Chez Oles, here.
Politely disagree with the great Andreas Schwab on many points :) (e.g., 'DSA supervisory fee model' for the DMA would be a very good thing, actually: many reasons, such as an enforcement authority entirely dependent on political budget allocations is even more vulnerable to geopolitical and diplomatic/trade pressure - oops!), but time to discuss it at the Konrad Adenauer Stiftung conference soon (thanks Dr. Pencho Kuzev for the invitation!).
CMA (not an April's Fool, in case you were wondering), here.
EFF and J. Stewart, here. The latter gently but firmly pushing back against EFF's censorship BS.
YouTube here.
Spotify here.
Transcript
Marcel, as a software engineer and former member of the European Parliament. At what point did the digital market sector become a central focus in your political work?
First of all, we need to realize what is the European legislation process. It's the European Commission that, puts forward the proposal and, then the European Parliament and the Council, of the European Union jointly adopt that legislation.
It was first and foremost the decision of the European Commission that they would put forward this proposal and a lot of other, proposals, for digital legislation.
Why I found the Digital Markets Act as a really interesting legislation to work on as a member of the European Parliament is that the Digital Markets Act looks at the market from a, sort of like a holistic approach and is recognizing the fact that there is a small number of very large tech companies that are in a very dominant position on the market.
That basically means that they control the conditions on the market. So the interaction, between the end users, or as I prefer to say people, and also effectively control competition on the market. It's very easy in this dominant position to set conditions in a way that, it would be very difficult for competitors to compete on that market. And the Digital Markets Act by recognizing this fact is looking at it from a different perspective than other types of digital legislations that were proposed. It basically, designates a new, kind of like group or category of, these tech companies that the legislation calls gatekeepers and recognizes that there should be specific, set of rules, ex ante rules that would apply in order, to prevent that they would abuse their dominant position on the market, and this is why I found it really interesting.
Amandine, could you start by explaining what Element does and how it relates to Matrix please.
So the better way is to start with Matrix, which is a protocol, a standard for decentralized and secure communication, which means that we want instant messaging, voiceover ip, and any type of communications actually to be interoperable. So we want, various apps to be able to communicate with one another and the users to have the control. Matrix is and open source projects managed by an, nonprofit foundation. And Element is a commercial company, which was set up by the team who created Matrix and who actually builds Matrix product and sells Matrix services, to like these days, mostly public sector organizations who want alternatives to, Teams or WhatsApp, and have end-to-end encrypted communication that they actually control.
As someone involved in negotiating what became Article 7 of the DMA, how would you explain what this obligation is meant to achieve in the messaging space and why it matters?
As a member of the European Parliament, I have, tabled an amendment, aimed at enabling horizontal interoperability in messaging services as well as social networks, When it comes to messaging services, during the negotiations, this amendment has been expanded into a separate article, which is now Article 7 of the Digital Markets Act and the idea behind that amendment I have tabled is that, one of the major issues why people cannot easily switch from one platform to another platform is that they are kind of locked in a platform where the vast majority of their friends, of their business contacts, of their family members are, and therefore, even though, if at some point they may figure out, for any reason I don't like this platform, I would like to switch to another platform, for instance, how the platform handles, the privacy of their personal data, for any sort of reasons, I don't like the, user interface and I would like, a different, service that has a better technical experience with. They hardly ever do it because they would have to effectively convince all their friends, all their family members and all their business partners to also leave with them.
Of course multiplies, in the network of these contacts because then if you convince your family member, then that family member also needs to convince all their friends and family members and business partners. So as a matter of fact, it's pretty much impossible, to switch from one platform, to another without dealing with, very negative consequences of that decision that do not lie in the technical, layer of the problem. And therefore such a market can hardly be described as contestable. And the main objective of the Digital Markets Act to make markets fairer and more contestable and therefore my idea was,if we address this problem, then we will make the markets more contestable.
