The European Commission early last month published its draft template for DMA-compliance reports. This is the document that gatekeepers will periodically need to fill out, and which subsequently will be used to determine whether they comply with the European Union’s Digital Markets Act (DMA).
The draft template is a missed opportunity to clarify some of the DMA’s incongruences and gray areas. In its current form, it presents three serious deficiencies.
First, it requires gatekeepers to prove not only that they have implemented the measures to comply with the DMA’s actual provisions, but also that they have done so in a way that effectively fulfills the regulation’s underlying objectives. This is inconsistent with both the text of DMA—which ostensibly contains no such obligation—and the rule of law—which commands that firms should abide by the letter of the law, while policymakers should design and enforce laws in ways that maximize their underlying objectives.
Second, while the draft template requires firms to share all kinds of data, it offers no indications as to why this information might be useful to gauge the effective implementation of the DMA (and the regulation itself is mute on this point). Given this, the draft template’s long list of demands is more likely to be seen as a fishing expedition than sound enforcement.
Third, some of the conditions stipulated in the draft template place an unnecessarily high burden on gatekeepers, thereby increasing their already-significant compliance costs. This hostile regulatory climate could have pernicious consequences for users and for the quality of targeted companies’ products—as well as for those companies’ willingness to remain in the EU (see, relatedly here).
The Draft Template Misapplies Basic Principles of EU Law
The draft template appears to confuse gatekeepers’ reporting obligations under the DMA with the regulation’s substantive requirements. Worse, it ostensibly leverages gatekeepers’ reporting obligations—i.e., procedural requirements—to effectively create new substantive rules.
Article 11 (along with Article 8.1 ) of the DMA requires that firms send periodic compliance reports to the commission:
Within 6 months after its designation pursuant to Article 3, and in accordance with Article 3(10), the gatekeeper shall provide the Commission with a report describing in a detailed and transparent manner the measures it has implemented to ensure compliance with the obligations laid down in Articles 5, 6 and 7.
Preamble 68 of the DMA confirms these reports are meant to enable third parties (such as national authorities) to verify compliance with the DMA’s substantive provisions:
This non-confidential publication should enable third parties to assess whether the gatekeepers comply with the obligations laid down in this Regulation.
Ultimately, Articles 11 and 8 are procedural provisions whose goal is to give third parties (and the commission) the information they require to assess compliance. What these provisions do not do, however, is give the commission powers to dictate how firms must comply with the DMA.
The articles draw parallels with traditional competition law (specifically, with merger enforcement). Article 11 of the merger regulation enables the commission to request information from firms. While providing the necessary information is important to ensure procedural compliance with the merger regulation, it is unrelated to the underlying substantive question—namely, whether a merger creates a significant impediment to effective competition under Article 2 of the merger regulation.
This distinction between procedural and substantive compliance is critical. Indeed, the draft template appears to use the DMA’s procedural requirements to impose new substantive obligations on gatekeepers.
For example, the draft template requires gatekeepers to provide:
o) any type of market analysis or testing, in particular A/B testing or consumer surveys, that have been carried out to estimate the expected impact of the measure on the objectives of Regulation (EU) 2022/1925…
q) a set of indicators which allow or will allow based on their future evolution to assess whether the measures implemented by the Undertaking to ensure compliance are ‘effective in achieving the objectives of this Regulation and of the relevant obligation…
r) any relevant data which can inform whether the measure is or will be effective in achieving the objectives of Regulation (EU) 2022/1925
This information is far broader than that contemplated in the DMA’s text (“[A] report describing in a detailed and transparent manner the measures it has implemented to ensure compliance [emphasis added].”)
As a result, the draft template essentially amounts to a new substantive requirement. Indeed, the commission’s interpretation effectively requires gatekeepers to take active steps to demonstrate not only compliance with the DMA, but also that the platform has achieved the DMA’s underlying objectives. In this respect, the draft template’s text is revealing:
[T]he gatekeepers shall demonstrate effective compliance with the obligations laid down in Articles 5, 6 and 7 of Regulation (EU) 2022/1925.
This requirement is nowhere to be found in the text of the DMA. Granted, the DMA’s text does mention that gatekeepers’ compliance measures should not frustrate the DMA’s objectives (Article 8), but this is not the same thing as shifting the burden of proof and requiring gatekeepers to demonstrate this, as the draft template does.
The result is that the draft template effectively requires gatekeepers to use all data available to them to demonstrate that they have not infringed the DMA or undermined its objectives. In so doing, it marks a clear departure from Article 29 of the DMA, which places the burden on the commission to show noncompliance with the DMA.
No Coherent Indication of How to Gauge the Effectiveness of Gatekeepers’ Measures
The commission’s draft template requires gatekeepers to demonstrate that the measures they have implemented are “effective” in achieving the goals of Articles 5, 6, and 7 of the DMA.
While it would have been desirable for the DMA to specify early on exactly how effectiveness is to be measured, doing so at a later stage is acceptable (and not entirely uncommon), assuming the relevant parameters are clear and transparent and that prospective gatekeepers are granted sufficient time to adapt to the new regime.
The draft template, however, published just three months before the first gatekeeper designations are expected to be made, falls short in this respect. It places the onus of measuring effectiveness almost entirely on the gatekeepers, with little to no guidance from the commission regarding how it will evaluate gatekeepers’ efforts to keep in line with the DMA.
According to the draft template, gatekeepers must provide an explanation of:
…how you have assessed compliance with the obligation, including whether any assessment projects, such as external or internal audits have been carried out.
But neither the DMA nor the draft template describe what effectiveness means. Paragraph 2.12 of the draft template includes a “minimum” list of 19 items that gatekeepers must provide to demonstrate compliance, but leaves unclear whether (and if so, how) these items effectively achieve the DMA’s goals.
