6 access controllers and 22 platforms subject to DMA
The DMA (Digital Markets Act) is part of the legislative package put in place by the European Union to impose new rules on the main digital platforms in Europe. Along with the DSA, which aims to regulate the content and practices of social networks and e-commerce, the DMA aims to allow the EU to impose a set of rules to limit the anti-competitive practices of large companies defined as ” access controllers” or “gatekeepers”. And this, because of their weight in essential markets such as online sales, search engines, social networks and operating systems.
These essential groups, valued at more than 75 billion euros on the stock market, whose sales in Europe exceed 7.5 billion euros, have at least 45 million active users and 10,000 user companies in the EU, have defined by the European Commission and in particular one of these Commissioners, Thierry Breton.
The access controllers are six in number and represent 22 platforms, of which here the list :
- Alphabet: Google, Google Maps, Google Play, Google Shopping, Chrome, Google Search, Google Android, YouTube,
- Amazon: Amazon Marketplace, Amazon,
- Apple: App Store, Safari, iOS,
- ByteDance: Tik Tok,
- Meta: Meta, WhatsApp, Messenger, Facebook, Instagram, Meta Marketplace,
- Microsoft: Windows PC OS, LinkedIn.
5 market inquiries opened by the European Commission
Alongside the establishment of this list, the European Commission opened five market investigations. Four of them aim to determine “whether the (targeted) companies have presented a sufficiently substantiated rebuttal demonstrating that the services in question should not be designated” by the DMA. These are Microsoft for its Bing, Edge and Microsoft Advertising services, and Apple for iMessage. These four investigations must be concluded within five months, specifies the commission.
In addition, a fifth investigation has been opened and targets Apple’s iPadOS. Its purpose is to determine whether this service, “although it does not reach the thresholds”, must be designated as access controller. This investigation should be completed after a maximum period of twelve months. Finally, the committee considered that, despite the threshold set by the regulation being reached, Gmail, Outlook.com and Samsung Internet Browser would not be subject to the DMA, due to “sufficiently strong arguments indicating that these services cannot be considered as access points for the platform services concerned”. This is one of the reasons why Samsung dropped from the initial list in July 2023.
Access controllers have six months to comply
“This is an important step for online freedom and innovation in Europe. The most influential companies will now have to play by our rules”, rejoiced Thierry Breton. Gatekeepers now have six months to get DMA compliant. They “have six months to submit a detailed compliance report describing how (they) meet each of the obligations of the Digital Markets Regulation”.
These companies and platforms will, for example, have to “allow third parties to interact with their own services in certain specific situations” or “allowing user companies to access the data generated by their activities on their platform”. On the other hand, they will no longer have the right “to prevent consumers from accessing company services outside of their platforms” or of “track end users outside of their essential platform service for the purpose of targeted advertising without consent”. These various obligations and other examples are to be consulted on the committee’s website.
The next steps for the DMA are therefore the compliance of access controllers by March 2024. The timetable also specifies that possible new designations could take place in February 2024.