Executive Summary

• On March 6, 2024, the European Union’s (EU) Digital Markets Act (DMA) went into effect, designating large tech firms as “gatekeepers,” requiring them to open their services, and preventing them from favoring their own at the expense of rivals.
• While the DMA is designed to help smaller firms using the gatekeepers’ services, in practice, the compliance plans gatekeepers implement in response to the law often come with negative consequences for consumers, such as additional pop-ups, cybersecurity risks, and reduced functionality.
• Congress should carefully evaluate the impact of the EU’s DMA before implementing similar legislation such as the Open App Markets Act or the American Innovation and Choice Online Act.

Introduction

On March 6, the European Union’s (EU) Digital Markets Act (DMA) went into effect for the largest big tech platforms in an attempt to make the digital economy fairer for smaller firms that rely on large technology firms to reach consumers.

The DMA provisions designate the largest firms as “gatekeepers” and require that they offer their core platform services to businesses and consumers. As of enactment, the law specifically covers Alphabet, Amazon, Apple, ByteDance, Meta, and Microsoft. Specifically, the law forces these firms to open their services to competitors, prevents them from favoring their own products and services at the expense of rivals, and requires these firms to provide more transparency about their business practices.

Yet as each gatekeeper provides a unique service, compliance with the DMA will vary among firms. What’s more, because the DMA focuses on protecting smaller firms rather than consumers, many of the compliance changes may negatively affect the user experience online. And because the DMA’s goal is to protect competitors, its goalposts may forever shift as competitors are likely to have ever-evolving complaints about what they feel is stifling their ability to compete.

Congress has contemplated legislation similar to the DMA, such as the American Innovation and Choice Online Act (AICOA) and the Open App Markets Act (OAMA). If lawmakers wish to pursue this course, they should first carefully examine how companies approach the EU’s new regulations and the effect that these changes have on consumers.

Digital Market Act Proposals, Goals, and Reality

The DMA targets the perceived dominance of large online platforms. It is intended to ensure fair competition, foster innovation, and protect consumer rights by regulated online “gatekeepers,” firms with a strong economic or intermediation position or an entrenched durable position in the market. Six firms have been designated as gatekeepers: Amazon, Apple, Bytedance, Google, Meta, and Microsoft.

The objectives of the DMA are multifaceted, notably including the prevention of gatekeepers from engaging in anti-competitive practices, a directive for them to foster innovation and growth within the European digital economy, and a mandate that they enhance consumer choice and control. The DMA’s goals are pursued through a series of obligations imposed on gatekeepers, such as prohibiting them from favoring their own services (e.g., Apple’s App Store) or using non-public data to compete unfairly against other businesses. Additionally, the DMA encourages interoperability and data portability, allowing users to move their data more freely across platforms, thereby enhancing consumer choice and fostering competition.

The European Commission plays a central role in the process of enforcement. With significant investigative powers, the Commission can conduct market investigations, request information, and carry out inspections on companies to ensure compliance. Non-compliance can lead to substantial fines and structural remedies, such as business practice adjustments or company break-ups to restore what the Commission deems competitive conditions.

It is not surprising that the implementation of the DMA has already faced challenges, including pushback from major technology companies. For instance, Apple has raised concerns about the DMA’s potential to undermine user privacy and security, particularly in relation to mandated interoperability and data portability measures. Similarly, other firms have expressed concerns regarding the operational and financial impacts of compliance, especially regarding the prohibition of certain data-use practices and requirements to allow third-party services to interoperate with their platforms. These companies argue that such measures could stifle innovation and disadvantage European users and businesses – a familiar theme in recent years in the technology sector in Europe. While the DMA stems from an initiative to make the digital economy more accessible and user-friendly for both consumers and developers, in practice, the law may decrease the functionality of key services, such as by requiring users to sift through additional pop-ups and notifications.

For U.S. lawmakers, the DMA offers insight into a critical experiment in digital market regulation as they consider similar types of regulation.

Gatekeeper Implementation

Because each gatekeeper provides unique offerings and services, individual compliance plans vary between firms. This section provides a high-level overview of each implementation plan, highlighting the major changes for each service covered.

Amazon

Amazon’s compliance with the DMA covers a wide range of activities, but the largest focus is on its practices within its online marketplace. Specifically, Amazon made changes to the criteria for the “featured offer” option, which was previously known as the buy box. Essentially, Amazon provides the user an option to buy a product in its store directly on the products page. When multiple sellers offer the product, the featured offer will generally be the cheapest or highest-rated offer, with consumers still having the option to view other offers. The DMA’s changes to the featured offer option attempt to ensure that the criteria by which a seller and product qualify do not create a bias in favor of Amazon’s own products. Amazon will additionally offer a range of data access tools for third-party sellers to better understand the trends of consumers – data that previously only Amazon had access to and that argued gave the platform a significant advantage in its own store.

In addition to changes in the store, Amazon will include additional consent prompts for the use of personal data for advertisements and data portability Application Programming Interfaces (API) to give third-party developers access to Amazon user data.

Apple

Apple’s main DMA compliance work focuses on its app store practices, which has long been considered a “closed garden,” only allowing apps approved by Apple and distributed through its host App Store on Apple Devices. Yet the issue for most developers is not that they must use the App Store as a conduit, but rather that they must pay Apple a 30 percent commission on transactions through the store. To comply with the DMA, Apple announced more than 600 new APIs, expanded app analytics, and introduced functionality for alternative browser engines that allow for alternative payment processing methods and app distribution avenues. This will allow developers to direct users to external platforms for completing transactions and accessing promotions or discounts outside the App Store. Furthermore, users can now sideload apps, bypassing the App Store entirely.

