When the Commission announced in its 2015 Digital Single Market Strategy that it would look into establishing a “fit for purpose regulatory environment for platforms and intermediaries” , it promised little more than a review of various pre-existing rules. The situation changed dramatically in the 2020 “Shaping Europe’s Digital Future” Communication, where a new Digital Services Act had been announced, as was the introduction of “ex ante rules to ensure that markets characterised by large platforms with significant network effects acting as gatekeepers, remain fair and contestable for innovators.”
The promise to introduce ex ante rules for gatekeeping platforms was little short of revolutionary. Ex ante rules, hitherto only used in telecommunications law, are a hybrid form of competition law, whereby a designated authority (normally national telecoms authorities) identifies actors with significant market power in danger of violating competition rules, and imposes remedies on them in advance. Such rules are, in their very nature, asymmetric (as they do not apply equally to all providers) and sector-specific (as they only apply to telecoms). It is worth noting that the Commission’s plan had always been to gradually reduce the need to rely on sector-specific regulation and have regular competition rules cover the issue. Although this has not happened yet (the 2018 European Electronic Communications Code maintains the model that essentially dates to late 90s), the number of markets the rules apply to have gradually been reduced over the years.
The newly proposed Digital Markets Act (not to be confused with the proposed Digital Services Act which is the revision of the E-Commerce Directive) is, in essence, an ex ante (since sanction are imposed in advance and not as a reaction to past violations) and sector-specific (since only certain platforms are included) instrument. This is interesting both because it is an original solution to a burning problem of platform regulation but also because it has not been attempted before and would bring a host of new challenges. Equally importantly, unlike telecommunications law, which charges national regulatory agencies with the enforcement, DSM places the whole process mostly on the shoulders of the Commission, creating centralization and uniformity but losing flexibility and potentially raising questions about subsidiarity.
This article is an attempt to outline the main operation of the DSM.
1 Subject Matter and Scope
The proposed Regulation is based on the idea that some platforms (gatekeeping platforms) have a major impact over digital markets and create dependencies and potentially unfair behavior. The Commission had already ventured into this field, with a sector-specific 2019 Regulation of platform-to-business trading practices, the present Proposal going both deeper and wider. Nevertheless, the Proposal only applies to “core platform services“, provided by “gatekeeping” platforms. Such platforms can be defined using a combination of qualitative assessment and quantitative metrics, the main idea being that a designated platform would be required to comply with a number of obligations procedurally imposed and controlled by the Commission and removed once the need for them had disappeared.
The Commission’s main point, similarly to the reasoning used in telecoms regulation, is that competition law currently cannot address (or cannot effectively do so) the gatekeeper-problems but that the new law can complement the existing competition law.
The Commission examined several policy options (all requiring EU-level enforcement) which eventually crystallized into three. They range from fixed to flexible:
- pre-defined list of gatekeepers
- partially flexible frameworks
- flexible option based on qualitative thresholds
The Commission chose the second option, containing a closed list of core services with a combination of qualitative and quantitative criteria for provider designation coupled with some direct obligations.
2 What are Gatekeepers?
As per Article 1, the Regulation applies to “core platform services” provided by gatekeepers to business users or end users. The core services are specifically listed in Article 2(2) as:
- online intermediation services
- online search engines
- social networking
- video-sharing platforms
- number-independent interpersonal telecoms services
- operating systems
- cloud services
- advertising services
The definition seems to be wide and encompasses most of the modern platforms.
Furthermore, the Proposal applies to “gatekeeping platforms”, which are those core platforms that fulfill the three cumulative qualitative criteria (Article 3(1), qualified by quantitative elements (in brackets below):
- have a significant impact on the internal market (presumed to exist if annual EEA turnover is over €6.5 billion in the last three financial years or market capitalisation is over €65mil and services are provided in at least three Member States)
- operate one or more important gateways to customers (presumed to be the case if a service has over 45mil active end users in the EU and 10000 in the last financial year)
- have (or will have) an entrenched and durable position in the society (presumed to exist where the thresholds from the previous point exist)
The fulfilled conditions do not themselves trigger sanctions but only open the possibility that the Commission may impose the obligations if it is satisfied that a risk exists in the procedure regulated in the Proposal and actually designates a provider as a gatekeeper within a specific core service (i.e. not in general. Thus Google could, for example, be designated as a core provider within its search engine business but not its office application suite).