Many people before me spoke about the need for horizontal interoperability. I just happened to be in the position of a member of the European Parliament who could table this proposal as a legislative proposal. And, in the negotiations, we were able to agree on the basic facts that this is actually a good idea and, now we have it as Article 7 and hopefully it will,really help to get rid of this end user lock in on the platform as I described.
Could you explain, why Matrix suddenly became relevant to the DMA, Digital Markets Act discussions on messaging interoperability.
Basically when we saw the DMA, it struck us that it was trying to bring exactly what we were trying to bring with Matrix as well. One way to start Matrix was to create the standard but also try to interconnect the existing deployment, the existing applications, the existing networks together.
So we had built what we call Bridges, to allow, for example, WhatsApp, Matrix and Slack on Teams to be able to speak together so users can come from the different apps and actually be able to communicate into one single network. So when, the DMA came up and, we started seeing the gatekeepers coming again, saying, oh, but it is absolutely impossible to do end-to-end encrypted, interoperable communication.
We were like, wait, we've been doing that for, it was like six, 7 years at the time. So it is absolutely possible and we're happy to tell you how you can do it and demonstrate that it works. so we basically, we were an existing example of how the DMA, requirements could be done. and it was useful to be able to clarify this and even work with, Meta to tell them, actually you could do it this way and look, you can go for it.
So it was really nice to be able to support the, European Commission by telling them like what they're saying is not true, because here is the proof that it can work.
With email, I can use one provider, say Proton, and, send a message, to someone on another provider, say Gmail without friction. Why did messaging evolve differently so that cross-platform communication looks like the exception rather than the rule?
So why it evolved differently? So we had, several open standards for messaging, with things like SIP, for example, which is more towards media and voiceover IP and video, or voice mostly. and then XMPP who has been an open standard, as well for, messaging and communication. But the difference is that. XMPP is very fragmented and basically then you had one given central standard, but then you could add modules on the side. So if you had one application using XMPP, with the module A, B, and C, it wouldn't be able to interoperate with another one still using XMPP, but with module D and E, for example, and, our team have been using all of these. in the past and, we know that a lot of the, existing applications have been using, these as well. So WhatsApp, Google Talk at the time, they were all using XMPP until the time in the moment where they decided to actually go, proprietary and evolved towards something that they could control and own, probably to simplify things or because they were not happy with the way XMPP was working. With email in the past, what happened is that there were different implementation of messaging and then at some point people realized that it made no sense to have really close network of communication and it would be much smarter to come together, agree on one given standard, and then increase the volume of the network and have everyone to talk together. So that's what happened for email. And you had, Microsoft left on the side, with Exchange which was failing to get to come with the others. And at some point they looked like they isolated, network on the side, and people wouldn't be using them because they had a limited network, so they had to converge with the rest. So the messaging applications considered that their value was based on the size of the network, and we ended up in such positions with people like Skype or WhatsApp, that had huge network which meant they didn't feel the need to actually converge on a given standard because their network was big enough, to keep the control on where they were going. One thing we've noticed as well is when people start working on messaging apps, they think messaging is easy. It's just sending one message from A to B. The problem comes when you start to want to add end-to-end encryption, group chat, history sharing. And because there was no very simple standard out there, which allowed people to build messaging on top of existing bricks, they all started by doing something simple and reinventing the wheel and ended up in siloed communication. So basically we created Matrix because we had played with the existing standard, we had built our own proprietary protocol and we had a feeling we understood why people every time reinvented the wheel.
We said, okay, we believe that if we manage to put together a standard, which is unified, so not fragmented, there is one single spec. If you speak Matrix, then you can interpret with anyone out there. If we, build something where, the, ability to build an app on top is super easy, especially at the time.
So we started in 2014 and that's when everyone started to add messaging in their website, in their apps. You wanted customer support. It was starting to pop up everywhere. We want, web developers to be able to add messaging to whatever app they want or app developers to do that. We don't want people to be forced to be experts in messaging protocols to add chat to what they're building. So we need a standard where,building an app on top is easy. So we need an API, which is, super simple, to manage. And that's where is basically how we converge into building Matrix and try to overcome these big silos that were created due to all these various failure modes that, we encountered.
