6 access controllers and 22 platforms subject to DMA
The DMA (Digital Markets Act) is part of the legislative package put in place by the European Union to impose new rules on the main digital platforms in Europe. With the DSA, which aims to regulate the content and practices of social networks and e-commerce, the DMA aims to allow the EU to impose a set of rules to limit the anti-competitive practices of large companies defined as “data controllers of accesses” or “doormen”. This is due to their weight in essential markets such as online sales, search engines, social networks and operating systems.
These essential groups, valued on the stock exchange at more than 75 billion euros, whose turnover in Europe exceeds 7.5 billion euros, with at least 45 million active users and 10,000 user companies in the EU, have been defined by the European Commission and in particular one of its commissioners, Thierry Breton.
There are six access controllers and they represent 22 platforms, of which here is the list:
- Alphabet: Google, Google Maps, Google Play, Google Shopping, Chrome, Google Search, Google Android, YouTube,
- Amazon: Amazon Marketplace, Amazon,
- Apple : App Store, Safari, iOS,
- ByteDance: Tick tock,
- Half: Meta, WhatsApp, Messenger, Facebook, Instagram, Meta Marketplace,
- Microsoft: Windows PC operating system, LinkedIn.
5 market investigations opened by the European Commission
At the same time as this list was drawn up, the European Commission launched five market investigations. Four of them aim to determine “if the companies [visées] have submitted a sufficiently reasoned rejoinder showing that the services in question should not be designated” from the DMA. These are Microsoft for Bing, Edge and Microsoft Advertising services and Apple for iMessage. These four investigations must be concluded within five months, the commission specifies.
Additionally, a fifth investigation targeting Apple’s iPadOS has been opened. Its purpose is to determine whether this service, “even if it doesn’t reach the thresholds”, must be designated as responsible for access processing. This investigation must be completed after a maximum period of twelve months. Finally, the commission considered that, despite reaching the threshold set by the regulation, Gmail, Outlook.com and Samsung Internet Browser would not be subject to the DMA, due “sufficiently strong arguments indicating that these services cannot be considered access points for the services of the platform in question”. This is specifically why Samsung dropped the initial July 2023 listing.
Access controllers have six months to comply
“This is an important step for online freedom and innovation in Europe. The most influential companies will now have to respect our rules”, Thierry Breton exulted. Access controllers now have six months to comply with the DMA. They “We have six months to submit a detailed compliance report describing the modalities [ils] comply with each of the obligations established by the regulation of digital markets”.
These companies and platforms, for example, will have to do so “allow third parties to interact with your services in certain specific situations” OR “allow user companies to access the data generated by their activities on their platform”. However, they will no longer be entitled to it “to prevent consumers from accessing business services outside of their platforms” you hate “track end users outside of the platform’s core service for targeted advertising purposes without consent”. These various obligations and other examples can be viewed on the commission’s website.
The next steps for the DMA are therefore to adapt the access controllers by March 2024. The calendar also specifies that any new designations could take place in February 2024.