser does not consent to the sharing of information, the gatekeeper shall provide each publisher free of charge with information concerning the daily average price paid by that advertiser, including any deductions and surcharges, for the relevant advertisements.

    Article 6

    Obligations for gatekeepers susceptible of being further specified under Article 8

    1.   The Gatekeeper shall comply with all obligations set out in this Article with respect to each of its core platform services listed in the designation decision pursuant to Article 3(9).

    2.   The gatekeeper shall not use, in competition with business users, any data that is not publicly available that is generated or provided by those business users in the context of their use of the relevant core platform services or of the services provided together with, or in support of, the relevant core platform services, including data generated or provided by the customers of those business users.

    For the purposes of the first subparagraph, the data that is not publicly available shall include any aggregated and non-aggregated data generated by business users that can be inferred from, or collected through, the commercial activities of business users or their customers, including click, search, view and voice data, on the relevant core platform services or on services provided together with, or in support of, the relevant core platform services of the gatekeeper.

    3.   The gatekeeper shall allow and technically enable end users to easily un-install any software applications on the operating system of the gatekeeper, without prejudice to the possibility for that gatekeeper to restrict such un-installation in relation to software applications that are essential for the functioning of the operating system or of the device and which cannot technically be offered on a standalone basis by third parties.

    The gatekeeper shall allow and technically enable end users to easily change default settings on the operating system, virtual assistant and web browser of the gatekeeper that direct or steer end users to products or services provided by the gatekeeper. That includes prompting end users, at the moment of the end users’ first use of an online search engine, virtual assistant or web browser of the gatekeeper listed in the designation decision pursuant to Article 3(9), to choose, from a list of the main available service providers, the online search engine, virtual assistant or web browser to which the operating system of the gatekeeper directs or steers users by default, and the online search engine to which the virtual assistant and the web browser of the gatekeeper directs or steers users by default.

    4.   The gatekeeper shall allow and technically enable the installation and effective use of third-party software applications or software application stores using, or interoperating with, its operating system and allow those software applications or software application stores to be accessed by means other than the relevant core platform services of that gatekeeper. The gatekeeper shall, where applicable, not prevent the downloaded third-party software applications or software application stores from prompting end users to decide whether they want to set that downloaded software application or software application store as their default. The gatekeeper shall technically enable end users who decide to set that downloaded software application or software application store as their default to carry out that change easily.

    The gatekeeper shall not be prevented from taking, to the extent that they are strictly necessary and proportionate, measures to ensure that third-party software applications or software application stores do not endanger the integrity of the hardware or operating system provided by the gatekeeper, provided that such measures are duly justified by the gatekeeper.

    Furthermore, the gatekeeper shall not be prevented from applying, to the extent that they are strictly necessary and proportionate, measures and settings other than default settings, enabling end users to effectively protect security in relation to third-party software applications or software application stores, provided that such measures and settings other than default settings are duly justified by the gatekeeper.

    5.   The gatekeeper shall not treat more favourably, in ranking and related indexing and crawling, services and products offered by the gatekeeper itself than similar services or products of a third party. The gatekeeper shall apply transparent, fair and non-discriminatory conditions to such ranking.

    6.   The gatekeeper shall not restrict technically or otherwise the ability of end users to switch between, and subscribe to, different software applications and services that are accessed using the core platform services of the gatekeeper, including as regards the choice of Internet access services for end users.

    7.   The gatekeeper shall allow providers of services and providers of hardware, free of charge, effective interoperability with, and access for the purposes of interoperability to, the same hardware and software features accessed or controlled via the operating system or virtual assistant listed in the designation decision pursuant to Article 3(9) as are available to services or hardware provided by the gatekeeper. Furthermore, the gatekeeper shall allow business users and alternative providers of services provided together with, or in support of, core platform services, free of charge, effective interoperability with, and access for the purposes of interoperability to, the same operating system, hardware or software features, regardless of whether those features are part of the operating system, as are available to, or used by, that gatekeeper when providing such services.

    The gatekeeper shall not be prevented from taking strictly necessary and proportionate measures to ensure that interoperability does not compromise the integrity of the operating system, virtual assistant, hardware or software features provided by the gatekeeper, provided that such measures are duly justified by the gatekeeper.

    8.   The gatekeeper shall provide advertisers and publishers, as well as third parties authorised by advertisers and publishers, upon their request and free of charge, with access to the performance measuring tools of the gatekeeper and the data necessary for advertisers and publishers to carry out their own independent verification of the advertisements inventory, including aggregated and non-aggregated data. Such data shall be provided in a manner that enables advertisers and publishers to run their own verification and measurement tools to assess the performance of the core platform services provided for by the gatekeepers.

    9.   The gatekeeper shall provide end users and third parties authorised by an end user, at their request and free of charge, with effective portability of data provided by the end user or generated through the activity of the end user in the context of the use of the relevant core platform service, including by providing, free of charge, tools to facilitate the effective exercise of such data portability, and including by the provision of continuous and real-time access to such data.

    10.   The gatekeeper shall provide business users and third parties authorised by a business user, at their request, free of charge, with effective, high-quality, continuous and real-time access to, and use of, aggregated and non-aggregated data, including personal data, that is provided for or generated in the context of the use of the relevant core platform services or services provided together with, or in support of, the relevant core platform services by those business users and the end users engaging with the products or services provided by those business users. With regard to personal data, the gatekeeper shall provide for such access to, and use of, personal data only where the data are directly connected with the use effectuated by the end users in respect of the products or services offered by the relevant business user through the relevant core platform service, and when the end users opt in to such sharing by giving their consent.

    11.   The gatekeeper shall provide to any third-party undertaking providing online search engines, at its request, with access on fair, reasonable and non-discriminatory terms to ranking, query, click and view data in relation to free and paid search generated by end users on its online search engines. Any such query, click and view data that constitutes personal data shall be anonymised.

    12.   The gatekeeper shall apply fair, reasonable, and non-discriminatory general conditions of access for business users to its software application stores, online search engines and online social networking services listed in the designation decision pursuant to Article 3(9).

    For that purpose, the gatekeeper shall publish general conditions of access, including an alternative dispute settlement mechanism.

    The Commission shall assess whether the published general conditions of access comply with this paragraph.

    13.   The gatekeeper shall not have general conditions for terminating the provision of a core platform service that are disproportionate. The gatekeeper shall ensure that the conditions of termination can be exercised without undue difficulty.

    Article 7

    Obligation for gatekeepers on interoperability of number-independent interpersonal communications services

    1.   Where a gatekeeper provides number-independent interpersonal communications services that are listed in the designation decision pursuant to Article 3(9), it shall make the basic functionalities of its number-independent interpersonal communications services interoperable with the number-independent interpersonal communications services of another provider offering or intending to offer such services in the Union, by providing the necessary technical interfaces or similar solutions that facilitate interoperability, upon request, and free of charge.

    2.   The gatekeeper shall make at least the following basic functionalities referred to in paragraph 1 interoperable where the gatekeeper itself provides those functionalities to its own end users:

    (a)

    following the listing in the designation decision pursuant to Article 3(9):

    (i)

    end-to-end text messaging between two individual end users;

    (ii)

    sharing of images, voice messages, videos and other attached files in end to end communication between two individual end users;

    (b)

    within 2 years from the designation:

    (i)

    end-to-end text messaging within groups of individual end users;

    (ii)

    sharing of images, voice messages, videos and other attached files in end-to-end communication between a group chat and an individual end user;

    (c)

    within 4 years from the designation:

    (i)

    end-to-end voice calls between two individual end users;

    (ii)

    end-to-end video calls between two individual end users;

    (iii)

    end-to-end voice calls between a group chat and an individual end user;

    (iv)

    end-to-end video calls between a group chat and an individual end user.

    3.   The level of security, including the end-to-end encryption, where applicable, that the gatekeeper provides to its own end users shall be preserved across the interoperable services.

    4.   The gatekeeper shall publish a reference offer laying down the technical details and general terms and conditions of interoperability with its number-independent interpersonal communications services, including the necessary details on the level of security and end-to-end encryption. The gatekeeper shall publish that reference offer within the period laid down in Article 3(10) and update it where necessary.

    5.   Following the publication of the reference offer pursuant to paragraph 4, any provider of number-independent interpersonal communications services offering or intending to offer such services in the Union may request interoperability with the number-independent interpersonal communications services provided by the gatekeeper. Such a request may cover some or all of the basic functionalities listed in paragraph 2. The gatekeeper shall comply with any reasonable request for interoperability within 3 months after receiving that request by rendering the requested basic functionalities operational.

    6.   The Commission may, exceptionally, upon a reasoned request by the gatekeeper, extend the time limits for compliance under paragraph 2 or 5 where the gatekeeper demonstrates that this is necessary to ensure effective interoperability and to maintain the necessary level of security, including end-to-end encryption, where applicable.

    7.   The end users of the number-independent interpersonal communications services of the gatekeeper and of the requesting provider of number-independent interpersonal communications services shall remain free to decide whether to make use of the interoperable basic functionalities that may be provided by the gatekeeper pursuant to paragraph 1.

    8.   The gatekeeper shall collect and exchange with the provider of number-independent interpersonal communications services that makes a request for interoperability only the personal data of end users that is strictly necessary to provide effective interoperability. Any such collection and exchange of the personal data of end users shall fully comply with Regulation (EU) 2016/679 and Directive 2002/58/EC.

    9.   The gatekeeper shall not be prevented from taking measures to ensure that third-party providers of number-independent interpersonal communications services requesting interoperability do not endanger the integrity, security and privacy of its services, provided that such measures are strictly necessary and proportionate and are duly justified by the gatekeeper.

    Article 8

    Compliance with obligations for gatekeepers

    1.   The gatekeeper shall ensure and demonstrate compliance with the obligations laid down in Articles 5, 6 and 7 of this Regulation. The measures implemented by the gatekeeper to ensure compliance with those Articles shall be effective in achieving the objectives of this Regulation and of the relevant obligation. The gatekeeper shall ensure that the implementation of those measures complies with applicable law, in particular Regulation (EU) 2016/679, Directive 2002/58/EC, legislation on cyber security, consumer protection, product safety, as well as with the accessibility requirements.

    2.   The Commission may, on its own initiative or at the request of a gatekeeper pursuant to paragraph 3 of this Article, open proceedings pursuant to Article 20.

    The Commission may adopt an implementing act, specifying the measures that the gatekeeper concerned is to implement in order to effectively comply with the obligations laid down in Articles 6 and 7. That implementing act shall be adopted within 6 months from the opening of proceedings pursuant to Article 20 in accordance with the advisory procedure referred to in Article 50(2).

