Receive the latest insights, news and more direct to your inbox.
The Digital Markets Act (DMA) is a first-of-its-kind regulation designed to increase competition and fairness among online platforms operating in the EU.
It’s a key component of a new digital and data regulatory initiative proposed by the European Commission (“Commission”) under its ‘Path to the Digital Decade’ policy programme. The programme includes multiple regulations related to technology, data and privacy, such as the Digital Services Act, the AI Act and the Data Governance Act.
What is the objective of the DMA?
A key objective of the DMA is to level the playing field for smaller organisations. It seeks to curb the dominance of large technology companies, thereby giving smaller businesses a chance to compete and innovate. The regulation imposes rules on large online platforms that have been designated as “gatekeepers” by the Commission. These rules include both obligations—must dos— and prohibitions—must not dos.
To receive a gatekeeper designation, a company must provide at least one of a pre-defined set of digital services—so-called core platform services (CPSs). The Commission considers a company a gatekeeper if it provides a CPS that has a significant effect on the EU’s internal market, acts as an important gateway for business users to reach end users and has entrenched and durable—in other words, stable—market position.
What are the CPSs?
The Commission identifies a CPS as any service that functions as an important gateway between a large number of business users and consumers. When labeling gatekeepers under the DMA, the Commission looks at CPSs across 10 categories:
- Online intermediation services (eg, online marketplaces and app stores)
- Search engines,
- Social networks,
- Video-sharing platforms,
- Number-independent interpersonal communications services (ie, messaging services),
- Operating systems,
- Web browsers,
- Virtual assistants,
- Cloud computing services, and
- Online advertising services provided by a company providing another CPS.
What are the criteria for being a gatekeeper?
The Commission uses three defining criteria to assess companies and their CPSs: impact on EU’s internal market, control of an important gateway and entrenched position. For reach criterion, it outlines quantitative thresholds.
- The Commission considers an online platform to have a size that impacts the EU’s internal market if the company has had an annual turnover in the European Economic Area above €7.5 billion in each of the last three financial years and it provides the same CPS in at least three member states.
- The Commission regards a company as controlling an important gateway for business users to reach end users if the company operates a CPS with more than 45 million monthly active end users established or located in the EU and more than 10,000 yearly active business users established in the EU.
- The Commission determines that a platform has an entrenched and durable position if it has met the first two criteria in each of the last three financial years.
If an online platform meets the above criteria for any CPS, the Commission assumes it is a gatekeeper. However, companies themselves are responsible for monitoring these thresholds. Within two months of meeting a threshold for any CPS, a company must notify the Commission, which then has 45 working days to issue a decision on their gatekeeper status.
Are all large online platforms automatically gatekeepers?
No, gatekeeper status is not automatic. The Commission must designate a company as a gatekeeper and list all the relevant CPSs for which it considers the platform a gatekeeper.
Not all large digital companies fall in scope of the regulation. The criteria for gatekeeper status aren’t equivalent to market power, which means that not all companies considered dominant under EU competition law will be labeled as gatekeepers under the DMA. However, it also means that a company does not necessarily have to hold a dominant position under EU competition law to receive a gatekeeper designation.
A company can also be a gatekeeper for some of its CPSs but not others. Likewise, if the Commission can decide does not to designate a company as a gatekeeper for a CPS that meets quantitative thresholds if it determines that the CPS does not act as an important gateway.
As of August 2024, the Commission has designated seven companies—Alphabet, Amazon, Apple, Booking.com, ByteDance, Meta and Microsoft—as gatekeepers of a total of 24 CPSs.
Can the Commission designate gatekeepers without meeting quantitative thresholds?
Yes. The DMA gives the Commission the authority to conduct market investigations and designate gatekeepers on qualitative measures even if the thresholds are not met.
For example, following a market investigation into Apple, the Commission named the company as a gatekeeper for iPadOS, the operating system for Apple tablets, even though iPadOS does not meet the quantitative thresholds. Currently, Apple’s business user numbers for iPadOS exceed the quantitative thresholds, but its end user numbers do not meet the threshold.
However, the Commission concluded that the number of end users is likely to rise, and it opted to take a holistic approach to Apple’s ecosystem. It argued that Apple locks end users into iPadOS and that the Apple ecosystem disincentivises users from exploring and switching to different operating systems.
Can a company appeal its gatekeeper designation?
Yes, a company can both refute and appeal designations.
When a digital platform meets quantitative thresholds, the Commission presumes it is a gatekeeper. However, when notifying the commission of meeting the quantitative thresholds, a company can provide a substantiated argument—so-called “rebuttal” arguments— contending that a CPS doesn’t significantly impact significant the EU’s market or function as an important gateway.
In a rebuttal argument, the burden is on the company to explain why, despite meeting the thresholds, they should not qualify as a gatekeeper.
If the rebuttal argument provides compelling evidence, the Commission can decide not to designate the company as a gatekeeper for that specific CPS. If the Commission believes the rebuttal warrants further analysis, it can launch on open market investigation—to be concluded within five months— to inform its decision-making.
In September 2023, during the first round of designations, the Commission determined that many CPSs—Gmail, Outlook, Samsung Internet Browser, etc.—were not “important gateways”. It also opened investigations into rebuttals for Microsoft’s Edge, Bing and Advertising and for Apple’s iMessage, ultimately concluding that neither company should be designated as gatekeepers for these CPSs.
In March 2024, the Commission received rebuttal arguments from X Ads and TikTok Ads. In both cases, the platforms met the quantitative thresholds for their CPS, but Commission likewise decided not to assign gatekeeper status.
The Commission also opened a market investigation in May 2024 to assess a rebuttal argument received from X. X argues that its social media platform does not qualify as an important gateway between businesses and consumers, so it should not be designated as a gatekeeper.
Once the Commission has labeled an online platform as a gatekeeper, the company can appeal the designation. However, appealing a decision does not suspend its obligation to comply with the DMA.
After the September 2023, ByteDance, Meta and Apple made appeals to the EU General Court. ByteDance, the parent company of TikTok, appealed its designation as a gatekeeper entirely, arguing that businesses do not rely on its platform to reach end users and that it is a challenger to legacy social media companies (specifically large US tech companies) and therefore does not enjoy an entrenched position.
Meta accepted four of its designations but contested the inclusions of its Messenger and Marketplace services, arguing that Messenger is chat functionality within Facebook as opposed to a separate service and that Marketplace functions as a consumer-to-consumer service without intermediary involvement.
Apple appealed the designation of its operating system and App Store, stating that the Commission has unfairly treated these services as a single CPS. Apple argues that its App stores and operating systems are five distinct CPSs because they are segregated by devices and therefore serve different businesses and different end users.
After hearing ByteDance’s appeal in July 2024, the General Court upheld the company’s gatekeeper designation, determining that the platform and its CPS TikTok meet all three criteria. The appeal cases for Meta and Apple are ongoing.
How Grant Thornton can help with DMA compliance
At Grant Thornton, we understand the complexities of the DMA and can help your business navigate these new regulations. Our services include:
- Assurance: Comprehensive assurance and attestation services for DMA compliance.
- Compliance assessments: Evaluation of your current operations against DMA requirements.
- Strategy development: Creation of customised compliance strategies to meet DMA standards.
- Policy drafting: Development of clear and thorough policies for your team.