On 25 March 2024, the Commission announced that it had opened non-compliance investigations under the Digital Markets Act (DMA) into three of the companies that have been designated as gatekeepers, namely Alphabet, Apple, and Meta. These investigations concern various issues, including rules on steering in app stores, choice screens for browsers, self-preferencing in general search, and data combination.
Moreover, the Commission announced that it has taken investigatory steps relating to Apple’s new fee structure for alternative app stores and Amazon’s ranking practices on its marketplace. In practice, this means that the Commission has made use of the tools it has under the DMA (Article 20(2) and following), such as requests for information and/or interviews, to gather the information it needs with a view to determining whether to launch non-compliance proceedings.
This post sets out the main issues the Commission will be investigating in the context of the proceedings under consideration and discusses their implications for the future of the DMA implementation.
Non-compliance investigations under the DMA: How did we get here?
The Commission’s investigations were launched on the back of the gatekeepers’ compliance reports. Concretely, following their designation in September 2023, designated undertakings had six months (i.e., until 7 March 2024) to ensure and demonstrate compliance with the obligations and prohibitions established in the DMA (Article 8(1)). To enable the Commission to monitor compliance with the DMA, gatekeepers are required to (a) provide it with a report describing in a detailed and transparent manner the measures they implemented, and (b) publish a non-confidential summary of those reports (Article 11).
Gatekeepers recently made available to the Commission and the public the changes they made to adjust to the new regulatory regime introduced by the DMA (the compliance reports are available here). However, whether the measures under scrutiny “effectively” comply with the DMA is not obvious.
In fact, the solutions presented by (some) gatekeepers faced a major backlash from several business user categories (e.g., app developers, vertical search services) soon after the publication of the compliance reports. Business users had the opportunity to voice their discontent with the gatekeepers’ compliance plans in the context of a series of workshops organised by the Commission. During the discussions that took place, valid points were made as to why the measures employed by gatekeepers either do not move the needle or end up granting preferential treatment to the gatekeepers’ services (which, to state the obvious, goes against the letter and spirit of the DMA).
What are the Commission’s investigations about?
The Commission’s move to launch non-compliance investigations is bold for several reasons, including for the fact that those investigations do not focus on one matter only (e.g., anti-steering) but on several complex aspects that do not concern the same gatekeeper and are not necessarily related (e.g., choice screens and data combination).
Alphabet’s measures to prevent self-preferencing
The Commission has opened proceedings against Alphabet to determine whether the display of Google search results may lead to self-preferencing of Google’s vertical search services (e.g., Google Shopping; Google Flights; Google Hotels) over rival services.
The Commission is concerned that Alphabet’s measures to comply with the DMA may not ensure that third-party services featuring on Google’s search results page are treated in a fair and non-discriminatory manner in comparison with Alphabet’s own services. This is required by Article 6(5) of the DMA, which establishes that a gatekeeper must (a) not treat more favourably, in ranking and related indexing and crawling, services and products offered by the gatekeeper itself than similar services or products of a third party, and (b) apply transparent, fair and non-discriminatory conditions to such ranking.
Alphabet’s implementation of Article 6(5) is a major bone of contention; this is exemplified by the reaction of vertical search services to Alphabet’s presentation during the DMA compliance workshop. Alphabet was criticised for offering solutions that end up favouring Alphabet’s services, including by steering business users to spending more on (Alphabet’s) advertising to secure visibility.
The Commission has plenty of tools in its kit to investigate violations of Article 6(5). Contrary to other DMA obligations, which are drafted in a more straightjacketed manner, Article 6(5) covers any measure that has an effect “equivalent” to differentiated or preferential treatment in ranking (see Recital (52)). Moreover, “ranking” is defined broadly to cover any form of “relative prominence” given to goods or services as “presented, organised or communicated” by the gatekeeper (see Article 2(22)). Combined with the anti-circumvention rule established in Article 13, Article 6(5) has the potential to capture any “creative” practices that may self-preference Google’s vertical (and other) services.
Meta’s “pay or consent” model
Under Article 5(2) of the DMA, gatekeepers are prevented from combining personal data sourced from the designated service with personal data sourced from other services. However, there is a catch. Such combination is allowed if the end user has been presented with the specific choice and has given a GDPR-compliant consent.
In relation to the matter of “choice”, the DMA Preamble explains that gatekeepers must offer a less personalised but equivalent alternative, and that the less personalised alternative should not be different or of degraded quality compared to the service provided to the end users who provide consent (Recitals (36) and (37)).
In a controversial move, Meta announced a few months ago that it would implement a “pay or consent” solution whereby end users would have the option to either consent to data combination without paying for Meta’s services, or pay for a subscription that would provide access to the less personalised alternative that would not rely on data combination.
That Meta introduced a “pay” model appears to be based on the Court’s recent preliminary ruling on the German Meta Platforms case, which held that “users must be free to refuse individually, in the context of the contractual process, to give their consent to particular data processing operations not necessary for the performance of the contract, without being obliged to refrain entirely from using the service offered by the online social network operator, which means that those users are to be offered, if necessary for an appropriate fee, an equivalent alternative not accompanied by such data processing operations” (see paragraph 150).
What the Court did not specify, however, was whether the user should be offered choices additional to a subscription (and a less personalised version) and a fully (all-in) personalised version (subject to consent). The Commission appears to think that this should be the case because it notes in its press release that “the binary choice imposed by Meta’s ‘pay or consent’ model may not provide a real alternative if users do not consent.”