    When opening proceedings on its own initiative for circumvention pursuant to Article 13, such measures may concern the obligations laid down in Articles 5, 6 and 7.

    3.   A gatekeeper may request the Commission to engage in a process to determine whether the measures that that gatekeeper intends to implement or has implemented to ensure compliance with Articles 6 and 7 are effective in achieving the objective of the relevant obligation in the specific circumstances of the gatekeeper. The Commission shall have discretion in deciding whether to engage in such a process, respecting the principles of equal treatment, proportionality and good administration.

    In its request, the gatekeeper shall provide a reasoned submission to explain the measures that it intends to implement or has implemented. The gatekeeper shall furthermore provide a non-confidential version of its reasoned submission that may be shared with third parties pursuant to paragraph 6.

    4.   Paragraphs 2 and 3 of this Article are without prejudice to the powers of the Commission under Articles 29, 30 and 31.

    5.   With a view of adopting the decision under paragraph 2, the Commission shall communicate its preliminary findings to the gatekeeper within 3 months from the opening of the proceedings under Article 20. In the preliminary findings, the Commission shall explain the measures that it is considering taking or that it considers the gatekeeper concerned should take in order to effectively address the preliminary findings.

    6.   In order to effectively enable interested third parties to provide comments, the Commission shall, when communicating its preliminary findings to the gatekeeper pursuant to paragraph 5 or as soon as possible thereafter, publish a non-confidential summary of the case and the measures that it is considering taking or that it considers the gatekeeper concerned should take. The Commission shall specify a reasonable timeframe within which such comments are to be provided.

    7.   In specifying the measures under paragraph 2, the Commission shall ensure that the measures are effective in achieving the objectives of this Regulation and the relevant obligation, and proportionate in the specific circumstances of the gatekeeper and the relevant service.

    8.   For the purposes of specifying the obligations under Article 6(11) and (12), the Commission shall also assess whether the intended or implemented measures ensure that there is no remaining imbalance of rights and obligations on business users and that the measures do not themselves confer an advantage on the gatekeeper which is disproportionate to the service provided by the gatekeeper to business users.

    9.   In respect of proceedings pursuant to paragraph 2, the Commission may, upon request or on its own initiative, decide to reopen them where:

    (a)

    there has been a material change in any of the facts on which the decision was based; or

    (b)

    the decision was based on incomplete, incorrect or misleading information; or

    (c)

    the measures as specified in the decision are not effective.

    Article 9

    Suspension

    1.   Where the gatekeeper demonstrates in a reasoned request that compliance with a specific obligation laid down in Article 5, 6 or 7 for a core platform service listed in the designation decision pursuant to Article 3(9) would endanger, due to exceptional circumstances beyond the gatekeeper’s control, the economic viability of its operation in the Union, the Commission may adopt an implementing act setting out its decision to exceptionally suspend, in whole or in part, the specific obligation referred to in that reasoned request (‘the suspension decision’). In that implementing act, the Commission shall substantiate its suspension decision by identifying the exceptional circumstances justifying the suspension. That implementing act shall be limited to the extent and the duration necessary to address such threat to the gatekeeper’s viability. The Commission shall aim to adopt that implementing act without delay and at the latest 3 months following receipt of a complete reasoned request. That implementing act shall be adopted in accordance with the advisory procedure referred to in Article 50(2).

    2.   Where suspension is granted pursuant to paragraph 1, the Commission shall review its suspension decision every year, unless a shorter interval is specified in that decision. Following such a review the Commission shall either wholly or partly lift the suspension, or decide that the conditions in paragraph 1 continue to be met.

    3.   In cases of urgency, the Commission may, acting on a reasoned request by a gatekeeper, provisionally suspend the application of a specific obligation referred to in paragraph 1 to one or more individual core platform services already prior to the decision pursuant to that paragraph. Such a request may be made and granted at any time pending the assessment of the Commission pursuant to paragraph 1.

    4.   In assessing the request referred to in paragraphs 1 and 3, the Commission shall take into account, in particular, the impact of the compliance with the specific obligation on the economic viability of the operation of the gatekeeper in the Union as well as on third parties, in particular SMEs and consumers. The suspension may be made subject to conditions and obligations to be defined by the Commission in order to ensure a fair balance between those interests and the objectives of this Regulation.

    Article 10

    Exemption for grounds of public health and public security

    1.   The Commission may, acting on a reasoned request by a gatekeeper or on its own initiative, adopt an implementing act setting out its decision, to exempt that gatekeeper, in whole or in part, from a specific obligation laid down in Article 5, 6 or 7 in relation to a core platform service listed in the designation decision pursuant to Article 3(9), where such exemption is justified on the grounds set out in paragraph 3 of this Article (‘the exemption decision’). The Commission shall adopt the exemption decision within 3 months after receiving a complete reasoned request and shall provide a reasoned statement explaining the grounds for the exemption. That implementing act shall be adopted in accordance with the advisory procedure referred to in Article 50(2).

    2.   Where an exemption is granted pursuant to paragraph 1, the Commission shall review its exemption decision if the ground for the exemption no longer exists or at least every year. Following such a review, the Commission shall either wholly or partially lift the exemption, or decide that the conditions of paragraph 1 continue to be met.

    3.   An exemption pursuant to paragraph 1 may only be granted on grounds of public health or public security.

    4.   In cases of urgency, the Commission may, acting on a reasoned request by a gatekeeper or on its own initiative, provisionally suspend the application of a specific obligation referred to in paragraph 1 to one or more individual core platform services already prior to the decision pursuant to that paragraph. Such a request may be made and granted at any time pending the assessment of the Commission pursuant to paragraph 1.

    5.   In assessing the request referred to in paragraphs 1 and 4, the Commission shall take into account, in particular, the impact of the compliance with the specific obligation on the grounds in paragraph 3, as well as the effects on the gatekeeper concerned and on third parties. The Commission may subject the suspension to conditions and obligations in order to ensure a fair balance between the goals pursued by the grounds in paragraph 3 and the objectives of this Regulation.

    Article 11

    Reporting

    1.   Within 6 months after its designation pursuant to Article 3, and in accordance with Article 3(10), the gatekeeper shall provide the Commission with a report describing in a detailed and transparent manner the measures it has implemented to ensure compliance with the obligations laid down in Articles 5, 6 and 7.

    2.   Within the deadline referred to in paragraph 1, the gatekeeper shall publish and provide the Commission with a non-confidential summary of that report.

    The gatekeeper shall update that report and that non-confidential summary at least annually.

    The Commission shall make a link to that non-confidential summary available on its website.

    Article 12

    Updating obligations for gatekeepers

    1.   The Commission is empowered to adopt delegated acts in accordance with Article 49 to supplement this Regulation with regard to the obligations laid down in Articles 5 and 6. Those delegated acts shall be based on a market investigation pursuant to Article 19 that has identified the need to keep those obligations up to date in order to address practices that limit the contestability of core platform services or that are unfair in the same way as the practices addressed by the obligations laid down in Articles 5 and 6.

    2.   The scope of a delegated act adopted in accordance with paragraph 1 shall be limited to:

    (a)

    extending an obligation that applies only in relation to certain core platform services, to other core platform services listed in Article 2, point (2);

    (b)

    extending an obligation that benefits certain business users or end users so that it benefits other business users or end users;

    (c)

    specifying the manner in which the obligations laid down in Articles 5 and 6 are to be performed by gatekeepers in order to ensure effective compliance with those obligations;

    (d)

    extending an obligation that applies only in relation to certain services provided together with, or in support of, core platform services to other services provided together with, or in support of, core platform services;

    (e)

    extending an obligation that applies only in relation to certain types of data to apply in relation to other types of data;

    (f)

    adding further conditions where an obligation imposes certain conditions on the behaviour of a gatekeeper; or

    (g)

    applying an obligation that governs the relationship between several core platform services of the gatekeeper to the relationship between a core platform service and other services of the gatekeeper.

    3.   The Commission is empowered to adopt delegated acts in accordance with Article 49 to amend this Regulation with regard to the list of basic functionalities identified in Article 7(2), by adding or removing functionalities of number-independent interpersonal communications services.

    Those delegated acts shall be based on a market investigation pursuant to Article 19 that has identified the need to keep those obligations up to date in order to address practices that limit the contestability of core platform services or that are unfair in the same way as the practices addressed by the obligations laid down in Article 7.

    4.   The Commission is empowered to adopt delegated acts in accordance with Article 49 to supplement this Regulation in respect of the obligations in Article 7 by specifying the manner in which those obligations are to be performed in order to ensure effective compliance with those obligations. Those delegated acts shall be based on a market investigation pursuant to Article 19, which has identified the need to keep those obligations up to date in order to address practices that limit the contestability of core platform services or that are unfair in the same way as the practices addressed by the obligations laid down in Article 7.

    5.   A practice as referred to in paragraphs 1, 3 and 4 shall be considered to limit the contestability of core platform services or to be unfair where:

    (a)

    that practice is engaged in by gatekeepers and is capable of impeding innovation and limiting choice for business users and end users because it:

    (i)

    affects or risks affecting the contestability of a core platform service or other services in the digital sector on a lasting basis due to the creation or strengthening of barriers to entry for other undertakings or to expand as providers of a core platform service or other services in the digital sector; or

    (ii)

    prevents other operators from having the same access to a key input as the gatekeeper; or

    (b)

    there is an imbalance between the rights and obligations of business users and the gatekeeper obtains an advantage from business users that is disproportionate to the service provided by that gatekeeper to those business users.

    Article 13

    Anti-circumvention

    1.   An undertaking providing core platform services shall not segment, divide, subdivide, fragment or split those services through contractual, commercial, technical or any other means in order to circumvent the quantitative thresholds laid down in Article 3(2). No such practice of an undertaking shall prevent the Commission from designating it as a gatekeeper pursuant to Article 3(4).

    2.   The Commission may, when it suspects that an undertaking providing core platform services is engaged in a practice laid down in paragraph 1, require from that undertaking any information that it deems necessary to determine whether that undertaking has engaged in such a practice.

    3.   The gatekeeper shall ensure that the obligations of Articles 5, 6 and 7 are fully and effectively complied with.

    4.   The gatekeeper shall not engage in any behaviour that undermines effective compliance with the obligations of Articles 5, 6 and 7 regardless of whether that behaviour is of a contractual, commercial or technical nature, or of any other nature, or consists in the use of behavioural techniques or interface design.

    5.   Where consent for collecting, processing, cross-using and sharing of personal data is required to ensure compliance with this Regulation, a gatekeeper shall take the necessary steps either to enable business users to directly obtain the required consent to their processing, where that consent is required under Regulation (EU) 2016/679 or Directive 2002/58/EC, or to comply with Union data protection and privacy rules and principles in other ways, including by providing business users with duly anonymised data where appropriate. The gatekeeper shall not make the obtaining of that consent by the business user more burdensome than for its own services.