The presumptions are rebuttable (Article 3(4)). Furthermore, Article 3(5) allows the Commission to adjust the thresholds, which is a methodology already known from the telecoms sector. The Commission may, as per Article 4, review its decision at any point.
It is clear that both the qualitative and quantitative criteria need to be met but the Commission is entitled, in Article 3(5), to designate as a gatekeeper a provider which does not otherwise meet the quantitative thresholds if criteria such as the size, number of users, entry barriers, economies of scale, user lock-in effects or other structural characteristics are met. It is difficult to think of the mechanism as providing a true “de minimis” rule, since a designation can be made even if quantitative criteria are not met.
In terms of the scope, the Regulation applies to services offered to businesses established in the EU or end users established or located in the EU. It is irrelevant where gatekeepers are located. This extends the field of application to all services normally offered by non-EU platforms.
The Regulation does not apply to general telecoms services although it does to number-independent telecoms services such as messengers. The proposal is intended to be a full harmonization measure in its scope (Article 1(4)). Furthermore, the proposal does not prevent the use of EU or national competition law.
3 Obligations Imposed
For each of the gatekeeper’s core platform services designated by the Commission , a set of ‘hard’ and ‘soft’ obligations exist (Articles 5-6, see Appendix below) coupled with corrective mechanisms (Articles (7-10)). While the former are binding directly, the latter can be “further specified” by the Commission. The seven ‘hard’ obligations (Article 5) are essentially preventing gatekeepers’ anticompetitive behavior towards business users. The eleven ‘soft’ obligations (Article 6) are oriented both towards business and end users. The measures, which need to be “effective”, also need to be in compliance with GDPR, the consumer, product safety and cybersecurity laws. Gatekeepers are given the option of arguing, in Article 8(1), that the measures from Articles 5 and 6 endanger the “the economic viability of the operation” and should, to that extent, be temporarily suspended. Such suspensions will, however, be reviewed yearly. Gatekeepers may also be exempted (Art. 9) for reasons of public morality, health or security.
Particularly significant is the Commission’s ability (Art. 10) to update the obligations of articles 5 and 6 when, having pursued a market investigation (Art. 17), where it finds that there is a need for new obligations that address practices that limit gatekeepers’ contestability or are unfair in the same manner as those in Arts. 5-6. This effectively means that lists in articles 5 and 6 are non-exhaustive. In that sense, a practice “considered to be unfair or limit the contestability of core platform services” exists where the gatekeeper is “obtaining an advantage from business users that is disproportionate to the service provided” or “the contestability of markets is weakened as a consequence of such a practice”.
The procedure for designating a provider of core services a gatekeeper reminds of the similar procedure in the telecoms sector. The Commission opens a market investigation (Article 15) following an “advisory procedure” (art. 32), the result of which may be a decision pursuant to Article 3(7) designating a platform as a gatekeeper. If a gatekeeper does not yet enjoy an entrenched position but may so in the future, only a limited set of obligations may be imposed. Three or more Member States may compel the Commission to initiate an investigation (Article 33).
Where a systematic non-compliance exists (Article 16) “any behavioural or structural remedies which are proportionate to the infringement committed and necessary to ensure compliance” may be imposed. A systematic infringement is required (presumed to exist if three non-compliance decisions/fines were issued), coupled with a finding that the gatekeeper “has further strengthened or extended its gatekeeper position” (presumed to exist if its market importance or importance has increased). While this may seem harsh, in reality it is little more than an indication that regular competition law may be applicable in addition to the sector-specific measures. Structural remedies, however, may only be imposed where “no equally effective behavioural remedy or where any equally effective behavioural remedy would be more burdensome”.