To capture lost revenues, Apple will add new fees to developers for use of the service to support the App Store. The new approach from Apple incorporates a reduced commission structure that varies based on transaction types and introduces a “Core Technology Fee” for apps distributed through alternative marketplaces or that use alternative payment processors. Apple argues that this new fee structure reflects the value it provides through its platform, including app distribution, discovery, and the secure and trusted environment of the App Store.

Apple is also introducing new user protections and disclosures to navigate the increased risks associated with these changes. These include labeling on the App Store to inform users about apps utilizing alternative payment processing, in-app disclosures for transactions not processed by Apple, and an expanded data portability option for EU users to access and export data about their App Store usage. Regarding these changes, Apple has voiced concerns about the potential privacy and security risks posed by sideloading and the use of alternative app marketplaces.

Google

With the wide range of services Google provides, the company must take a multi-faceted approach to DMA compliance. Google will require additional consent from users across all of its products. While this will give users more control over their data and personalized ads, it will also increase the number of popups, including those offering alternatives to Google products when using Google search and Android devices, such as the choice to choose a default browser on mobile.

Specifically, regarding Google Search, Google will modify results to give more prominence to comparison sites and direct suppliers, especially in sectors such as hotel reservations. This will involve introducing dedicated units that include links to comparison sites and detailed individual results, potentially altering how users interact with Google Search.

Finally, like other gatekeepers, Google is adding a new Data Portability API for developers. This should allow developers to move their data to third-party apps or services more seamlessly.

Meta

Meta’s DMA compliance focuses primarily on data, specifically offering users the option to block Meta from combining data across Facebook and Instagram. Further, users will be able to manage their Instagram and Facebook accounts separately, deciding whether to share information across these platforms. This choice extends to Messenger and Marketplace, where users can decide to use these services without linking their Facebook information, affecting how they interact within these platforms.

For Marketplace, users can opt for a version that doesn’t use their Facebook information, changing how communication between buyers and sellers occurs. Similarly, for Facebook Gaming, users can choose to use their Facebook information for an enhanced gaming experience or opt for a more limited experience without using their Facebook data.

Finally, users will have the option to subscribe to a service to stop seeing ads on Instagram and Facebook, which have historically been offered free to users but are funded by targeting users with ads based on their usage data.

Microsoft

For Windows and Android devices, Microsoft will allow users to uninstall certain pre-installed apps, including Camera, Cortana, and even Microsoft Edge to promote user choice and flexibility. Microsoft is also introducing new interoperability points within Windows to newsfeed providers and enabling alternative web search engines in Windows Search.

Like Apple, Microsoft is making it easier for users to set and maintain their default app preferences, especially concerning web browsers and search engines. The system will respect the user’s default app choices, including during updates, ensuring that these preferences are not altered without the user’s consent.

TikTok

After attempting to appeal its gatekeeper designation, TikTok launched a new Data Portability API that allows developers to transfer a copy of their TikTok data and improves the functionality of user data portability tools. Further, TikTok created a webform for business accounts to enable feedback on DMA-related features and tools for future developments.

Implications for U.S. Legislation

While most of the changes implemented to comply with DMA only affect European consumers, U.S. lawmakers continue to debate similar legislation – the most significant of which are the American Innovation and Choice Online Act and the Open App Markets Act, both introduced last Congress.  In doing so, lawmakers should study the implementation of the DMA and the effect on European consumers.

The American Innovation and Choice Online Act would impose similar prohibitions on firms favoring their own products or services at the expense of rivals, but already many European consumers have found the additional restrictions and conditions burdensome. For example, some consumers expressed concern that Google Maps was not clickable from the Google search page, as embedding the map could be seen as preferencing Google’s own service over others, such as MapQuest. Further, while consumers can now choose their default browser, users must click through numerous screens to make their choice and are inundated with browsers to choose from, leaving users with additional work to determine which browser is best for them. While the changes will provide third-party platforms a better opportunity to compete, many consumers value the streamlined experience that is now lost due to the legislation.

The Open App Markets Act would likewise require firms such as Apple to open their devices to third-party app stores, allowing developers to bypass App Store transaction fees on Apple devices. Many consumers would probably like this change, but allowing sideloading impacts all Apple users, not just those who sideload apps onto their devices. For example, if a user sideloads an app that contains malware, the attacker can gain access to information about the user’s contacts stored on the device. Notably, this doesn’t affect just EU consumers, as many Americans’ information would likewise be at risk if they share contacts with European consumers.

Finally, even for many smaller firms the DMA is designed to benefit, the changes don’t necessarily improve their competitive situation. Comparison sites, for example, are seeing an increase in traffic, but individual businesses, such as those in the airline and restaurant industries, are facing a drop in visits from Google search. And unsurprisingly, many businesses that are not seeing additional traffic are actively complaining about implementation of the DMA.

Conclusion

The DMA resulted in widespread changes to the online experience in Europe, but the law may not have the impact that many businesses or consumers hoped for. U.S. lawmakers should carefully examine the implementation and effect of the law before enacting similar legislation in the United States.