    6.   The gatekeeper shall not degrade the conditions or quality of any of the core platform services provided to business users or end users who avail themselves of the rights or choices laid down in Articles 5, 6 and 7, or make the exercise of those rights or choices unduly difficult, including by offering choices to the end-user in a non-neutral manner, or by subverting end users’ or business users' autonomy, decision-making, or free choice via the structure, design, function or manner of operation of a user interface or a part thereof.

    7.   Where the gatekeeper circumvents or attempts to circumvent any of the obligations in Article 5, 6, or 7 in a manner described in paragraphs 4, 5 and 6 of this Article, the Commission may open proceedings pursuant to Article 20 and adopt an implementing act referred to in Article 8(2) in order to specify the measures that the gatekeeper is to implement.

    8.   Paragraph 6 of this Article is without prejudice to the powers of the Commission under Articles 29, 30 and 31.

    Article 14

    Obligation to inform about concentrations

    1.   A gatekeeper shall inform the Commission of any intended concentration within the meaning of Article 3 of Regulation (EC) No 139/2004, where the merging entities or the target of concentration provide core platform services or any other services in the digital sector or enable the collection of data, irrespective of whether it is notifiable to the Commission under that Regulation or to a competent national competition authority under national merger rules.

    A gatekeeper shall inform the Commission of such a concentration prior to its implementation and following the conclusion of the agreement, the announcement of the public bid, or the acquisition of a controlling interest.

    2.   The information provided by the gatekeeper pursuant to paragraph 1 shall at least describe the undertakings concerned by the concentration, their Union and worldwide annual turnovers, their fields of activity, including activities directly related to the concentration, and the transaction value of the agreement or an estimation thereof, along with a summary of the concentration, including its nature and rationale and a list of the Member States concerned by the concentration.

    The information provided by the gatekeeper shall also describe, for any relevant core platform services, their Union annual turnovers, their numbers of yearly active business users and their numbers of monthly active end users, respectively.

    3.   If, following any concentration referred to in paragraph 1 of this Article, additional core platform services individually meet the thresholds in Article 3(2), point (b), the gatekeeper concerned shall inform the Commission thereof within 2 months from the implementation of the concentration and provide the Commission with the information referred to in Article 3(2).

    4.   The Commission shall inform the competent authorities of the Member States of any information received pursuant to paragraph 1 and publish annually the list of acquisitions of which it has been informed by gatekeepers pursuant to that paragraph.

    The Commission shall take account of the legitimate interest of undertakings in the protection of their business secrets.

    5.   The competent authorities of the Member States may use the information received under paragraph 1 of this Article to request the Commission to examine the concentration pursuant to Article 22 of Regulation (EC) No 139/2004.

    Article 15

    Obligation of an audit

    1.   Within 6 months after its designation pursuant to Article 3, a gatekeeper shall submit to the Commission an independently audited description of any techniques for profiling of consumers that the gatekeeper applies to or across its core platform services listed in the designation decision pursuant to Article 3(9). The Commission shall transmit that audited description to the European Data Protection Board.

    2.   The Commission may adopt an implementing act referred to in Article 46(1), point (g), to develop the methodology and procedure of the audit.

    3.   The gatekeeper shall make publicly available an overview of the audited description referred to in paragraph 1. In doing so, the gatekeeper shall be entitled to take account of the need to respect its business secrets. The gatekeeper shall update that description and that overview at least annually.

    CHAPTER IV

    MARKET INVESTIGATION

    Article 16

    Opening of a market investigation

    1.   When the Commission intends to carry out a market investigation with a view to the possible adoption of decisions pursuant to Articles 17, 18 and 19 it shall adopt a decision opening a market investigation.

    2.   Notwithstanding paragraph 1, the Commission may exercise its investigative powers under this Regulation before opening a market investigation pursuant to that paragraph.

    3.   The decision referred to in paragraph 1 shall specify:

    (a)

    the date of opening of the market investigation;

    (b)

    the description of the issue to which the market investigation relates to;

    (c)

    the purpose of the market investigation.

    4.   The Commission may reopen a market investigation that it has closed where:

    (a)

    there has been a material change in any of the facts on which a decision adopted pursuant to Article 17, 18 or 19 was based; or

    (b)

    the decision adopted pursuant to Article 17, 18 or 19 was based on incomplete, incorrect or misleading information.

    5.   The Commission may ask one or more national competent authorities to assist it in its market investigation.

    Article 17

    Market investigation for designating gatekeepers

    1.   The Commission may conduct a market investigation for the purpose of examining whether an undertaking providing core platform services should be designated as a gatekeeper pursuant to Article 3(8), or in order to identify the core platform services to be listed in the designation decision pursuant to Article 3(9). The Commission shall endeavour to conclude its market investigation within 12 months from the date referred to in Article 16(3), point (a), In order to conclude its market investigation, the Commission shall adopt an implementing act setting out its decision. That implementing act shall be adopted in accordance with the advisory procedure referred to in Article 50(2).

    2.   In the course of a market investigation pursuant to paragraph 1 of this Article, the Commission shall endeavour to communicate its preliminary findings to the undertaking providing core platform services concerned within 6 months from the date referred to in Article 16(3), point (a). In the preliminary findings, the Commission shall explain whether it considers, on a provisional basis, that it is appropriate for that undertaking to be designated as a gatekeeper pursuant to Article 3(8), and for the relevant core platform services to be listed pursuant to Article 3(9).

    3.   Where the undertaking providing core platform services satisfies the thresholds set out in Article 3(2), but has presented sufficiently substantiated arguments in accordance with Article 3(5) that have manifestly called into question the presumption in Article 3(2), the Commission shall endeavour to conclude the market investigation within 5 months from the date referred to in Article 16(3), point (a).

    In such a case, the Commission shall endeavour to communicate its preliminary findings pursuant to paragraph 2 of this Article to the undertaking concerned within 3 months from the date referred to in Article 16(3), point (a).

    4.   When the Commission, pursuant to Article 3(8), designates as a gatekeeper an undertaking providing core platform services that does not yet enjoy an entrenched and durable position in its operations, but which will foreseeably enjoy such a position in the near future, it may declare applicable to that gatekeeper only one or more of the obligations laid down in Article 5(3) to (6) and Article 6(4), (7), (9), (10) and (13), as specified in the designation decision. The Commission shall only declare applicable those obligations that are appropriate and necessary to prevent the gatekeeper concerned from achieving, by unfair means, an entrenched and durable position in its operations. The Commission shall review such a designation in accordance with the procedure laid down in Article 4.

    Article 18

    Market investigation into systematic non-compliance

    1.   The Commission may conduct a market investigation for the purpose of examining whether a gatekeeper has engaged in systematic non-compliance. The Commission shall conclude that market investigation within 12 months from the date referred to in Article 16(3), point (a). Where the market investigation shows that a gatekeeper has systematically infringed one or more of the obligations laid down in Article 5, 6 or 7 and has maintained, strengthened or extended its gatekeeper position in relation to the requirements set out in Article 3(1), the Commission may adopt an implementing act imposing on such gatekeeper any behavioural or structural remedies which are proportionate and necessary to ensure effective compliance with this Regulation. That implementing act shall be adopted in accordance with the advisory procedure referred to in Article 50(2).

    2.   The remedy imposed in accordance with paragraph 1 of this Article may include, to the extent that such remedy is proportionate and necessary in order to maintain or restore fairness and contestability as affected by the systematic non-compliance, the prohibition, during a limited period, for the gatekeeper to enter into a concentration within the meaning of Article 3 of Regulation (EC) No 139/2004 regarding the core platform services or the other services provided in the digital sector or enabling the collection of data that are affected by the systematic non-compliance.

    3.   A gatekeeper shall be deemed to have engaged in systematic non-compliance with the obligations laid down in Articles 5, 6 and 7, where the Commission has issued at least three non-compliance decisions pursuant to Article 29 against a gatekeeper in relation to any of its core platform services within a period of 8 years prior to the adoption of the decision opening a market investigation in view of the possible adoption of a decision pursuant to this Article.

    4.   The Commission shall communicate its preliminary findings to the gatekeeper concerned within 6 months from the date referred to in Article 16(3), point (a). In its preliminary findings, the Commission shall explain whether it preliminarily considers that the conditions of paragraph 1 of this Article are met and which remedy or remedies it preliminarily considers necessary and proportionate.

    5.   In order to enable interested third parties to effectively provide comments, the Commission shall, at the same time as communicating its preliminary findings to the gatekeeper pursuant to paragraph 4 or as soon as possible thereafter, publish a non-confidential summary of the case and the remedies that it is considering imposing. The Commission shall specify a reasonable timeframe within which such comments are to be provided.

    6.   Where the Commission intends to adopt a decision pursuant to paragraph 1 of this Article by making commitments offered by the gatekeeper pursuant to Article 25 binding, it shall publish a non-confidential summary of the case and the main content of the commitments. Interested third parties may submit their comments within a reasonable timeframe which shall be set by the Commission.

    7.   In the course of the market investigation, the Commission may extend its duration where such extension is justified on objective grounds and proportionate. The extension may apply to the deadline by which the Commission has to issue its preliminary findings, or to the deadline for adoption of the final decision. The total duration of any extension or extensions pursuant to this paragraph shall not exceed 6 months.

    8.   In order to ensure effective compliance by the gatekeeper with its obligations laid down in Articles 5, 6 and 7, the Commission shall regularly review the remedies that it imposes in accordance with paragraphs 1 and 2 of this Article. The Commission shall be entitled to modify those remedies if, following a new market investigation, it finds that they are not effective.

    Article 19

    Market investigation into new services and new practices

    1.   The Commission may conduct a market investigation for the purpose of examining whether one or more services within the digital sector should be added to the list of core platform services laid down in Article 2, point (2) or for the purpose of detecting practices that limit the contestability of core platform services or that are unfair and which are not effectively addressed by this Regulation. In its assessment, the Commission shall take into account any relevant findings of proceedings under Articles 101 and 102 TFEU concerning digital markets as well as any other relevant developments.

    2.   The Commission may, when conducting a market investigation pursuant to paragraph 1, consult third parties, including business users and end users of services within the digital sector that are being investigated and business users and end users who are subject to practices under investigation.

    3.   The Commission shall publish its findings in a report within 18 months from the date referred to in Article 16(3), point (a).