Some items listed in Paragraph 2.12 are purely descriptive, such as information pertaining to when the measure was implemented or its product/geographic scope. Others have an ambiguous relationship with the DMA’s goals, such as product changes or alterations of the customer experience (warnings, consent forms, system updates, etc.). Likewise, it is unclear how consultations with end users and business users could prove that the measures the gatekeeper has implemented are effective.
These problems are particularly acute with regard to the data that gatekeepers must provide to the commission. For example, the draft template asks gatekeepers to share:
[A]ny relevant data which can inform whether the measure is or will be effective in achieving the objectives of [the DMA], such as, depending on the circumstances, data on the evolution of the number of active end users and active business users for the relevant core platform service and, for each relevant obligation, data on the evolution of the fees and revenue share for the relevant services, the interaction of end users with choice screens and consent forms, the amount of in-app purchases, the amount of pre-installed defaults, counts of end users who switch, counts of business users who obtain data access, etc..
But how can gatekeepers ascertain what data is relevant? For example, is an increase in the number of users an indicator that the measures the gatekeeper has implemented are ineffective in achieving the DMA’s goals? If so, why? It is not (at least, not explicitly) the DMA’s objective to reduce a gatekeeper’s number of end or business users, so it is unclear why this information might be relevant.
If users keep choosing an app that used to be the “default” option, what conclusion is to be drawn? Similarly, what conclusion is to be drawn if the number of users switching is lackluster? It could very well be that the measures the gatekeeper implemented were insufficient to achieve the DMA’s goals. On the other hand, it is equally plausible that regulators’ ends don’t align with consumers’ preferences—i.e., that users prefer not to switch because rivals’ products are less appealing.
Ad absurdum, if “effectiveness” is naïvely measured by looking at the number of users that switch or use non-default options, then gatekeepers can just as easily comply with the DMA by making their products worse, thereby increasing switching (by driving users away). The bottom line is that, while switching numbers clearly are a poor proxy for the DMA’s effectiveness, the commission’s draft template appears to attach outsized importance to them.
Along similar lines, the draft template appears to conflate pro-competitive and anticompetitive conduct by gatekeepers (as does the DMA). While it may be too late to fix the DMA’s substantive infirmities, there is a way to assuage them. For one, the draft template should not require gatekeepers to show how implemented measures contribute to the goals of the DMA or of the specific obligations contemplated in Articles 5, 6, and 7. Instead, it should be for the commission, upon drafting those provisions, to ensure that the obligations and prohibitions contained therein are consistent with the DMA’s goals. Conversely, gatekeepers should only be required to show that the measures they have implemented are consistent with the explicit requirements of Articles 5, 6, and 7.
Indicators of “effectiveness” should focus on the specific processes or measures that gatekeepers have put in place to comply with the DMA, rather than the DMA’s effect on the market. Markets may change for any number of reasons (change in user trends, disruptive technology, user affinity with a service or brand), and not all of these changes are the result of gatekeepers’ compliance efforts. For instance, the way business users and end users leverage the opportunities created by the DMA are not within the gatekeepers’ sole control.
In short, the commission should interpret the DMA’s obligations and prohibitions in ways that ensure they achieve their desired ends. Requiring parties to submit vast quantities of data—with no explanation as to why each piece of data is relevant—will merely enable the commission to pick arbitrary metrics that could then be used to extract more remedies from gatekeepers.
Certain Requirements Impose Excessive and Unnecessary Burdens on Gatekeepers
The draft template includes certain requirements that would impose excessive and frivolous compliance costs on gatekeepers.
First, the data and indicators that the draft template requires (see above) may not be available, collected, and/or processed by the gatekeeper—either by choice or by law. For example, the draft template requires gatekeepers to provide information on alternative measures that have been considered but discarded in the process of defining suitable measures for DMA compliance (and the reasons for discarding them) and the interaction of users with choice screens. While the DMA’s rationale is to impose special obligations on some companies but not others due to the former’s market position, this should not lead to a situation where gatekeepers are asked to collect more data than necessary.
Second, the draft template implies that external counsel should be wholly independent from the gatekeepers. But there is no reason why the appointment of external counsel should be subject to this strict standard—the same that is applied to monitoring trustees under EU competition law. A trustee is appointed in EU competition law either when a company has already breached the law or where the commission intends to issue an infringement decision (i.e., where it has strong suspicions that a company has breached the law). It is inappropriate to impose such an obligation on companies simply by virtue of their gatekeeper status, without any tangible indication or evidence of wrongdoing. This not only flies in the face of the rule of law and the presumption of innocence, but it also puts additional and unnecessary strain on gatekeeper resources to comply with the DMA.
The draft template is further confirmation that many aspects of the DMA were not adequately considered at its inception. Only weeks before the final gatekeeper designations are finalized, the commission appears to have little sense of either the substantive requirements that will apply to gatekeepers or the optimal processes to assess this compliance. The commission also appears unsure about the metrics that would signal successful implementation of the DMA and/or the compliance of gatekeepers.
Even more problematic is the commission’s failure to appreciate that the two are not the same thing: complying with the letter of the DMA is not the same as ensuring the success or “effectiveness” of its objectives. The former should rest on gatekeepers’ shoulders; the latter, on the commission’s.
Finally, the commission appears intent on maximizing the amount of red tape heaped on gatekeepers. This suggests a zero-sum mentality that is unlikely to foster voluntary compliance from gatekeepers, and which might even exacerbate tensions between regulators and gatekeepers. All of this does not bode well for the prospects of a smooth transition toward the DMA’s effective entry into force.