It’s D-Day. The European Commission has designated its list of digital “gatekeepers” that must comply with the landmark Digital Markets Act (DMA).
Five American giants — Alphabet, Amazon, Apple, Meta, Microsoft — and one Chinese firm, ByteDance — suddenly have become subject to rules designed to prevent them from stifling competition. Penalties for breaching the regime can reach up to 10% of global annual turnover — or 20% for serial repeaters. EU regulators could even force these gatekeepers to sell a business or ban them from purchasing or launching additional services.
In contrast, US legislative gridlock prevents the passage of strong tech legislation, leaving regulators relying on antitrust laws. A landmark US antitrust case against Google opened on September 13, with the Department of Justice arguing that the company exploited its dominance of the Internet search market to lock out competitors and smother innovation.
But antitrust investigations drag out. Companies have the right to defense, and they exploit it to delay. European cases against Google started back in 2009 and are still being fought out in court. Theories of harm are often difficult to adapt to new realities, often allowing companies to escape without penalty.
The new European DMA is designed to speed up and give regulators additional flexibility to impose remedies. They are touted as the largest expansion of tech regulation among Western democracies, opening the door to massive changes to the operation of app stores, online advertising, e-commerce, messaging services, and other common digital tools.
That’s the theory. The reality will depend on how the legislation, often vaguely worded, is interpreted and enforced. European regulators face a daunting task. Expect contentious PR battles, fines, remedies — and long, drawn-out court cases.
It’s happened before. When the EU’s General Data Protection Regulation, the world’s toughest rules to protect people’s online data came into force in 2018 it set a global standard. But enforcement faltered. Until this year, no significant fines were handed out. The 2023 €1.2 billion penalty against Meta looks set to be appealed all the way to the European Court of Justice.
If anything, the GDPR privacy rules benefited the largest tech companies such as Alphabet, Amazon, and Apple. The Silicon Valley companies enjoyed a direct connection with consumers and could gain the required consent to process personal data and target services and ads. B2B firms, many European, became dependent on the US giants to gain consent.
Another error was to delegate enforcement to national regulators. Most large US tech companies base their European operations in either Ireland or Luxembourg, small countries that lack needed resources. The Irish Data Protection Authority’s office was located above a grocery shop employing only 50, though it now has staffed up and moved to downtown Dublin.
In order to correct this mistake, the Brussels-based European Commission was named the lead enforcer for the new DMA. It’s building a team of lawyers, engineers, and economists. But nationalism already has scuttled attempts to hire the most qualified individuals. French President Emmanuel Macron torpedoed the choice of renowned Yale Professor Fiona Scott Morton to be the European Commission’s chief competition economist, saying it was not “coherent” with Europe’s goal of strategic autonomy to hire an American citizen.
Even if Brussels manages to find qualified regulators, it must share enforcement with member states and private individuals, creating uncertainty and potential confusion. Germany, for example, has put in place new antitrust laws that overlap with DMA rules. In addition, private individuals will be allowed to bring suits. Companies could face regulatory skirmishes throughout the 27-nation EU.
It’s a recipe for conflict. Apple and Microsoft are fighting the Commission’s designation of iMessage and Bing as gatekeepers — claiming the services were insufficiently popular to qualify. Bing has a 3% market share and Apple says iMessage fails to meet the DMA’s 45 million gatekeeper threshold. TikTok, picked perhaps to ensure that all the designated gatekeepers are not American, is protesting its designation.
Companies, even if they say that they want to be cooperative, will be reluctant to shed a rational instinct to resist. Many of the new rules were imposed without serious thought of how they would be implemented. For example, the DMA says subscribers of smaller services such as Signal should be allowed to call users of Meta’s Messaging gatekeeper services WhatsApp and Messenger. But the DMA offers no guidance on how to achieve this goal.
Gatekeepers are supposed to favor their own products over those of competitors, in legal jargon, to not self-preference. Expect them to produce thick compliance reports written by expensive lawyers saying, “I don’t self-preference.” The European Commission then must prove companies are wrong. It will be difficult. Expect ferocious legal battles that will do much to determine our digital future.
Bill Echikson is a non-resident CEPA Senior Fellow and editor of Bandwidth.
Bandwidth is CEPA’s online journal dedicated to advancing transatlantic cooperation on tech policy. All opinions are those of the author and do not necessarily represent the position or views of the institutions they represent or the Center for European Policy Analysis.