    That report shall be submitted to the European Parliament and to the Council and, where appropriate, shall be accompanied by:

    (a)

    a legislative proposal to amend this Regulation in order to include additional services within the digital sector in the list of core platform services laid down in Article 2, point (2), or to include new obligations in Chapter III; or

    (b)

    a draft delegated act supplementing this Regulation with regard to the obligations laid down in Articles 5 and 6, or a draft delegated act amending or supplementing this Regulation with regard to the obligations laid down in Article 7, as provided for in Article 12.

    Where appropriate, the legislative proposal to amend this Regulation under point (a) of the second subparagraph may also propose to remove existing services from the list of core platform services laid down in Article 2, point (2), or to remove existing obligations from Article 5, 6 or 7.

    CHAPTER V

    INVESTIGATIVE, ENFORCEMENT AND MONITORING POWERS

    Article 20

    Opening of proceedings

    1.   Where the Commission intends to open proceedings with a view to the possible adoption of decisions pursuant to Articles 8, 29 and 30, it shall adopt a decision opening a proceeding.

    2.   Notwithstanding paragraph 1, the Commission may exercise its investigative powers under this Regulation before opening proceedings pursuant to that paragraph.

    Article 21

    Requests for information

    1.   In order to carry out its duties under this Regulation, the Commission may, by simple request or by decision, require from undertakings and associations of undertakings to provide all necessary information. The Commission may also, by simple request or by decision, require access to any data and algorithms of undertakings and information about testing, as well as requesting explanations of them.

    2.   When sending a simple request for information to an undertaking or association of undertakings, the Commission shall state the legal basis and purpose of the request, specify what information is required and fix the time limit within which the information is to be provided, as well as the fines provided for in Article 30 applicable for supplying incomplete, incorrect or misleading information or explanations.

    3.   Where the Commission requires undertakings and associations of undertakings to supply information by decision, it shall state the legal basis and purpose of the request, specify what information is required and fix the time limit within which the information is to be provided. Where the Commission requires undertakings to provide access to any data, algorithms and information about testing, it shall state the purpose of the request and fix the time -limit within which it is to be provided. It shall also indicate the fines provided for in Article 30 and indicate or impose the periodic penalty payments provided for in Article 31. It shall further indicate the right to have the decision reviewed by the Court of Justice.

    4.   The undertakings or associations of undertakings or their representatives shall supply the information requested on behalf of the undertaking or the association of undertakings concerned. Lawyers duly authorised to act may supply the information on behalf of their clients. The latter shall remain fully responsible if the information supplied is incomplete, incorrect or misleading.

    5.   At the request of the Commission, the competent authorities of the Member States shall provide the Commission with all necessary information in their possession to carry out the duties assigned to it by this Regulation.

    Article 22

    Power to carry out interviews and take statements

    1.   In order to carry out its duties under this Regulation, the Commission may interview any natural or legal person which consents to being interviewed, for the purpose of collecting information, relating to the subject-matter of an investigation. The Commission shall be entitled to record such interviews by any technical means.

    2.   Where an interview pursuant to paragraph 1 of this Article is conducted on the premises of an undertaking, the Commission shall inform the national competent authority of the Member State that is enforcing the rules referred to in Article 1(6) and in whose territory the interview takes place thereof. If that authority so requests, its officials may assist the officials and other accompanying persons authorised by the Commission to conduct the interview.

    Article 23

    Powers to conduct inspections

    1.   In order to carry out its duties under this Regulation, the Commission may conduct all necessary inspections of an undertaking or association of undertakings.

    2.   The officials and other accompanying persons authorised by the Commission to conduct an inspection are empowered to:

    (a)

    enter any premises, land and means of transport of undertakings and associations of undertakings;

    (b)

    examine the books and other records related to the business, irrespective of the medium on which they are stored;

    (c)

    take or obtain in any form copies of or extracts from such books or records;

    (d)

    require the undertaking or association of undertakings to provide access to and explanations on its organisation, functioning, IT system, algorithms, data-handling and business practices and to record or document the explanations given by any technical means;

    (e)

    seal any business premises and books or records for the duration of, and to the extent necessary for, the inspection;

    (f)

    ask any representative or member of staff of the undertaking or association of undertakings for explanations of facts or documents relating to the subject-matter and purpose of the inspection, and to record the answers by any technical means.

    3.   To carry out inspections, the Commission may request the assistance of auditors or experts appointed by the Commission pursuant to Article 26(2), as well as the assistance of the national competent authority of the Member State, enforcing the rules referred to in Article 1(6) in whose territory the inspection is to be conducted.

    4.   During inspections the Commission, auditors or experts appointed by it and the national competent authority of the Member State, enforcing the rules referred to in Article 1(6) in whose territory the inspection is to be conducted may require the undertaking or association of undertakings to provide access to and explanations on its organisation, functioning, IT system, algorithms, data-handling and business conducts. The Commission and auditors or experts appointed by it and the national competent authority of the Member State, enforcing the rules referred to in Article 1(6) in whose territory the inspection is to be conducted may address questions to any representative or member of staff.

    5.   The officials and other accompanying persons authorised by the Commission to conduct an inspection shall exercise their powers upon production of a written authorisation specifying the subject matter and purpose of the inspection and the fines provided for in Article 30 applicable in the event that the production of the required books or other records related to the business is incomplete or where the answers to questions asked under paragraphs 2 and 4 of this Article are incorrect or misleading. In good time before the inspection, the Commission shall give notice of the inspection to the national competent authority of the Member State enforcing the rules referred to in Article 1(6) in whose territory it is to be conducted.

    6.   Undertakings or associations of undertakings are required to submit to an inspection ordered by a Commission decision. That decision shall specify the subject matter and purpose of the inspection, set the date on which it is to begin and indicate the fines and periodic penalty payments provided for in Articles 30 and 31 respectively, and the right to have that decision reviewed by the Court of Justice.

    7.   Officials of, and the persons authorised or appointed by, the national competent authority of the Member State enforcing the rules referred to in Article 1(6) in whose territory the inspection is to be conducted shall, at the request of that authority or of the Commission, actively assist the officials and other accompanying persons authorised by the Commission. To this end, they shall enjoy the powers set out in paragraphs 2 and 4 of this Article.

    8.   Where the officials and other accompanying persons authorised by the Commission find that an undertaking or association of undertakings opposes an inspection ordered pursuant to this Article, the Member State concerned shall afford them the necessary assistance, requesting, where appropriate, the assistance of the police or of an equivalent enforcement authority, so as to enable them to conduct their inspection.

    9.   If, according to national rules, the assistance provided for in paragraph 8 of this Article requires authorisation from a judicial authority, the Commission or the national competent authority of the Member State enforcing the rules referred to in Article 1(6) or officials authorised by those authorities shall apply for it. Such authorisation may also be applied for as a precautionary measure.

    10.   Where authorisation referred to in paragraph 9 of this Article is applied for, the national judicial authority shall verify that the Commission decision is authentic and that the coercive measures envisaged are neither arbitrary nor excessive having regard to the subject matter of the inspection. In its control of the proportionality of the coercive measures, the national judicial authority may ask the Commission, directly or through the national competent authority of the Member State, enforcing the rules referred to in Article 1(6), for detailed explanations in particular on the grounds the Commission has for suspecting infringement of this Regulation, as well as on the seriousness of the suspected infringement and on the nature of the involvement of the undertaking concerned. However, the national judicial authority may not call into question the necessity of the inspection nor demand that it be provided with the information in the file of the Commission. The lawfulness of the Commission decision shall be subject to review only by the Court of Justice.

    Article 24

    Interim measures

    In case of urgency due to the risk of serious and irreparable damage for business users or end users of gatekeepers, the Commission may adopt an implementing act ordering interim measures against a gatekeeper on the basis of a prima facie finding of an infringement of Article 5, 6 or 7. That implementing act shall be adopted only in the context of proceedings opened with a view to the possible adoption of a non-compliance decision pursuant to Article 29(1). It shall apply only for a specified period of time and may be renewed in so far this is necessary and appropriate. That implementing act shall be adopted in accordance with the advisory procedure referred to in Article 50(2).

    Article 25

    Commitments

    1.   If, during proceedings under Article 18, the gatekeeper concerned offers commitments for the relevant core platform services to ensure compliance with the obligations laid down in Articles 5, 6 and 7 the Commission may adopt an implementing act making those commitments binding on that gatekeeper and declare that there are no further grounds for action. That implementing act shall be adopted in accordance with the advisory procedure referred to in Article 50(2).

    2.   The Commission may, upon request or on its own initiative, reopen by decision the relevant proceedings, where:

    (a)

    there has been a material change in any of the facts on which the decision was based;

    (b)

    the gatekeeper concerned acts contrary to its commitments;

    (c)

    the decision was based on incomplete, incorrect or misleading information provided by the parties;

    (d)

    the commitments are not effective.

    3.   If the Commission considers that the commitments submitted by the gatekeeper concerned cannot ensure effective compliance with the obligations laid down in Articles 5, 6 and 7, it shall explain the reasons for not making those commitments binding in the decision concluding the relevant proceedings.

    Article 26

    Monitoring of obligations and measures

    1.   The Commission shall take the necessary actions to monitor the effective implementation and compliance with the obligations laid down in Articles 5, 6 and 7 and the decisions taken pursuant to Articles 8, 18, 24, 25 and 29. Those actions may include, in particular, the imposition of an obligation on the gatekeeper to retain all documents deemed to be relevant to assess the implementation of, and compliance with, those obligations and decisions.

    2.   The actions pursuant to paragraph 1 may include the appointment of independent external experts and auditors, as well as the appointment of officials from national competent authorities of the Member States, to assist the Commission to monitor the obligations and measures and to provide specific expertise or knowledge to the Commission.

    Article 27

    Information by third parties

    1.   Any third party, including business users, competitors or end-users of the core platform services listed in the designation decision pursuant to Article 3(9), as well as their representatives, may inform the national competent authority of the Member State, enforcing the rules referred to in Article 1(6), or the Commission directly, about any practice or behaviour by gatekeepers that falls within the scope of this Regulation.

    2.   The national competent authority of the Member State, enforcing the rules referred to in Article 1(6), and the Commission shall have full discretion as regards the appropriate measures and are under no obligation to follow-up on the information received.

    3.   Where the national competent authority of the Member State, enforcing the rules referred to in Article 1(6), determines, based on the information received pursuant to paragraph 1 of this Article, that there may be an issue of non-compliance with this Regulation, it shall transfer that information to the Commission.

    Article 28

    Compliance function

    1.   Gatekeepers shall introduce a compliance function, which is independent from the operational functions of the gatekeeper and composed of one or more compliance officers, including the head of the compliance function.

    2.   The gatekeeper shall ensure that the compliance function referred to in paragraph 1 has sufficient authority, stature and resources, as well as access to the management body of the gatekeeper to monitor the compliance of the gatekeeper with this Regulation.