Article 7 was a major achievement in the negotiations. What were the main obstacles you had to overcome to get messaging interoperability into the DMA at all?
The major concerns I think came from the fact that it's a very technical issue. Not necessarily everybody understood how it would work. if there was opposition in the negotiations. when it comes to this article, then it was mostly about, not understanding what it really means and whether it would negatively affect innovation because, this interoperability, in, um, minds of those who opposed, to this is something that, could stifle innovation because the provider would have to basically, take into account during the development how this would affect interoperability. And, the other major concern was about privacy and security issues. So, if two different platforms become interoperable how, the protection of personal data would work and how let's say the gatekeepers platforms will be able to uphold, security of their users on that platform.
Do you have a view on the way iMessage was ultimately not designated?
I need to say that decision was surprising because in the legislative process, this was one of the services that were in the discussions. So it was definitely the, back of the minds of the legislators, when this legislation was negotiated.
And I would even add on top of that, which is there was also a surprising, decision not to designate Outlook.com, for instanceand if I understand it correctly, then the, reasoning of the Commission is built around the fact that this is already an open protocol and therefore no designation is needed.
But as a matter of fact, the sole existence of an open protocol does not mean that there are no hurdles in implementing it and that, gatekeepers do not abuse dominant position on the market and that no ex-ante rules are needed in order to prevent that, from happening. It is a number independent interpersonal communication services, so it falls into the scope of Article 7, so that was another surprising decision of the Commission. And, what I wonder about is whether the Commission has in their minds something about what would be the sort of like triggers or thresholds that would make the Commission to reconsider these decisions.
Unsurprisingly, Meta has chosen to implement the messaging interoperability obligation through interfaces, designed and controlled by Meta itself, rather than through a shared open protocol. What are the main weaknesses of that approach, generally speaking from your perspective?
So the main weakness with them not choosing to adopt an open standard is that today, Meta and Facebook messengers are the only two gatekeepers, but in the end it means that everyone wanting to interoperate with them are going to have to implement META'S interface, Facebook Messenger interface and if there are more, then every time you have to multiply the effort. It also means it's fully controlled by them, which well, they have to respect a certain number of rules, which means they cannot do whatever they want and they have to manage it in a way that people are aware of the changes coming up, et cetera et cetera, but it still means it's optimized for them. But the main problem is, as third parties implementing the interop will have to multiply for each provider as opposed to do it once for a given standard, and the other thing is that if they had implemented a standard like Matrix, any other player in the ecosystem would have direct interoperability with them without having to, to re-implement something on top of what they're already speaking.
The major, weakness of this approach of interface rather than an open protocol is that of course there is a lot more burden on the side of the competitor to implement it. Because if it was an open protocol, then basically, implementing an open, protocol is, a lot easier for the competitor because they only take the technical specification of it.
They implement it according to the specification, and voilà, they have interoperability by definition. By basically obliging the competitor to sign all sorts of, contractual agreements, and creating. a very ad hoc technical specification is of course, much more difficult, to implement, from the side of the competitor.
Shortly after the DMA entered into force Signal said it would not seek interoperability under Article 7. Could you briefly explain what you see as the main reasons for that decision?
So our understanding from speaking with, Moxie quite a lot, who created Signal is that Signal is very much focused on privacy and security uh, and, uh, we have a very diverging opinion on what is the most secure way, of communicating. Moxie thinks that if you have one app which is centralized, that you can trust, which is really hard, that's more secure, that having a network of different providers, which means that your data may end up on different servers, with whom you are speaking. So our approach is like, by doing a decentralized network, then you spread the data everywhere. There is not one single point of failure that attackers will want to go to. Our take is that having one single app, as strong as it is, it still means you have to trust the person running it. It still becomes a huge honey pot. if I'm an attacker, I know where I will want to try to get in. So that's different approach to it. Basically our understanding is that the interoperability would mean, sharing data from Signal users with others and that's completely against their approach, to security and privacy. That's just like a really different position to ours.