Apple’s compliance with user choice obligations
In order to increase contestability within the gatekeepers’ ecosystems, Article 6(3) requires gatekeepers to allow and technically enable end users to (a) easily un-install apps and (b) easily change default settings on the gatekeeper’s operating system (including by prompting users with choice screens to choose other providers).
The Commission has opened proceedings against Apple regarding the full set of obligations established in Article 6(3). The Commission takes issue with how Apple might have failed to (a) enable end users to easily uninstall any software applications on iOS, (b) easily change default settings on iOS, and (c) prompt users with choice screens which must effectively and easily allow them to select an alternative default service, such as a browser or search engine on their iPhones.
The Commission is concerned that Apple’s measures, including the design of the browser choice screen, may be preventing users from truly exercising their choice of services within the Apple ecosystem. It is reminded that Apple was designated as a gatekeeper for Safari, which appears to (still) benefit from preferential treatment to the detriment of other browsers. Though the Commission has not shared further information about its concerns, it (broadly) refers to Article 13, which implies that it might have taken issue with behavioural techniques and interface design that may nudge users into opting for Safari (see Article 13(3) and (6)).
Alphabet’s and Apple’s steering rules
Article 5(4) of the DMA requires gatekeepers to allow app developers to “steer” consumers to offers outside the gatekeepers’ app stores free of charge. The Commission is concerned that Alphabet’s and Apple’s measures may not be fully compliant with the DMA as they restrict the developers’ ability to freely communicate and promote offers and directly conclude contracts, including by imposing various charges. In fact, Apple and Google considered that it was sufficient to allow app developers to offer link outs to purchase associated with large fees. Such a blatant challenge to the principles established in Article 5(4) could not go unnoticed, and it is therefore not surprising that the Commission decided to open infringement proceedings.
Other investigatory steps
In addition to the above, the Commission announced that it has taken steps to gather facts and information to clarify (a) whether Amazon may be treating favorably its own brand products on the Amazon Store in contravention of Article 6(5) of the DMA, and (b) whether Apple’s new fee structure and other terms and conditions for alternative app stores and distribution of apps from the web (sideloading) may fall foul of Article 6(4) of the DMA.
What comes next?
The Commission intends to conclude the proceedings within 12 months (i.e., by March 2025) (see Article 29(2)). Depending on the outcome of the investigation, the Commission will inform the gatekeepers under investigation of its preliminary findings and explain the measures it is considering taking (or the measures the gatekeeper should take) in order to address the Commission’s concerns.
In its press release, the Commission reminded gatekeepers that, in case of an infringement, it can impose fines up to 10% of the company’s total worldwide turnover and that these can go up to 20% in case of repeated infringement (see Article 30). Interestingly, the Commission also noted that, in case of systematic infringements, it has the power to also adopt additional remedies such as requiring a gatekeeper to sell a business or parts of it, or banning the gatekeeper from acquisitions of additional services related to the systemic non-compliance (see Article 18).
Preliminary remarks on the non-compliance investigations
As the non-compliance proceedings unfold, more information will be shared about the practices being investigated. As a result, we will soon be in the position to assess in a more detailed manner the issues raised by the Commission and why the gatekeepers’ plans are prima facie non-compliant with the DMA.
As things stand, we can make the following remarks on the investigations under consideration. First, this is an important development which debunks the myth that the Commission will stay idle post-designation and perhaps paralyzed (because of e.g., insufficient resources, and/or lack of technical subject-matter expertise). That the Commission launched non-compliance investigations less than a month after the compliance reports were made publicly available shows that the Commission takes its role seriously. From a policy perspective, it sets the tone and sends the following message to the tech giants that have been designated (or are likely to be designated): those companies that fall in scope must either offer a DMA-compliant solution or are bound to engage in investigations with significant implications for their business operations (in terms of fines, reputational damage, future commercial strategy, etc.).
The outcome of those investigations may (and arguably should) serve as a building block for the private enforcement of the DMA, including actions for damages. The DMA is a Regulation with direct applicability. Were the Commission to adopt non-compliance decisions, this would speed up private enforcement, which is another incentive for gatekeepers to comply with the DMA.
In its press release, the Commission reminds us of the fact that non-compliance investigations must be concluded within twelve months. Taking account of the timeframe for designation, the DMA implementation/enforcement architecture showcases its advantages compared to the enforcement of competition law. The Commission received the first set of designated-related notifications in July 2023; the designation decisions were adopted in September 2023; gatekeepers started to comply with (at least some of) the DMA obligations by March 2024; and where problems have arisen, those are likely to be addressed by March 2025. Antitrust investigations into three dominant companies for a wide range of practices would have taken longer than 20 months.
In its press release, the Commission not only refers to the provisions regulating the practices under consideration (i.e., Articles 5(2), 5(4), 6(3) and 6(5) DMA), but it also makes mention of Article 13, the so-called anti-circumvention obligation. This is a rule that seeks to prevent gatekeepers from engaging in “shenanigans” by employing methods that may respect the letter of the DMA but not its spirit. It adds a layer of protection against business and end users in relation to several issues, including behavioural techniques that influence the user interface (and how consumers interact with it) and practices of a contractual, commercial or technical nature that undermine compliance with the DMA.
Finally, this development showcases the role of third parties in the enforcement of the DMA. After the designation process was completed, the Commission has had several meetings with business users and competitors to discuss the effective implementation of the DMA. These third parties provided valuable information about the workings of the designated services and practices that should be avoided. Given the complexity of the markets regulated by the DMA, this dialogue with affected third parties should undoubtedly continue and inform the Commission’s future enforcement efforts.
Leave a Reply