4 Procedure and Enforcement
The Commission is given significant procedural powers, ranging from the ability to request information (Article 19), to the ability to carry out interviews (Article 20) or conduct on-site inspections (Article 21), the latter similar to “dawn raids” known from traditional competition law. Interim measures are also available (Article 22), though only in the context of proceedings already initiated.
Article 23 offers the gatekeepers the possibility to offer commitments and end further proceedings. The Commission has the ability to accept or reject such commitments and may reopen proceedings if they are deemed to be insufficient at a later stage. The Commission itself is tasked with monitoring the obligations (Article 24), and may adopt a non-compliance decision (Article 25). Fines not exceeding 10% of its total turnover in the preceding financial year may be imposed in cases of intentional or negligent failure to comply with substantive obligations (and having the gravity, duration and recurrence in mind) and fines not exceeding 1% on failures to comply with procedural obligations. Since the fines can be calculated taking account of the turnover of the members of an association of undertakings, the fines can be collected from these members in cases of insolvency. Periodic penalty payments not exceeding 5 % of the average daily turnover in the preceding financial year per day may be imposed (Article 27) in order to compel them to comply with certain important obligations (systematic non-compliance, refusal to give information, etc.)
The Commission is assisted by a Digital Markets Advisory Committee.
The Court of Justice of the European Union (CJEU) has unlimited jurisdiction to review decisions by which the Commission has imposed fines or periodic penalty payments and may cancel, reduce or increase the fine or periodic penalty payment imposed.
5 A New Way Forward
While some concerns remain (the novelty of the approach, the lack of a true “de minimis” rule, the enforcement burden moved to the Commission), there are several reasons why the proposed Regulation, if adopted, may bring a fundamental change in the attitude toward platform regulation.
First, the Proposal, though sector-specific, is content-neutral. In other words, it applies to any situation where gatekeeping platforms providing core services have a major impact on the market and create dependencies. It can be deployed equally effectively in situations involving fake news as it can in those involving defamation or IP-infringement. Second, the Proposal relies heavily on the well-tested mechanisms from the telecoms sector and repeat, with some minor adjustments, the designation and enforcement structures from the telecoms world. These have proven to be relatively effective. This brings certainty in enforcement and a degree of predictability for platforms. Third, the Proposal has multiple safeguards built-in, including the duty to hear platforms during proceedings, the ability to impose less burdensome obligations and the power to appeal decision to CJEU. Finally, the fines structure and the enforcement mechanisms, which come from the competition law world, coupled with the sector-specific and ex ante nature of the designation mechanism, bring potentially game-changing efficiency which competition law largely lacks.
It is difficult to escape the feeling that Western democracies are incapable of regulating large platforms. It is equally clear that these platforms, while bringing significant benefits, present insurmountable problems that affect core values of our societies (democracy, free speech, gender equality, privacy, consumer protection). The suggested new approach has the potential to be a valuable tool in the fight to prevent the dystopian future so aptly presented in literature and cinema and slowly becoming a reality.
Appendix: ‘Hard’ and ‘ Soft’ Obligations:
Article 5 Obligations for gatekeepers
In respect of each of its core platform services identified pursuant to Article 3(7), a gatekeeper shall:
(a) refrain from combining personal data sourced from these core platform services with personal data from any other services offered by the gatekeeper or with personal data from third-party services, and from signing in end users to other services of the gatekeeper in order to combine personal data, unless the end user has been presented with the specific choice and provided consent in the sense of Regulation (EU) 2016/679.