What do you see as the main lessons from the implementation and the enforcement of this horizontal interoperability obligation so far?
In terms of the main lesson, I think one of the main problem with the implementation is basically they're following the law word by word and taking their own interpretation. And then it's quite hard to enforce when it's not written black and white in the text. For example, the kind of things where we've seen, the implementation from Meta to be not great is that there is a request to, localize our users.
So we need to be able, because this is an EU regulation, so we want to apply it only in the EU, so you need to tell us whether your users are in the EU or not. We don't track our users because we respect their privacy, there we have two options based on the META'S implementation is either we track and we tell meta that's, where our users are, or we just get the information and send it to Meta and they do the calculations that, but none of them are good options.
so these are the sort of, interpretation of the law, which are hard to enforce and say. this is completely, preventing us to deploy something useful that people will use. It makes no sense.
I think it's not completely anathema to think that the Commission should be able to make recommendation or request on how the implementation should happen if it's working with, people who are experts in the field. Like when we go to the Commission and we tell them, look,this thing, and this thing are unacceptable or completely, hindering the effect of Article 7, you should ask them to change this. I feel they are pretty legitimate to go and say the way you've implemented means that your implementation is useless. I think it's, it's legitimate to do.
The gap of the implementation, currently lies in having a technical implementation of what, is in the Article 7. that on the side of the competitor apparently is also, something that costs a lot of money, not only in the technical implementation of it, but also in the negotiation with the gatekeeper and fulfilling the requirements that the gatekeeper, is, placing in this interoperability offering.
And this is, also something that, I think will become the main, point of, friction, because on one hand, the way how Article 7 is constructed, indeed the gatekeeper is in control, how that interoperability is built. But the gatekeeper should not, place any obstacles, either technical or contractual or any other, to the implementation of that interoperability.
It'll be very important to enforce, the Article 7 properly and make sure that this position of power is not abused in the implementation.
As a follow up question, should support by the Commission also include, dedicated funding to support the development and maturation of open standards so that they can emerge more effectively than market incentives alone have so far allowed?
That would definitely be helpful. whether it's the role of the Commission to fund this sort of development or not. I have a feeling it should and actually, we are seeing some Horizon project and grants, request, or how's it called? Call for application for grants, which are going into that direction.
They are trying to make sure that the European ecosystem, especially around open source, is able to step up and get to a mainstream level so that, the digital sovereignty can come. So, that might be a step in the first direction. It's, not specifically trying to target implementation, supporting the implementation of interop, or not specifically supporting Open Standard, but it's going into that whole, let's make sure we are digitally sovereign by making sure we can have open source alternatives to big tech. It's getting there and I think that'll definitely be helpful.
I believe that the Commission needs to look into,if there are, any shortages on getting funding to actually implement that, interoperability. So if there's a burden on the side of the competitor that they need to get over.
Apparently it is negative for the market if that interoperability is not implemented and the competitor maybe needs a way to access funding to get that implemented. The Commission I think, should explore options.
Meta has announced BirdyChat and Haiket as the first third party services to interoperate with WhatsApp, but an announcement is not the same thing as effective interoperability. Under Article 7, what criteria should we use to decide whether this is genuinely working in practice and not a more polished form of malicious compliance?
So the best way to see if it's working in practice is, use it basically, make sure it's actually usable by. real people like, what is the user experience? Is it actually useful? There is probably a way to look at the Article 7 and check the boxes and say if all the boxes are checked, but what we're trying to do is create services which are usable by people. So I think that would be the best proof.
