GAFAM: can the EU’s Digital Markets Act rein in big tech?
Anne Witt, Professor of Law at EDHEC and Researcher at the EDHEC Augmented Law Institute, in an article published on The Conversation, questions the objectives and implementation of the Digital Markets Act in the face of "digital gatekeepers".
On 12 October 2022, the European Union published the final version of its new Digital Markets Act (DMA). It’s a ground-breaking piece of legislation that will regulate the business conduct of so-called digital gatekeepers – the providers of the core platform services on which businesses depend to reach their customers. Such firms enjoy a entrenched and durable market power. The DMA will enter into force on 1 November 2022, and key rules will start applying on 2 May of next year.
While the Digital Markets Act is not without flaws and a number of questions remain, the legislation has more potential to rein in big tech’s market power than competition law and will significantly change the way that gatekeeper platforms operate in Europe. It’s intended to address shortcomings and vulnerabilities highlighted by the UK’s Furman Report, the US Stigler Report and the EU’s Vestager Report. In particular, all three argued that core platform markets are globally dominated by one or two of the same five companies: Google, Apple, Facebook, Amazon and Microsoft (GAFAM).
The DMA’s objective
The high degree of market concentration results from an unusual combination of factors inherent in digital platform markets: strong network effects, high returns to the use of data, scale and scope economies, and the ease of exploiting consumer biases. These factors make markets prone to tipping in favour of one or two players, and once a market has tipped, high barriers to entry make it difficult for newcomers to compete, even if they have the better product.
To this end, the DMA will subject gatekeepers to a set of stringent conduct rules. They’ll first be designated by the European Commission, and it is fully expected that GAFAM will all make the list.
Conduct rules and penalties
Once designated, gatekeepers will have six months to comply with the 22 conduct rules contained in Articles 5-7 of the DMA. These include:
Obligations to share data with competitors and customers
Possibility for consumers to load apps outside of firms’ app stores
Mandatory interoperability of certain communications systems
Public disclosure of user-profiling techniques
Bans on favouring own services in search results
Many of these obligations go to the very core of big tech’s business models, and it remains to be seen how the firms will adapt. Noncompliance is subject to significant financial penalties: a one-off infringement can result in fines of up to 10% of the gatekeeper’s total worldwide turnover. For repeat offences, the fine may go up to 20%, and the gatekeeper may be banned from entering into mergers and acquisitions.
Stringent rules despite significant lobbying efforts
Given that it’s a complex legal experiment that will impose significant enforcement cost both on the European Commission and the gatekeepers, there has been significant push-back. The American tech sector, in particular, has argued that the DMA is biased against US companies, and will ultimately harm European consumers because it will affect service quality and GAFAM’s incentive to innovate. Big tech reportedly engaged in significant lobbying efforts to avert or at least tone down the Commission’s original legislative proposal.
Judging by the result, these efforts were in vain. If anything, the final text of the DMA is even stricter than the draft. The European Parliament in particular played a decisive role in extending the list of services covered by the DMA, adding new conduct rules and increasing penalties.
The role of national competition agencies
The big tech firms weren’t the only entities expressing displeasure with the Commission’s legislative blueprint. The EU’s national competition agencies, led by Germany, France and the Netherlands, agreed with the substance of the DMA but pushed to be more involved in DMA enforcement.
In a rare joint statement, all 27 agencies argued that they could offer expertise and resources to strengthen the enforcement of the DMA. The fact is that once the DMA is in force, it will preclude national regulation, and leave room only for national competition rules that require an individual assessment of market power and the conduct’s actual effects in each individual case. In its final version, the DMA does empower national agencies to open investigations and collect evidence. However, in the interest of a uniform approach to enforcement, only the Commission is currently competent to assess conduct under the DMA and issue non-compliance decisions.
Public enforcement by the Commission will likely be supplemented in the future by private enforcement. The DMA does not explicitly stipulate that private actors who were harmed by platform conduct in violation of the DMA may sue for compensation. However, it states that the EU rules on collective redress for losses caused by infringements of EU law shall apply to infringements of the DMA.
The DMA integrates many core concepts of the EU’s General Data Protection Regulation (GDPR), and requires the Commission to work closely with data protection bodies. This is a step forward, as regulating data-driven business models requires an interdisciplinary and inter-institutional approach, which has so far been neglected in EU competition law.
Scope for fine-tuning the DMA’s rules
A key criticism of the DMA has been its heavy use of per se rules, i.e., legal rules that do not require proving the actual harmful effects of the investigated conduct but outlaw the conduct as such. These have advantages and disadvantages:
They’re relatively cheap and quick to enforce, meaning that the enforcement of the DMA could be much more effective than that of EU competition law. The abuse of dominance rules in particular require in-depth economic assessments, leading to average investigations in excess of five years.
A clear downside of per se rules is that they’re blunt: they may outlaw conduct that does not cause any actual harm in the individual case (resulting in “false positives”) and may fail to catch conduct that does cause harm (“false negatives”).
They can be circumvented by a firm adapting its business conduct to achieve the anticompetitive result in a manner that is not explicitly outlawed.
However, in its final version, the DMA contains many corrective mechanisms that would allow the Commission to correct rules where needed. It is to be hoped that the Commission will closely monitor the effect of the DMA both on businesses and consumers, and that it will not hesitate to step in if necessary.
Can the DMA achieve its aims?
One shortcoming of the DMA is that it does not address the issue of gatekeeper acquisitions. Collectively, GAFAM have acquired more than 800 companies over the relatively short course of their existence. Many were innovative start-ups developing complementary technologies, which the acquiring firms subsequently integrated into their ecosystems. Just one example is WhatsApp, which Facebook snapped up for US$19 billion in 2014. The deal has continued to make headlines, and not for the best reasons: In 2017, the EU fined Facebook 110 million euros for providing “misleading information” about the takeover, and in 2020, the US Federal Trade Commission sued the company for “illegal monopolization” over the deal.
Despite growing concern about this trend, the European competition agencies and their US counterparts have not yet prohibited a single big tech acquisition, and the question arises whether the existing merger rules, developed in the age of brick-and-mortar-outlets, are fit for the digital economy. The DMA would have been the opportunity to review EU merger control’s theories of harm and standards of proof for the platform economy.
The DMA only applies to core platform services offered to users established or located in the European Union. It does not regulate gatekeeper services provided to users established and located in other jurisdictions. It remains to be seen whether the “Brussels effect” will strike again, with gatekeepers complying with the DMA’s relatively stringent standards outside the EU. Alternately, the gatekeepers could seek to operate services differently in jurisdictions with lower (or currently even nonexisting) regulatory standards. Presumably, there will be some degree of alignment on points that are not overly costly for gatekeepers, but also differences where these are overall profitable.
This article by Anne C. Witt, Professor of Law at EDHEC and Researcher at the EDHEC Augmented Law Institute, has been republished from The Conversation under a Creative Commons license. Read the original article.