    3.   The management body of the gatekeeper shall ensure that compliance officers appointed pursuant to paragraph 1 have the professional qualifications, knowledge, experience and ability necessary to fulfil the tasks referred to in paragraph 5.

    The management body of the gatekeeper shall also ensure that such head of the compliance function is an independent senior manager with distinct responsibility for the compliance function.

    4.   The head of the compliance function shall report directly to the management body of the gatekeeper and may raise concerns and warn that body where risks of non-compliance with this Regulation arise, without prejudice to the responsibilities of the management body in its supervisory and managerial functions.

    The head of the compliance function shall not be removed without prior approval of the management body of the gatekeeper.

    5.   Compliance officers appointed by the gatekeeper pursuant to paragraph 1 shall have the following tasks:

    (a)

    organising, monitoring and supervising the measures and activities of the gatekeepers that aim to ensure compliance with this Regulation;

    (b)

    informing and advising the management and employees of the gatekeeper on compliance with this Regulation;

    (c)

    where applicable, monitoring compliance with commitments made binding pursuant to Article 25, without prejudice to the Commission being able to appoint independent external experts pursuant to Article 26(2);

    (d)

    cooperating with the Commission for the purpose of this Regulation.

    6.   Gatekeepers shall communicate the name and contact details of the head of the compliance function to the Commission.

    7.   The management body of the gatekeeper shall define, oversee and be accountable for the implementation of the governance arrangements of the gatekeeper that ensure the independence of the compliance function, including the division of responsibilities in the organisation of the gatekeeper and the prevention of conflicts of interest.

    8.   The management body shall approve and review periodically, at least once a year, the strategies and policies for taking up, managing and monitoring the compliance with this Regulation.

    9.   The management body shall devote sufficient time to the management and monitoring of compliance with this Regulation. It shall actively participate in decisions relating to the management and enforcement of this Regulation and ensure that adequate resources are allocated to it.

    Article 29

    Non-compliance

    1.   The Commission shall adopt an implementing act setting out its finding of non-compliance (‘the non-compliance decision’) where it finds that a gatekeeper does not comply with one or more of the following:

    (a)

    any of the obligations laid down in Article 5, 6 or 7;

    (b)

    measures specified by the Commission in a decision adopted pursuant to Article 8(2);

    (c)

    remedies imposed pursuant to Article 18(1);

    (d)

    interim measures ordered pursuant to Article 24; or

    (e)

    commitments made legally binding pursuant to Article 25.

    That implementing act shall be adopted in accordance with the advisory procedure referred to in Article 50(2).

    2.   The Commission shall endeavour to adopt its non-compliance decision within 12 months from the opening of proceedings pursuant to Article 20.

    3.   Before adopting the non-compliance decision, the Commission shall communicate its preliminary findings to the gatekeeper concerned. In those preliminary findings, the Commission shall explain the measures it is considering taking or that it considers that the gatekeeper should take in order to effectively address the preliminary findings.

    4.   Where it intends to adopt a non-compliance decision, the Commission may consult third parties.

    5.   In the non-compliance decision, the Commission shall order the gatekeeper to cease and desist with the non-compliance within an appropriate deadline and to provide explanations on how it plans to comply with that decision.

    6.   The gatekeeper shall provide the Commission with the description of the measures that it has taken to ensure compliance with the non-compliance decision.

    7.   Where the Commission decides not to adopt a non-compliance decision, it shall close the proceedings by a decision.

    Article 30

    Fines

    1.   In the non-compliance decision, the Commission may impose on a gatekeeper fines not exceeding 10 % of its total worldwide turnover in the preceding financial year where it finds that the gatekeeper, intentionally or negligently, fails to comply with:

    (a)

    any of the obligations laid down in Articles 5, 6 and 7;

    (b)

    measures specified by the Commission in a decision adopted pursuant to Article 8(2);

    (c)

    remedies imposed pursuant to Article 18(1);

    (d)

    interim measures ordered pursuant to Article 24; or

    (e)

    commitments made legally binding pursuant to Article 25.

    2.   Notwithstanding paragraph 1 of this Article, in the non-compliance decision the Commission may impose on a gatekeeper fines up to 20 % of its total worldwide turnover in the preceding financial year where it finds that a gatekeeper has committed the same or a similar infringement of an obligation laid down in Article 5, 6 or 7 in relation to the same core platform service as it was found to have committed in a non-compliance decision adopted in the 8 preceding years.

    3.   The Commission may adopt a decision, imposing on undertakings, including gatekeepers where applicable, and associations of undertakings, fines not exceeding 1 % of their total worldwide turnover in the preceding financial year where they intentionally or negligently:

    (a)

    fail to provide within the time limit information that is required for assessing their designation as gatekeepers pursuant to Article 3 or supply incorrect, incomplete or misleading information;

    (b)

    fail to comply with the obligation to notify the Commission according to Article 3(3);

    (c)

    fail to notify information or supply incorrect, incomplete or misleading information that is required pursuant to Article 14;

    (d)

    fail to submit the description or supply incorrect, incomplete or misleading information that is required pursuant to Article 15;

    (e)

    fail to provide access to data, algorithms or information about testing in response to a request made pursuant to Article 21(3);

    (f)

    fail to supply the information requested within the time limit fixed pursuant to Article 21(3) or supply incorrect, incomplete or misleading information or explanations that are requested pursuant to Article 21 or given in an interview pursuant to Article 22;

    (g)

    fail to rectify within a time limit set by the Commission, incorrect, incomplete or misleading information given by a representative or a member of staff, or fail or refuse to provide complete information on facts relating to the subject-matter and purpose of an inspection, pursuant to Article 23;

    (h)

    refuse to submit to an inspection pursuant to Article 23;

    (i)

    fail to comply with the obligations imposed by the Commission pursuant to Article 26;

    (j)

    fail to introduce a compliance function in accordance with Article 28; or

    (k)

    fail to comply with the conditions for access to the Commission’s file pursuant to Article 34(4).

    4.   In fixing the amount of a fine, the Commission shall take into account the gravity, duration, recurrence, and, for fines imposed pursuant to paragraph 3, delay caused to the proceedings.

    5.   When a fine is imposed on an association of undertakings taking account of the worldwide turnover of its members and that association is not solvent, it shall be obliged to call for contributions from its members to cover the amount of the fine.

    Where such contributions have not been made to the association of undertakings within a time limit set by the Commission, the Commission may require payment of the fine directly by any of the undertakings whose representatives were members of the decision-making bodies concerned of that association.

    After having required payment in accordance with the second subparagraph, the Commission may require payment of the balance by any of the members of the association of undertakings, where necessary to ensure full payment of the fine.

    However, the Commission shall not require payment pursuant to the second or the third subparagraph from undertakings which show that they have not implemented the decision of the association of undertakings that infringed this Regulation, and either were not aware of its existence, or have actively distanced themselves from it before the Commission opened proceedings under Article 20.

    The financial liability of each undertaking in respect of the payment of the fine shall not exceed 20 % of its total worldwide turnover in the preceding financial year.

    Article 31

    Periodic penalty payments

    1.   The Commission may adopt a decision imposing on undertakings, including gatekeepers where applicable, and associations of undertakings periodic penalty payments not exceeding 5 % of the average daily worldwide turnover in the preceding financial year per day, calculated from the date set by that decision, in order to compel them:

    (a)

    to comply with the measures specified by the Commission in a decision adopted pursuant to Article 8(2);

    (b)

    to comply with the decision pursuant to Article 18(1);

    (c)

    to supply correct and complete information within the time limit required by a request for information made by decision pursuant to Article 21;

    (d)

    to ensure access to data, algorithms and information about testing in response to a request made pursuant to Article 21(3) and to supply explanations on those as required by a decision pursuant to Article 21;

    (e)

    to submit to an inspection which was ordered by a decision taken pursuant to Article 23;

    (f)

    to comply with a decision ordering interim measures taken pursuant to Article 24;

    (g)

    to comply with commitments made legally binding by a decision pursuant to Article 25(1);

    (h)

    to comply with a decision pursuant to Article 29(1).

    2.   Where the undertakings, or associations of undertakings, have satisfied the obligation which the periodic penalty payment was intended to enforce, the Commission may adopt an implementing act, setting the definitive amount of the periodic penalty payment at a figure lower than that which would arise under the original decision. That implementing act shall be adopted in accordance with the advisory procedure referred to in Article 50(2).

    Article 32

    Limitation periods for the imposition of penalties

    1.   The powers conferred on the Commission by Articles 30 and 31 shall be subject to a 5 year limitation period.

    2.   Time shall begin to run on the day on which the infringement is committed. However, in the case of continuing or repeated infringements, time shall begin to run on the day on which the infringement ceases.

    3.   Any action taken by the Commission for the purpose of a market investigation or proceedings in respect of an infringement shall interrupt the limitation period for the imposition of fines or periodic penalty payments. The limitation period shall be interrupted with effect from the date on which the action is notified to at least one undertaking or association of undertakings which has participated in the infringement. Actions which interrupt the running of the period shall include in particular the following:

    (a)

    requests for information by the Commission;

    (b)

    written authorisations to conduct inspections issued to its officials by the Commission;

    (c)

    the opening of a proceeding by the Commission pursuant to Article 20.

    4.   Each interruption shall start time running afresh. However, the limitation period shall expire at the latest on the day on which a period equal to twice the limitation period has elapsed without the Commission having imposed a fine or a periodic penalty payment. That period shall be extended by the time during which limitation is suspended pursuant to paragraph 5.

    5.   The limitation period for the imposition of fines or periodic penalty payments shall be suspended for as long as the decision of the Commission is the subject of proceedings pending before the Court of Justice.

    Article 33

    Limitation periods for the enforcement of penalties

    1.   The power of the Commission to enforce decisions taken pursuant to Articles 30 and 31 shall be subject to a limitation period of 5 years.

    2.   Time shall begin to run from the day on which the decision becomes final.

    3.   The limitation period for the enforcement of penalties shall be interrupted:

    (a)

    by notification of a decision varying the original amount of the fine or periodic penalty payment or refusing an application for variation; or

    (b)

    by any action of the Commission or of a Member State, acting at the request of the Commission, designed to enforce payment of the fine or periodic penalty payment.

    4.   Each interruption shall start time running afresh.

    5.   The limitation period for the enforcement of penalties shall be suspended for so long as:

    (a)

    time to pay is allowed; or

    (b)

    enforcement of payment is suspended pursuant to a decision of the Court of Justice or to a decision by a national court.