The whole point of interoperability is that, anyone can, connect to that major gatekeeper service. and this will have a major benefit for the market and for the end users, for people who use the service because they can become interconnected, with other networks and vice versa. If placing contractual obligations, or agreements such as an NDA is placing an unnecessary disproportionate burden on making this happen, this obviously is a problem and that is, where the European Commission needs to pay close attention. Because it would be, bad. And of course, against the sense of that legislation, if that article is not fulfilled because the gatekeeper dictates conditions that, basically, put them back into the position of power that they can dictate anything and therefore circumvent the obligations which is illegal under, the Digital Markets Act. So it's definitely up for the European Commission to look into it. And I think discovering the space where exactly, this agreement on interoperability lies, and, to what extent the gatekeepers can or cannot, impose additional restrictions on interoperability and to what extent it is burdensome, for the competitor to actually implement it, this is what we can see as the limitations of the actual, implementation because at this moment we are aware only of basically two implementations of Article 7, with WhatsApp. one is Bird Chat and one is Haiket, none of which actually are fully rolled out into the public. Basically if you go on the website of that provider, you can be placed on a waiting list. But no major service, has become interoperable with WhatsApp, at this moment.
As part of the DMA review you have proposed amending article 7. Could you please briefly walk us through that proposal?
We were suggesting that, at least open standards were mentioned in Article 7. We think like mandating open standard maybe would be step too far, but at least mentioning it would help drive the discussion into the right direction rather than making it super simple for gatekeepers to say, here is , my implementation, it's just based on an open API. So that's what we were trying to do.
BEREC, the Body of European Regulators for Electronic Communications, suggests that the basic functionalities listed in Article 7 should cover interoperable B2C communication as well, not just end user messaging in order to better support the DMA's contestability aims. What is your view on that?
I think that would, that would've been good. Uh, basically one of the problems we're finding in trying to implement our own version of the bridge to be interoperable with Meta is where. it's been hard to find a funding to actually implement the bridge, and what we're saying is because the, Article 7 is so focused on end users, then, Meta is pushing back and it's, like we cannot use the use case of our customers to say, Hey, the way this has been done is not great because it's preventing us to get funding for it. But, oh, but I don't care because it's just foreign end users. So your customers are businesses or government, and that's out of the scope of DMA, so yeah, basically. Also, because we're trying to open market, we're trying to, make an industry, thrive better and be more active. it would've probably made sense to include this as well.
Article 7 is built around interpersonal communication between human users. How do you think that framework will hold as messaging increasingly includes AI agents and other machine mediated interactions, do you think that it's going to keep up or do we need to think of a different article 7?
I think we're already starting to see where it's starting to tense up a bit like the fact that Meta is using AI on WhatsApp and then what does it mean for interop? So whether we should augment, Article 7 to take this into account. I'm not really sure, I haven't thought too hard about it, but yeah, it's bringing interesting new challenges.
Getting Article 7 into the DMA, horizontal interoperability, was a remarkable achievement, but it was always understood as an initial foothold rather than the finished product. The DMA is now revised, what needs to change?
Another potential area where, the Commission can look at when it comes to horizontal interoperability is social networks. The Commission has an obligation to do so because that is part of the article about the review that, is taking place this year and the Commission has an obligation to look into whether that interoperability should also be extended to social networks.
As a matter of fact, that is part of the amendments that I have also tabled. However, during the negotiation, it was not possible to secure this as an obligation, but only in the review clause. But from my, perspective, social networks is apparently one of those, markets that are obviously failing, with only a handful of large companies basically grabbing a massive chunk of the market and having the ability to abuse their position on the market. Ex-ante rules that would impose horizontal interoperability would in a similar fashion, as with interoperably of messaging services, allow people to, basically leave one service and go to another without the need to losing their connections that they have on the other service.
So that would also make the markets, much more, contestable and let's see what the Commission, will figure out during the review. But for me, that is an obvious, way where to look. And as a matter of fact, from a technical perspective, this is easier done than, let's say, end to end, encrypted, group communication over a messaging service.
Because social networks by definition are, you know, people publish a content that is public. And, or at least you show it to your circle of your connections or is, a lot easier, to technically implement this. You don't have to deal with end-to-end encryption. which is, I think, an interesting element because during the negotiations, the opposition that I run into was that politicians did not understand what I mean as social networks interoperability, but technically speaking, it's actually easier, than, messaging services. and, the benefits are massive. And as a matter of fact, there is an example social networks interoperability. The Fediverse where Mastodon is a federated network,where Mastodon can interoperate with other networks that are based on the ActivityPub protocol. So it definitely can be done.
