On 15 December 2020, the European Commission released two much anticipated proposals for new regulations governing conduct in the digital space – the Digital Markets Act (“DMA”) and the Digital Services Act (“DSA”).
These proposals underscore the leading role the Commission, particularly under current Vice President Margrethe Vestager, is looking to play in connection with how companies active in the digital sector are regulated. The EU is being joined by other jurisdictions in pushing forward with further initiatives in this space, with other major economies also looking critically at how they regulate players in the digital and tech sector. The United Kingdom has, for example, recently announced that it will put in place new Codes of Conduct to govern the market conduct of major platforms, which will be enforced by a Digital Markets Unit at the Competition & Markets Authority. Germany is amending its competition law to address the digital space, while the US antitrust agencies and States are bringing enforcement actions against large tech companies following on the heels of the recent US House of Representatives’ report that proposed sweeping reforms to address what it sees as competition problems in the sector.
The DMA is, according to the Commission, aimed at “ensuring fair and open digital markets”. To this end, the DMA would impose a number of legal obligations upon so-called “gatekeepers” in the digital space in Europe.
In short, a gatekeeper will be an operator of an online platform that has a significant impact on the EU and that operates as an important “gateway” for businesses to reach end users. The DMA sets out a number of thresholds (based on revenue and user numbers) upon which a platform operator will be presumed to be a gatekeeper (unless they provide sufficient evidence to convince the Commission that they are not). Further, the Commission will have powers to conduct market investigations, with a view to designating particular companies as gatekeepers.
While the obligations imposed upon companies designated as gatekeepers are wide, the effects the DMA will have on most online businesses from a compliance perspective should not be overstated. Meanwhile, some businesses that fall outside the gatekeeper definition will benefit from the obligations imposed on gatekeepers. The definition of a gatekeeper, and the thresholds that result in a presumption that a platform operator is a gatekeeper, are intended to capture only the largest and most “entrenched” platform operators. Indeed, Internal Market Commissioner Thierry Breton has said that it anticipates around 10 European companies will qualify as gatekeepers under these definitions.
Under the DMA, once a company is designated as a gatekeeper, it will face a number of obligations intended to ensure it operates in a fair way, allowing other online businesses to effectively compete and reach consumers. While the DMA lists a wide range of obligations that must be met, some of the key obligations include:
In order to enforce the DMA, the Commission will be equipped with wide ranging investigative powers, including the power to issue information requests or to carry out onsite inspections. The Commission will also be able to impose significant fines of up to 10% of the gatekeeper’s global turnover if they fail to comply with their obligations. For systematic breaches of the DMA, it is also proposed that the Commission may also be able to impose behavioural or structural remedies on gatekeepers, potentially even extending to requiring divestiture of parts of their business.
In contrast to the DMA, the DSA is not concerned with ensuring fair competition in the digital sector. Rather, its primary aim to ensure that the digital services in Europe are safer and more open.
Specifically, the DSA would impose different obligations on companies active in the online economy. Those obligations would differ in scope, depending on how that business is classified (e.g. as an intermediary service, hosting service or online platform). Broadly, the obligations would include requirements regarding transparency, taking account of fundamental rights in terms of service, cooperating with national authorities, vetting of third party suppliers and requirements to report criminal offences.
For “very large platforms”, the obligations would extend further, and impose broad obligations relating to areas such as risk management, data sharing with authorities, codes of conduct and crisis response cooperation.
As with the DMA, the DSA proposes that the Commission will have wide investigative and fining powers.
The proposals issued by the Commission this week are just that – proposals that are still subject to lobbying and changes as they wind through the EU’s legislative process. That process will now likely take the better part of the next one to two years, with both proposals possibly not coming into force until 2023.