Regulators in several countries have proposed new rules to rein in Big Tech, but the EU proposal is among the most ambitious and may be the closest to becoming reality. According to Margrethe Vestager, executive vice president of the European Commission, the DMA could take effect as early as October, although it could be longer before consumers start to see changes as regulators determine which tech companies are covered by the law and the companies figure out how to implement the new rules.
«This is a very big deal, because this is the first strong, comprehensive set of regulations that’s specific to market power in internet platforms,» said Mitch Stoltz, senior staff attorney at the Electronic Frontier Foundation, a digital rights group.
Even tech advocacy groups opposed to the DMA also agree that the legislation will result in major changes. «Many of the requirements force the Big Tech platforms to change their services in pretty significant ways,» said Adam Kovacevich, CEO of the Chamber of Progress, an industry organization backed by Amazon, Apple, Google and Facebook’s parent, Meta. And as with other proposed regulation targeting the industry, some tech groups also warn of unintended consequences from the DMA for companies and consumers.
While the legislation is clearly targeted at the dominance of US tech giants, it doesn’t single out specific companies. Instead, the DMA creates a special category of «gatekeeper» businesses that are subject to greater regulation. It will cover platform providers who meet several benchmarks, including having more than 45 million monthly EU users and EU revenues of at least 7.5 billion euros or a market cap of at least 75 billion euros.
The regulations will apply only in Europe, but many policy experts expect that the ideas set forth in the DMA could eventually be enshrined into law worldwide, both because it sets expectations for regulators elsewhere and because tech companies could choose to adopt the changes more widely.
«We often see that it’s easier for companies to implement a change globally than to just do it in one jurisdiction,» said Charlotte Slaiman, competition policy director at Public Knowledge, a US-based consumer advocacy group. «There very well may be changes to US products that comply with the EU rule.
Here are some of the ways the rules may affect users in Europe, and possibly beyond.
Some of the most visible proposed changes for EU users deal with apps — how you can install them and what can be pre-installed on devices, among other things. These changes could have major implications for Apple and Google, two of the world’s biggest mobile operating systems and app store operators.
One major provision in the DMA requires dominant operating systems to allow smaller, third-party app stores, as well as sideloading — the ability to install apps from anywhere outside the official app store. Historically, Google has allowed for both on the Android platform, while Apple has maintained tight control over iPhone apps. Apple and other industry players have argued that opening up operating systems in this way could leave users vulnerable to downloading more harmful apps.
«Consumers who have pined for a more open Apple [app] store will find something to like in this legislation,» said Joel Mitnick, a competition lawyer at Cadwalader, Wickersham & Taft. «On the other hand, many consumers purchase Apple devices in part because of their reliance on Apple as a gatekeeper of app compatibility and quality. Those consumers may be disappointed by the law.»
Under the new rules, dominant app stores also can’t de-list apps for refusing to use the gatekeeper’s proprietary payment systems, an issue highlighted most recently by Apple’s antitrust case with Epic Games. Much of Apple’s app store revenue comes from the 30% cut it receives through its payment channels from in-app sales of digital goods and services, so the provisions could directly affect the company’s business model.
Other aspects of the DMA could affect what software comes bundled with electronic devices. For example, gatekeeper platforms that simultaneously control a web browser and a mobile operating system won’t be allowed to set their browser as an automatic default, said Agustin Reyna, senior legal officer at BEUC, a European consumer advocacy group. Instead, users will be given more choices.
«So, when consumers start their phone for the first time, they will see a popup window that will say, ‘Would you like to install a different browser or search engine?'» Reyna said.
It wouldn’t take many people acting on the prompt to make a big difference to competition, Reyna said, offering the example of DuckDuckGo, a smaller rival to Google.
«Even 1% of Google search users switching to DuckDuckGo — for Google, maybe it’s not that much, but for DuckDuckGo, that’s massive,» he said. Still, the dominant players have fiercely defended their hold as default services; Google reportedly pays Apple billions of dollars a year to ensure it is the default search engine on Apple products.Google began offering a browser and search engine choice prompt to EU users back in 2019 — after European officials concluded the company had violated antitrust rules by making Google search and Chrome the defaults on Android — but the DMA takes that concept and applies it across the industry more broadly.
The DMA could affect what users see when they enter searches into Google. Under the legislation’s provisions for self-preferencing, gatekeeper companies can’t rank their own products and services more favorably than those of competing providers, and they will be required to rank competitors’ offerings in a «fair and nondiscriminatory» way.
Practically speaking, this could mean a boost for smaller online travel search platforms, local restaurant review sites and other businesses that receive traffic from Google when users search for plane tickets or places to eat nearby (Yelp has been a big proponent of such regulations). Under the new rules, Google wouldn’t be able to give preferential placement to its own travel listings or restaurant reviews. For consumers, that could mean, for example, that they may no longer see Google Flights at the top of the search results page when they’re looking to take a trip. (Google previously implemented some changes to its search results in Europe in response to antitrust regulators, including featuring rival services’ results prominently alongside its own, but the DMA could force it to go even further.)
But while search results might be the most obvious place to apply the self-preferencing ban, the prohibition could potentially be interpreted more broadly, too, said Reyna.
«This self-preferencing provision applies to all gatekeepers, so what if Apple is identified as a gatekeeper [in this context]? Apple would not be able to self-preference its own Apple Music service in detriment of Spotify or other competitors,» Reyna said.
The new legislation could also change the way consumers message each other. A big focus of the DMA is on interoperability, or the ability for platforms from different providers to connect to each other. Portions of the DMA specifically zero in on interoperability among private messaging apps, such as Apple’s iMessage and Meta’s WhatsApp and Messenger services.
The DMA sets the stage for iMessage users to be able to send messages to WhatsApp users or vice versa, or for WhatsApp users to be able to message Telegram or Signal users, or any other combination of the above. A consumer using iMessage may also be able to video call or send files automatically to someone using WhatsApp or Messenger.
The legislation gives competing messaging platforms the right to ask to connect to one another’s users. Exactly how this would work, technically, would be the subject of future standards-setting. B ut establishing the requirement is the first step toward a more interoperable world where platforms can’t simply rely on their size and popularity to «lock in» their users and prevent them from switching, policy experts say.
At the same time, however, security experts say that what makes some messaging apps so powerful — their privacy features, and particularly support for end-to-end encryption — could be compromised under the mandate. Not only are there technical challenges to building a secure system that works across multiple platforms, but there may also be problems tied to identity management and the privacy risks that crop up alongside them.
«Interoperability has long been viewed as a way to solve lock-in problems,» said Bruce Hoffman, a competition expert at the law firm Cleary Gottlieb. «The thing about interoperability requirements is that you have to be very careful with how you design them and what they actually do.»
There is some risk that in order to meet the interoperability requirements, messaging services could offer the most basic format of their platforms for European consumers, removing end-to-end encryption and other, more advanced features that users elsewhere in the world will still have access to, according to Nick Seeber, a partner leading Deloitte’s Internet Regulation team, which helps advise online companies on how to comply with regulations. The new rules could also create some challenges for smaller tech players.
«The companies who are best at offering regulatory compliance are the largest tech platforms who have got the deepest pockets and resources to be able to implement these parts of the regulation,» Seeber said.