    Article 34

    Right to be heard and access to the file

    1.   Before adopting a decision pursuant to Article 8, Article 9(1), Article 10(1), Articles 17, 18, 24, 25, 29 and 30 and Article 31(2), the Commission shall give the gatekeeper or undertaking or association of undertakings concerned the opportunity of being heard on:

    (a)

    preliminary findings of the Commission, including any matter to which the Commission has taken objection; and

    (b)

    measures that the Commission may intend to take in view of the preliminary findings pursuant to point (a) of this paragraph.

    2.   Gatekeepers, undertakings and associations of undertakings concerned may submit their observations to the Commission concerning the Commission’s preliminary findings within a time limit set by the Commission in its preliminary findings which may not be less than 14 days.

    3.   The Commission shall base its decisions only on preliminary findings, including any matter to which the Commission has taken objection, on which gatekeepers, undertakings and associations of undertakings concerned have been able to comment.

    4.   The rights of defence of the gatekeeper, undertaking or association of undertakings concerned shall be fully respected in any proceedings. The gatekeeper, undertaking or association of undertakings concerned shall be entitled to have access to the Commission's file under terms of disclosure, subject to the legitimate interest of undertakings in the protection of their business secrets. In the case of disagreement between the parties, the Commission may adopt decisions setting out those terms of disclosure. The right of access to the file of the Commission shall not extend to confidential information and internal documents of the Commission or the competent authorities of the Member States. In particular, the right of access shall not extend to correspondence between the Commission and the competent authorities of the Member States. Nothing in this paragraph shall prevent the Commission from disclosing and using information necessary to prove an infringement.

    Article 35

    Annual reporting

    1.   The Commission shall submit to the European Parliament and to the Council an annual report on the implementation of this Regulation and the progress made towards achieving its objectives.

    2.   The report referred to in paragraph 1 shall include:

    (a)

    a summary of the Commission’s activities including any adopted measures or decisions and ongoing market investigations in connection with this Regulation;

    (b)

    the findings resulting from the monitoring of the implementation by the gatekeepers of the obligations under this Regulation;

    (c)

    an assessment of the audited description referred to in Article 15;

    (d)

    an overview of the cooperation between the Commission and national authorities in connection with this Regulation;

    (e)

    an overview of the activities and tasks performed by the High Level Group of Digital Regulators, including how its recommendations as regards the enforcement of this Regulation are to be implemented.

    3.   The Commission shall publish the report on its website.

    Article 36

    Professional secrecy

    1.   The information collected pursuant to this Regulation shall be used for the purposes of this Regulation.

    2.   The information collected pursuant to Article 14 shall be used for the purposes of this Regulation, Regulation (EC) No 139/2004 and national merger rules.

    3.   The information collected pursuant to Article 15 shall be used for the purposes of this Regulation and Regulation (EU) 2016/679.

    4.   Without prejudice to the exchange and to the use of information provided for the purpose of use pursuant to Articles 38, 39, 41 and 43, the Commission, the competent authorities of the Member States, their officials, servants and other persons working under the supervision of those authorities and any natural or legal person, including auditors and experts appointed pursuant to Article 26(2), shall not disclose information acquired or exchanged by them pursuant to this Regulation and of the kind covered by the obligation of professional secrecy.

    Article 37

    Cooperation with national authorities

    1.   The Commission and Member States shall work in close cooperation and coordinate their enforcement actions to ensure coherent, effective and complementary enforcement of available legal instruments applied to gatekeepers within the meaning of this Regulation.

    2.   The Commission may consult national authorities where appropriate, on any matter relating to the application of this Regulation.

    Article 38

    Cooperation and coordination with national competent authorities enforcing competition rules

    1.   The Commission and the national competent authorities of the Member States enforcing the rules referred to in Article 1(6) shall cooperate with each other and inform each other about their respective enforcement actions through the European Competition Network (ECN). They shall have the power to provide one another with any information regarding a matter of fact or of law, including confidential information. Where the competent authority is not a member of the ECN, the Commission shall make the necessary arrangements for cooperation and exchange of information on cases concerning the enforcement of this Regulation and the enforcement of cases referred to in Article 1(6) of such authorities. The Commission may lay down such arrangements in an implementing act as referred to in Article 46(1), point (l).

    2.   Where a national competent authority of the Member States enforcing the rules referred to in Article 1(6) intends to launch an investigation on gatekeepers based on national laws referred to in Article 1(6), it shall inform the Commission in writing of the first formal investigative measure, before or immediately after the start of such measure. This information may also be made available to the national competent authorities enforcing the rules referred to in Article 1(6) of the other Member States.

    3.   Where a national competent authority of the Member States enforcing the rules referred to in Article 1(6) intends to impose obligations on gatekeepers based on national laws referred to in Article 1(6), it shall, no later than 30 days before its adoption, communicate the draft measure to the Commission stating the reasons for the measure. In the case of interim measures, the national competent authority of the Member States enforcing the rules referred to in Article 1(6) shall communicate to the Commission the draft measures envisaged as soon as possible, and at the latest immediately after the adoption of such measures. This information may also be made available to the national competent authorities enforcing the rules referred to in Article 1(6) of the other Member States.

    4.   The information mechanisms provided for in paragraphs 2 and 3 shall not apply to decisions envisaged pursuant to national merger rules.

    5.   Information exchanged pursuant to paragraphs 1 to 3 of this Article shall only be exchanged and used for the purpose of coordination of the enforcement of this Regulation and the rules referred to in Article 1(6).

    6.   The Commission may ask national competent authorities of the Member States enforcing the rules referred to in Article 1(6) to support any of its market investigations pursuant to this Regulation.

    7.   Where it has the competence and investigative powers to do so under national law, a national competent authority of the Member States enforcing the rules referred to in Article 1(6) may, on its own initiative, conduct an investigation into a case of possible non-compliance with Articles 5, 6 and 7 of this Regulation on its territory. Before taking a first formal investigative measure, that authority shall inform the Commission in writing.

    The opening of proceedings by the Commission pursuant to Article 20 shall relieve the national competent authorities of the Member States enforcing the rules referred to in Article 1(6) of the possibility to conduct such an investigation or end it where it is already ongoing. Those authorities shall report to the Commission on the findings of such investigation in order to support the Commission in its role as sole enforcer of this Regulation.

    Article 39

    Cooperation with national courts

    1.   In proceedings for the application of this Regulation, national courts may ask the Commission to transmit to them information in its possession or its opinion on questions concerning the application of this Regulation.

    2.   Member States shall forward to the Commission a copy of any written judgment of national courts deciding on the application of this Regulation. Such copy shall be forwarded without delay after the full written judgment is notified to the parties.

    3.   Where the coherent application of this Regulation so requires, the Commission, acting on its own initiative, may submit written observations to national courts. With the permission of the court in question, it may also make oral observations.

    4.   For the purpose of the preparation of their observations only, the Commission may request the relevant national court to transmit or ensure the transmission to the Commission of any documents necessary for the assessment of the case.

    5.   National courts shall not give a decision which runs counter to a decision adopted by the Commission under this Regulation. They shall also avoid giving decisions which would conflict with a decision contemplated by the Commission in proceedings it has initiated under this Regulation. To that effect, the national court may assess whether it is necessary to stay its proceedings. This is without prejudice to the possibility for national courts to request a preliminary ruling under Article 267 TFEU.

    Article 40

    The high-level group

    1.   The Commission shall establish a high-level group for the Digital Markets Act (‘the high-level group’).

    2.   The high-level group shall be composed of the following European bodies and networks:

    (a)

    Body of the European Regulators for Electronic Communications;

    (b)

    European Data Protection Supervisor and European Data Protection Board;

    (c)

    European Competition Network;

    (d)

    Consumer Protection Cooperation Network; and

    (e)

    European Regulatory Group of Audiovisual Media Regulators.

    3.   The European bodies and networks referred to in paragraph 2 shall each have an equal number of representatives in the high-level group. The maximum number of members of the high-level group shall not exceed 30.

    4.   The Commission shall provide secretariat services to the high-level group in order to facilitate its work. The high-level group shall be chaired by the Commission, which shall participate in its meetings. The high-level group shall meet upon request of the Commission at least once per calendar year. The Commission shall also convene a meeting of the group when so requested by the majority of the members composing the group in order to address a specific issue.

    5.   The high-level group may provide the Commission with advice and expertise in the areas falling within the competences of its members, including:

    (a)

    advice and recommendations within their expertise relevant for any general matter of implementation or enforcement of this Regulation; or

    (b)

    advice and expertise promoting a consistent regulatory approach across different regulatory instruments.

    6.   The high-level group may, in particular, identify and assess the current and potential interactions between this Regulation and the sector-specific rules applied by the national authorities composing the European bodies and networks referred to in paragraph 2 and submit an annual report to the Commission presenting such assessment and identifying potential trans-regulatory issues. Such report may be accompanied by recommendations aiming at converging towards consistent transdisciplinary approaches and synergies between the implementation of this Regulation and other sectoral regulations. The report shall be communicated to the European Parliament and to the Council.

    7.   In the context of market investigations into new services and new practices, the high-level group may provide expertise to the Commission on the need to amend, add or remove rules in this Regulation, to ensure that digital markets across the Union are contestable and fair.

    Article 41

    Request for a market investigation

    1.   Three or more Member States may request the Commission to open a market investigation pursuant to Article 17 because they consider that there are reasonable grounds to suspect that an undertaking should be designated as a gatekeeper.

    2.   One or more Member States may request the Commission to open a market investigation pursuant to Article 18 because they consider that there are reasonable grounds to suspect that a gatekeeper has systematically infringed one or more of the obligations laid down in Articles 5, 6 and 7 and has maintained, strengthened or extended its gatekeeper position in relation to the requirements under Article 3(1).

    3.   Three or more Member States may request the Commission to conduct a market investigation pursuant to Article 19 because they consider that there are reasonable grounds to suspect that:

    (a)

    one or more services within the digital sector should be added to the list of core platform services laid down in Article 2, point (2), or

    (b)

    one or more practices are not effectively addressed by this Regulation and might limit the contestability of core platform services or be unfair.

    4.   Member States shall submit evidence in support of their requests pursuant to paragraphs 1, 2 and 3. For requests pursuant to paragraph 3, such evidence may include information on newly introduced offers of products, services, software or features which raise concerns of contestability or fairness, whether implemented in the context of existing core platform services or otherwise.

    5.   Within 4 months of receiving a request pursuant to this Article, the Commission shall examine whether there are reasonable grounds to open a market investigation pursuant to paragraph 1, 2 or 3. The Commission shall publish the results of its assessment.

    Article 42

    Representative actions

    Directive (EU) 2020/1828 shall apply to the representative actions brought against infringements by gatekeepers of provisions of this Regulation that harm or may harm the collective interests of consumers.

