Far-reaching European Parliament amendments bring the DMA into unknown territory
The European Parliament is in the final stages of defining its position on the Digital Markets Act, the regulation of platform services intended to ensure fair and contestable markets.
The Internal Market and Consumer Protection (IMCO) committee, which leads the work on DMA amendments in parliament, is set to vote on Monday, 22 November. The Parliament’s plenary chamber is then expected to ratify the text in December.
While the Parliament has succeeded in proving itself the toughest on “big tech”, less attention has been paid to the three missing ingredients the DMA needs to help make Europe fit for the digital age.
Regulatory dialogue is about regulators listening to technical experts, to understand difficult product design decisions and find the right trade-offs to achieve policy objectives. It’s also about regulators letting companies know what they expect in advance, so that companies can pursue those objectives without fear of punishment later. The European Commission’s original proposal had no obligation for the Commission to engage in such dialogue.
The European Parliament, in compromise amendment F does helpfully require the Commission to provide guidelines on the DMA’s prohibitions and obligations (under a new Article 36a), but unfortunately doesn’t give companies any formal role in providing input for this guidance. Nor is the Commission required to engage with these important trade-offs in a specification process, which remains solely at the Commission’s discretion. This absence of robust regulatory dialogue increases the risk that the DMA’s obligations will have unintended consequences, as pointed out by several trade groups, regulators, and experts.
Adjustment mechanisms already exist in the DMA to prevent overregulation of the core platform services upon which so many European users rely, but they are incredibly narrow and of little comfort to the industry voices concerned about the unintended consequences of the inflexible and one-size-fits-all approach of the DMA.
Enhancing the DMA’s existing adjustment mechanisms would ensure that only the appropriate obligations are applied to the platform services of concern, and that they can be adapted over time to prevent future harms. Despite the advice of many experts on how the DMA’s obligations are not always harmful in every circumstance, and the need for added flexibility and tailoring, these concerns have not been addressed.
The IMCO committee in compromise amendment F gives third parties the right to provide input on the specification of particular obligations. While this will help the specification process, it doesn’t allow correcting overregulation, and there’s always a risk that it will be instrumentalised by complainants seeking ever greater regulatory advantage.
Finally, compliance, where there is a pressing need to have reasonable deadlines for gatekeepers to implement the rules, and penalties that are proportionate to the harm caused by violations.
The European Commission initially proposed to grant gatekeepers six months from their designation to meet their obligations. This is already extremely onerous, given that some of the obligations will require extensive technical and infrastructure adjustments that need to be properly tested to avoid side-effects like security vulnerabilities, and service interruptions. Rushed implementation would only increase existing cybersecurity concerns (compare the much longer implementation period for the General Data Protection Regulation, which was technically simpler). The deadlines in the IMCO compromise amendment C have been reduced to a mere four months.
Concerns around extortionate or punitive fines have also been exacerbated. IMCO’s compromise amendment G suggests a penalty of up to 20 percent of a firms’ global turnover, regardless of their actual activities in Europe (compared to 10% for antitrust violations, which are also based on a quantification of harm). This will lead to cautious and risk-averse overcompliance. Companies will rather disable services than risk arbitrary enforcement, especially in the absence of robust regulatory dialogue.
In all, lawmakers in the Parliament have spent most of their time pushing the DMA far beyond the already meager evidence base of the Commission’s Impact Assessment Report (which itself sheepishly admits, at page 51, that “[f]or some of the practices [prohibited by the DMA] there is no decision or judgment confirming its effects on the market.”). Little attention has been paid to the details, how the regulation can work in practice, and how it can reduce the many unintended consequences warned of.
There is still room to fix these provisions, not just as the Parliament puts amendments to the final vote, but also in the final negotiations with national governments on a final text. It is easy to be distracted, but ultimately, it is the regulatory dialogue, adjustment mechanisms and proportionate enforcement that will create the robust foundations needed for the DMA to be fit for the digital age.