(b) allow business users to offer the same products or services to end users through third party online intermediation services at prices or conditions that are different from those offered through the online intermediation services of the gatekeeper;
(c) allow business users to promote offers to end users acquired via the core platform service, and to conclude contracts with these end users regardless of whether for that purpose they use the core platform services of the gatekeeper or not, and allow end users to access and use, through the core platform services of the gatekeeper, content, subscriptions, features or other items by using the software application of a business user, where these items have been acquired by the end users from the relevant business user without using the core platform services of the gatekeeper;
(d) refrain from preventing or restricting business users from raising issues with any relevant public authority relating to any practice of gatekeepers;
(e) refrain from requiring business users to use, offer or interoperate with an identification service of the gatekeeper in the context of services offered by the business users using the core platform services of that gatekeeper;
(f) refrain from requiring business users or end users to subscribe to or register with any other core platform services identified pursuant to Article 3 or which meets the thresholds in Article 3(2)(b) as a condition to access, sign up or register to any of their core platform services identified pursuant to that Article;
(g) provide advertisers and publishers to which it supplies advertising services, upon their request, with information concerning the price paid by the advertiser and publisher, as well as the amount or remuneration paid to the publisher, for the publishing of a given ad and for each of the relevant advertising services provided by the gatekeeper.
Article 6 Obligations for gatekeepers susceptible of being further specified
- In respect of each of its core platform services identified pursuant to Article 3(7), a gatekeeper shall:
(a) refrain from using, in competition with business users, any data not publicly available, which is generated through activities by those business users, including by the end users of these business users, of its core platform services or provided by those business users of its core platform services or by the end users of these business users;
(b) allow end users to un-install any pre-installed software applications on its core platform service without prejudice to the possibility for a gatekeeper to restrict such un-installation in relation to software applications that are essential for the functioning of the operating system or of the device and which cannot technically be offered on a standalone basis by third-parties;
(c) allow the installation and effective use of third party software applications or software application stores using, or interoperating with, operating systems of that gatekeeper and allow these software applications or software application stores to be accessed by means other than the core platform services of that gatekeeper. The gatekeeper shall not be prevented from taking proportionate measures to ensure that third party software applications or software application stores do not endanger the integrity of the hardware or operating system provided by the gatekeeper;
(d) refrain from treating more favourably in ranking services and products offered by the gatekeeper itself or by any third party belonging to the same undertaking compared to similar services or products of third party and apply fair and non-discriminatory conditions to such ranking;
(e) refrain from technically restricting the ability of end users to switch between and subscribe to different software applications and services to be accessed using the operating system of the gatekeeper, including as regards the choice of Internet access provider for end users;
(f) allow business users and providers of ancillary services access to and interoperability with the same operating system, hardware or software features that are available or used in the provision by the gatekeeper of any ancillary services;
(g) provide advertisers and publishers, upon their request and free of charge, with access to the performance measuring tools of the gatekeeper and the information necessary for advertisers and publishers to carry out their own independent verification of the ad inventory;
(h) provide effective portability of data generated through the activity of a business user or end user and shall, in particular, provide tools for end users to facilitate the exercise of data portability, in line with Regulation EU 2016/679, including by the provision of continuous and real-time access ;
(i) provide business users, or third parties authorised by a business user, free of charge, with effective, high-quality, continuous and real-time access and use of aggregated or non-aggregated data, that is provided for or generated in the context of the use of the relevant core platform services by those business users
EN 41 EN
and the end users engaging with the products or services provided by those business users; for personal data, provide access and use only where directly connected with the use effectuated by the end user in respect of the products or services offered by the relevant business user through the relevant core platform service, and when the end user opts in to such sharing with a consent in the sense of the Regulation (EU) 2016/679; ;
(j) provide to any third party providers of online search engines, upon their request, with access on fair, reasonable and non-discriminatory terms to ranking, query, click and view data in relation to free and paid search generated by end users on online search engines of the gatekeeper, subject to anonymisation for the query, click and view data that constitutes personal data;
(k) apply fair and non-discriminatory general conditions of access for business users to its software application store designated pursuant to Article 3 of this Regulation. - For the purposes of point (a) of paragraph 1 data that is not publicly available shall include any aggregated and non-aggregated data generated by business users that can be inferred from, or collected through, the commercial activities of business users or their customers on the core platform service of the gatekeeper.