    Article 43

    Reporting of breaches and protection of reporting persons

    Directive (EU) 2019/1937 shall apply to the reporting of all breaches of this Regulation and the protection of persons reporting such breaches.

    CHAPTER VI

    FINAL PROVISIONS

    Article 44

    Publication of decisions

    1.   The Commission shall publish the decisions which it takes pursuant to Articles 3 and 4, Article 8(2), Articles 9, 10, 16 to 20 and 24, Article 25(1), Articles 29, 30 and 31. Such publication shall state the names of the parties and the main content of the decision, including any penalties imposed.

    2.   The publication shall have regard to the legitimate interest of gatekeepers or third parties in the protection of their confidential information.

    Article 45

    Review by the Court of Justice

    In accordance with Article 261 TFEU, the Court of Justice has unlimited jurisdiction to review decisions by which the Commission has imposed fines or periodic penalty payments. It may cancel, reduce or increase the fine or periodic penalty payment imposed.

    Article 46

    Implementing provisions

    1.   The Commission may adopt implementing acts laying down detailed arrangements for the application of the following:

    (a)

    the form, content and other details of notifications and submissions pursuant to Article 3;

    (b)

    the form, content and other details of the technical measures that gatekeepers shall implement in order to ensure compliance with Article 5, 6 or 7;

    (c)

    operational and technical arrangements in view of implementing interoperability of number-independent interpersonal communications services pursuant to Article 7;

    (d)

    the form, content and other details of the reasoned request pursuant to Article 8(3);

    (e)

    the form, content and other details of the reasoned requests pursuant to Articles 9 and 10;

    (f)

    the form, content and other details of the regulatory reports delivered pursuant to Article 11;

    (g)

    the methodology and procedure for the audited description of techniques used for profiling of consumers provided for in Article 15(1); when developing a draft implementing act for this purpose, the Commission shall consult the European Data Protection Supervisor and may consult the European Data Protection Board, civil society and other relevant experts;

    (h)

    the form, content and other details of notifications and submissions made pursuant to Articles 14 and 15;

    (i)

    the practical arrangements of the proceedings concerning the market investigations pursuant to Articles 17, 18 and 19, and proceedings pursuant to Articles 24, 25 and 29;

    (j)

    the practical arrangements for exercising rights to be heard provided for in Article 34;

    (k)

    the practical arrangements for the terms of disclosure provided for in Article 34;

    (l)

    the practical arrangements for the cooperation and coordination between the Commission and national authorities provided for in Articles 37 and 38; and

    (m)

    the practical arrangements for the calculation and extension of deadlines.

    2.   The implementing acts referred to in paragraph 1, points (a) to (k), and point (m) of this Article shall be adopted in accordance with the advisory procedure referred to in Article 50(2).

    The implementing act referred to in paragraph 1, point (l), of this Article shall be adopted in accordance with the examination procedure referred to in Article 50(3).

    3.   Before the adoption of any implementing act pursuant to paragraph 1, the Commission shall publish a draft thereof and invite all interested parties to submit their comments within a time limit, which may not be less than one month.

    Article 47

    Guidelines

    The Commission may adopt guidelines on any of the aspects of this Regulation in order to facilitate its effective implementation and enforcement.

    Article 48

    Standardisation

    Where appropriate and necessary, the Commission may mandate European standardisation bodies to facilitate the implementation of the obligations set out in this Regulation by developing appropriate standards.

    Article 49

    Exercise of the delegation

    1.   The power to adopt delegated acts is conferred on the Commission subject to the conditions laid down in this Article.

    2.   The power to adopt delegated acts referred to in Article 3(6) and (7) and Article 12(1), (3) and (4) shall be conferred on the Commission for a period of 5 years from 1 November 2022. The Commission shall draw up a report in respect of the delegation of power not later than 9 months before the end of the five-year period. The delegation of power shall be tacitly extended for periods of an identical duration, unless the European Parliament or the Council opposes such extension not later than 3 months before the end of each period.

    3.   The delegation of power referred to in Article 3(6) and (7), and Article 12(1), (3) and (4) may be revoked at any time by the European Parliament or by the Council. A decision to revoke shall put an end to the delegation of the power specified in that decision. It shall take effect the day following the publication of the decision in the Official Journal of the European Union or at a later date specified therein. It shall not affect the validity of any delegated acts already in force.

    4.   Before adopting a delegated act, the Commission shall consult experts designated by each Member State in accordance with the principles laid down in the Interinstitutional Agreement of 13 April 2016 on Better Law-Making.

    5.   As soon as it adopts a delegated act, the Commission shall notify it simultaneously to the European Parliament and to the Council.

    6.   A delegated act adopted pursuant to Article 3(6) and (7), and Article 12(1), (3) and (4) shall enter into force only if no objection has been expressed either by the European Parliament or by the Council within a period of 2 months of notification of that act to the European Parliament and to the Council or if, before the expiry of that period, the European Parliament and the Council have both informed the Commission that they will not object. That period shall be extended by 2 months at the initiative of the European Parliament or of the Council.

    Article 50

    Committee procedure

    1.   The Commission shall be assisted by a committee (‘the Digital Markets Advisory Committee’). That committee shall be a committee within the meaning of Regulation (EU) No 182/2011.

    2.   Where reference is made to this paragraph, Article 4 of Regulation (EU) No 182/2011 shall apply.

    Where the opinion of the committee is to be obtained by written procedure, that procedure shall be terminated without result when, within the time limit for delivery of the opinion, the chair of the committee so decides or a simple majority of committee members so request.

    3.   Where reference is made to this paragraph, Article 5 of Regulation (EU) No 182/2011 shall apply.

    4.   The Commission shall communicate the opinion of the committee to the addressee of an individual decision, together with that decision. It shall make the opinion public together with the individual decision, having regard to the legitimate interest in the protection of professional secrecy.

    Article 51

    Amendment to Directive (EU) 2019/1937

    In Point J of Part I of the Annex to Directive (EU) 2019/1937, the following point is added:

    ‘(iv)

    Regulation (EU) 2022/1925 of the European Parliament and of the Council of 14 September 2022 on contestable and fair markets in the digital sector and amending Directives (EU) 2019/1937 and (EU) 2020/1828 (Digital Markets Act) (OJ L 265, 21.9.2022, p. 1).’

    Article 52

    Amendment to Directive (EU) 2020/1828

    In Annex I to Directive (EU) 2020/1828, the following point is added:

    ‘(67)

    Regulation (EU) 2022/1925 of the European Parliament and of the Council of 14 September 2022 on contestable and fair markets in the digital sector and amending Directives (EU) 2019/1937 and (EU) 2020/1828 (Digital Markets Act) (OJ L 265, 21.9.2022, p. 1).’

    Article 53

    Review

    1.   By 3 May 2026, and subsequently every 3 years, the Commission shall evaluate this Regulation and report to the European Parliament, the Council and the European Economic and Social Committee.

    2.   The evaluations shall assess whether the aims of this Regulation of ensuring contestable and fair markets have been achieved and assess the impact of this Regulation on business users, especially SMEs, and end users. Moreover, the Commission shall evaluate if the scope of Article 7 may be extended to online social networking services.

    3.   The evaluations shall establish whether it is required to modify rules, including regarding the list of core platform services laid down in Article 2, point (2), the obligations laid down in Articles 5, 6 and 7 and their enforcement, to ensure that digital markets across the Union are contestable and fair. Following the evaluations, the Commission shall take appropriate measures, which may include legislative proposals.

    4.   The competent authorities of Member States shall provide any relevant information they have that the Commission may require for the purposes of drawing up the report referred to in paragraph 1.

    Article 54

    Entry into force and application

    This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.

    It shall apply from 2 May 2023.

    However, Article 3(6) and (7) and Articles 40, 46, 47, 48, 49 and 50 shall apply from 1 November 2022 and Article 42 and Article 43 shall apply from 25 June 2023.

    Nevertheless, if the date of 25 June 2023 precedes the date of application referred to in the second paragraph of this Article, the application of Article 42 and Article 43 shall be postponed until the date of application referred to in the second paragraph of this Article.

    This Regulation shall be binding in its entirety and directly applicable in all Member States.

    Done at Strasbourg, 14 September 2022.

    For the European Parliament

    The President

    R. METSOLA

    For the Council

    The President

    M. BEK


    (1)   OJ C 286, 16.7.2021, p. 64.

    (2)   OJ C 440, 29.10.2021, p. 67.

    (3)  Position of the European Parliament of 5 July 2022 (not yet published in the Official Journal) and decision of the Council of 18 July 2022.

    (4)  Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).

    (5)  Regulation (EU) 2019/1150 of the European Parliament and of the Council of 20 June 2019 on promoting fairness and transparency for business users of online intermediation services (OJ L 186, 11.7.2019, p. 57).

    (6)  Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (OJ L 201, 31.7.2002, p. 37).

    (7)  Directive 2005/29/EC of the European Parliament and of the Council of 11 May 2005 concerning unfair business-to-consumer commercial practices in the internal market and amending Council Directive 84/450/EEC, Directives 97/7/EC, 98/27/EC and 2002/65/EC of the European Parliament and of the Council and Regulation (EC) No 2006/2004 of the European Parliament and of the Council (‘Unfair Commercial Practices Directive’) (OJ L 149, 11.6.2005, p. 22).

    (8)  Directive 2010/13/EU of the European Parliament and of the Council of 10 March 2010 on the coordination of certain provisions laid down by law, regulation or administrative action in Member States concerning the provision of audiovisual media services (Audiovisual Media Services Directive) (OJ L 95, 15.4.2010, p. 1).

    (9)  Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (OJ L 337, 23.12.2015, p. 35).

    (10)  Directive (EU) 2019/790 of the European Parliament and of the Council of 17 April 2019 on copyright and related rights in the Digital Single Market and amending Directives 96/9/EC and 2001/29/EC (OJ L 130, 17.5.2019, p. 92).

    (11)  Directive (EU) 2019/882 of the European Parliament and of the Council of 17 April 2019 on the accessibility requirements for products and services (OJ L 151, 7.6.2019, p. 70).

    (12)  Council Directive 93/13/EEC of 5 April 1993 on unfair terms in consumer contracts (OJ L 95, 21.4.1993, p. 29).

    (13)  Directive (EU) 2015/1535 of the European Parliament and of the Council of 9 September 2015 laying down a procedure for the provision of information in the field of technical regulations and of rules on Information Society services (OJ L 241, 17.9.2015, p. 1).

    (14)  Directive (EU) 2018/1972 of the European Parliament and of the Council of 11 December 2018 establishing the European Electronic Communications Code (OJ L 321, 17.12.2018, p. 36).

    (15)  Directive (EU) 2016/2102 of the European Parliament and of the Council of 26 October 2016 on the accessibility of the websites and mobile applications of public sector bodies (OJ L 327, 2.12.2016, p. 1).

    (16)  Regulation (EU) No 182/2011 of the European Parliament and of the Council of 16 February 2011 laying down the rules and general principles concerning mechanisms for control by the Member States of the Commission's exercise of implementing powers (OJ L 55, 28.2.2011, p. 13).

    (17)  Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39).

    (18)  Council Regulation (EC) No 1/2003 of 16 December 2002 on the implementation of the rules on competition laid down in Articles 81 and 82 of the Treaty (OJ L 1, 4.1.2003, p. 1).

    (19)   OJ L 123, 12.5.2016, p. 1.

    (20)  Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law (OJ L 305, 26.11.2019, p. 17).

    (21)  Directive (EU) 2020/1828 of the European Parliament and of the Council of 25 November 2020 on representative actions for the protection of the collective interests of consumers and repealing Directive 2009/22/EC (OJ L 409, 4.12.2020, p. 1).

    (22)   OJ C 147, 26.4.2021, p. 4.

    (23)  Council Regulation (EC) No 139/2004 of 20 January 2004 on the control of concentrations between undertakings (the EC Merger Regulation) (OJ L 24, 29.1.2004, p. 1).

    (24)  Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union (OJ L 194, 19.7.2016, p. 1).


    ANNEX

    A.   ‘General’

    1.

    This Annex aims at specifying the methodology for identifying and calculating the ‘active end users’ and the ‘active business users’ for each core platform service listed in Article 2, point (2). It provides a reference to enable an undertaking to assess whether its core platform services meet the quantitative thresholds set out in Article 3(2), point (b) and would therefore be presumed to meet the requirement in Article 3(1), point (b). Such reference will therefore equally be of relevance to any broader assessment under Article 3(8). It is the responsibility of the undertaking to come to the best approximation possible in line with the common principles and specific methodology set out in this Annex. Nothing in this Annex precludes the Commission, within the time limits laid down in the relevant provisions of this Regulation, from requiring the undertaking providing core platform services to provide any information necessary to identify and calculate the ‘active end users’ and the ‘active business users’. Nothing in this Annex should constitute a legal basis for tracking users. The methodology contained in this Annex is also without prejudice to any of the obligations laid down in this Regulation, notably in Article 3(3) and (8) and Article 13(3). In particular, the required compliance with Article 13(3) also means identifying and calculating ‘active end users’ and ‘active business users’ based either on a precise measurement or on the best approximation available, in line with the actual identification and calculation capacities that the undertaking providing core platform services possesses at the relevant point in time. Those measurements or the best approximation available shall be consistent with, and include, those reported under Article 15.

    2.

    Article 2, points (20) and (21) set out the definitions of ‘end user’ and ‘business user’, which are common to all core platform services.

    3.

    In order to identify and calculate the number of ‘active end users’ and ‘active business users’, this Annex refers to the concept of ‘unique users’. The concept of ‘unique users’ encompasses ‘active end users’ and ‘active business users’ counted only once, for the relevant core platform service, over the course of a specified time period (i.e. month in case of ‘active end users’ and year in case of ‘active business users’), no matter how many times they engaged with the relevant core platform service over that period. This is without prejudice to the fact that the same natural or legal person can simultaneously constitute an ‘active end user’ or an ‘active business user’ for different core platform services.

    B.   ‘Active end users’

    1.

    The number of ‘unique users’ as regards ‘active end users’ shall be identified according to the most accurate metric reported by the undertaking providing any of the core platform services, specifically:

    a.

    It is considered that collecting data about the use of core platform services from signed-in or logged-in environments would prima facie present the lowest risk of duplication, for example in relation to user behaviour across devices or platforms. Hence, the undertaking shall submit aggregate anonymized data on the number of unique end users per respective core platform service based on signed-in or logged-in environments, if such data exists.

    b.

    In the case of core platform services which are also accessed by end users outside signed-in or logged-in environments, the undertaking shall additionally submit aggregate anonymized data on the number of unique end users of the respective core platform service based on an alternate metric capturing also end users outside signed-in or logged-in environments, such as internet protocol addresses, cookie identifiers or other identifiers such as radio frequency identification tags, provided that those addresses or identifiers are objectively necessary for the provision of the core platform services.

    2.

    The number of ‘monthly active end users’ is based on the average number of monthly active end users throughout the largest part of the financial year. The notion ‘the largest part of the financial year’ is intended to allow an undertaking providing core platform services to discount outlier figures in a given year. Outlier figures inherently mean figures that fall significantly outside the normal and foreseeable figures. An unforeseen peak or drop in user engagement that occurred during a single month of the financial year is an example of what could constitute such outlier figures. Figures related to annually recurring occurrences, such as annual sales promotions, are not outlier figures.

    C.   ‘Active business users’

    The number of ‘unique users’ as regards ‘active business users’ is to be determined, where applicable, at the account level with each distinct business account associated with the use of a core platform service provided by the undertaking constituting one unique business user of that respective core platform service. If the notion of ‘business account’ does not apply to a given core platform service, the relevant undertaking providing core platform services shall determine the number of unique business users by referring to the relevant undertaking.

    D.   ‘Submission of information’

    1.

    The undertaking submitting to the Commission pursuant to Article 3(3) information concerning the number of active end users and active business users per core platform service shall be responsible for ensuring the completeness and accuracy of that information. In that regard:

    a.

    The undertaking shall be responsible for submitting data for a respective core platform service that avoids under-counting and over-counting the number of active end users and active business users (for example, where users access the core platform services across different platforms or devices).

    b.

    The undertaking shall be responsible for providing precise and succinct explanations about the methodology used to arrive at the information and for any risk of under-counting or over-counting of the number of active end users and active business users for a respective core platform service and for the solutions adopted to address that risk.

    c.

    The undertaking shall provide data that is based on an alternative metric when the Commission has concerns about the accuracy of data provided by the undertaking providing core platform services.

    2.

    For the purpose of calculating the number of ‘active end users’ and ‘active business users’:

    a.

    The undertaking providing core platform service(s) shall not identify core platform services that belong to the same category of core platform services pursuant to Article 2, point (2) as distinct mainly on the basis that they are provided using different domain names, whether country code top-level domains (ccTLDs) or generic top-level domains (gTLDs), or any geographic attributes.

    b.

    The undertaking providing core platform service(s) shall consider as distinct core platform services those core platform services, which are used for different purposes by either their end users or their business users, or both, even if their end users or business users may be the same and even if they belong to the same category of core platform services pursuant to Article 2, point (2).

    c.

    The undertaking providing core platform service(s) shall consider as distinct core platform services those services which the relevant undertaking offers in an integrated way, but which:

    (i)

    do not belong to the same category of core platform services pursuant to Article 2, point (2); or

    (ii)

    are used for different purposes by either their end users or their business users, or both, even if their end users and business users may be the same and even if they belong to the same category of core platform services pursuant to Article 2, point (2).

    E.   ‘Specific definitions’

    The table below sets out specific definitions of ‘active end users’ and ‘active business users’ for each core platform service.

    Core platform services

    Active end users

    Active business users

    Online intermediation services

    Number of unique end users who engaged with the online intermediation service at least once in the month for example through actively logging-in, making a query, clicking or scrolling or concluded a transaction through the online intermediation service at least once in the month.

    Number of unique business users who had at least one item listed in the online intermediation service during the whole year or concluded a transaction enabled by the online intermediation service during the year.

    Online search engines

    Number of unique end users who engaged with the online search engine at least once in the month, for example through making a query.

    Number of unique business users with business websites (i.e. website used in commercial or professional capacity) indexed by or part of the index of the online search engine during the year.

    Online social networking services

    Number of unique end users who engaged with the online social networking service at least once in the month, for example through actively logging-in, opening a page, scrolling, clicking, liking, making a query, posting or commenting.

    Number of unique business users who have a business listing or business account in the online social networking service and have engaged in any way with the service at least once during the year, for example through actively logging-in, opening a page, scrolling, clicking, liking, making a query, posting, commenting or using its tools for businesses.

    Video-sharing platform services

    Number of unique end users who engaged with the video-sharing platform service at least once in the month, for example through playing a segment of audiovisual content, making a query or uploading a piece of audiovisual content, notably including user-generated videos.

    Number of unique business users who provided at least one piece of audiovisual content uploaded or played on the video-sharing platform service during the year.

    Number-independent interpersonal communication services

    Number of unique end users who initiated or participated in any way in a communication through the number-independent interpersonal communication service at least once in the month.

    Number of unique business users who used a business account or otherwise initiated or participated in any way in a communication through the number-independent interpersonal communication service to communicate directly with an end user at least once during the year.

    Operating systems

    Number of unique end users who utilised a device with the operating system, which has been activated, updated or used at least once in the month.

    Number of unique developers who published, updated or offered at least one software application or software program using the programming language or any software development tools of, or running in any way on, the operating system during the year.

    Virtual assistant

    Number of unique end users who engaged with the virtual assistant in any way at least once in the month, such as for example through activating it, asking a question, accessing a service through a command or controlling a smart home device.

    Number of unique developers who offered at least one virtual assistant software application or a functionality to make an existing software application accessible through the virtual assistant during the year.

    Web browsers

    Number of unique end users who engaged with the web browser at least once in the month, for example through inserting a query or website address in the URL line of the web browser.

    Number of unique business users whose business websites (i.e. website used in commercial or professional capacity) have been accessed via the web browser at least once during the year or who offered a plug-in, extension or add-ons used on the web browser during the year.

    Cloud computing services

    Number of unique end users who engaged with any cloud computing services from the relevant provider of cloud computing services at least once in the month, in return for any type of remuneration, regardless of whether this remuneration occurs in the same month.

    Number of unique business users who provided any cloud computing services hosted in the cloud infrastructure of the relevant provider of cloud computing services during the year.

    Online advertising services

    For proprietary sales of advertising space:

    Number of unique end users who were exposed to an advertisement impression at least once in the month.

    For advertising intermediation services (including advertising networks, advertising exchanges and any other advertising intermediation services):

    Number of unique end users who were exposed to an advertisement impression which triggered the advertising intermediation service at least once in the month.

    For proprietary sales of advertising space:

    Number of unique advertisers who had at least one advertisement impression displayed during the year.

    For advertising intermediation services (including advertising networks, advertising exchanges and any other advertising intermediation services):

    Number of unique business users (including advertisers, publishers or other intermediators) who interacted via or were served by the advertising intermediation service during the year.


    Top