In the current push for digital sovereignty, do you see a stronger case for more decisive Commission action on messaging interoperability? And where concretely should that action be focused?
I think the entirety of, the DMA, article 7 in particular are serving digital sovereignty. It's opening the market, it's bringing choice to the user. It's a complete overlap, so I'm not sure there is more to be done beyond just make sure that article 7 is actually implemented and that we are enforcing the implementation and we're making sure that the implementation is done in a way which is actually usable. because if we do this, then it'll serve digital sovereignty by default.
So, because digital sovereignty is a question of choice, you have to build on top of an ecosystem, and open source is definitely a non search to it. Open standard and digital commons are like the next level up. This is really when you get an ecosystem and when you get control. One key consideration though, is when you want to actually implement digital sovereignty and you want to use open source, you will only be digitally sovereign if you make sure that you keep this open source ecosystem alive. So if it's, just a matter of taking open source, bringing in house and say, Hey, I'm building on top of this. I'm sovereign. Well, not really, because you are still stuck on having a full team implementing what you are managing your fork as opposed to actually fitting back into the digital commons, making sure that these commons are growing to the next level, to the next level up and serving the entire community. So one key thing when we implement digital sovereignty is make sure that we do it the right way and we buy open source the right way. We make sure we use, vendors from the industry who can then level up the entire ecosystem and focus on innovation, focus on differentiation, and make sure that when we buy from these vendors, they also, contribute back to the upstream and maintain this ecosystem.
Negotiators’s cut: DMA main achievements so far?
The main achievement I would say is that, we already have the conversation now that is legislatively backed. It's an obligation, and now we can discuss where the issues are and why we still cannot see any interoperability between, let's say WhatsApp or a Gatekeeper service and some major platform such as Matrix.
And we can bring these issues to a public debate and basically demand what is already legislated in the DMA, which is the gatekeeper needs to enable this interoperability. But apparently the legislation still falls short on the implementation on, enforcement on that. It would actually already be the case that I can send a message, let's say, from Matrix to WhatsApp, which is the end goal of this, with the aim to improve the contestability of the market.
 |
| Wine: our data, our ideas, our creations...our blood :) |
As regards the DMA, the list is already rather substantial. Yet the DMCCA may prove even more striking. if the framework ends up relying on a succession of legally non-binding commitments, one is entitled to wonder whether the most that can be asked of Big Tech is, in effect, whatever Big Tech is willing to offer.
J. van den Boom et al., here.
N. Economides et al., here.
Coalition for App Fairness, here.
 |
Or there is the more discreet black version, the one to wear under a jacket when you are attending a conference full of regulators, politicians, lobbyists, and consultants, whether for Big Tech or otherwise. |
 |
| Episode 3 |
Here.
Not to be missed: Prof. Fox & Guests https://lnkd.in/d4V4JDmT - her writings inspired me as a young Student to get into competition policy.
Disagree
that "digital is shiny" and enforcers should deal with that "what
actually matters to people." It's shiny only if you avoid dealing with
the gritty basics, which few understand, which depend on specialised
knowledge, and which remain largely unexplained to that public the regulators should serve. The "communication
problem" is much larger and serious than the ten seconds needed to explain to a BBC radio audience at the breakfast table what a specific decision is about.
Continuing: AI Panel https://lnkd.in/euyBaNFH
Fully
agree with FSM on the fact that Google Search was a defeat because of
regulators - in the audience: don't look at me, I wasn't there yet etc.
Best intervention so far: Signal!
Google's
representative: "I also have children" - time flies. Then we learn that
GetTourGuide has "ebenfalls" two kids. And those families in the US
also have plenty of children and some good rulings supporting them. BTW,
is FSM about to say the number of children she has? Women: we don't do
it enough, apparently. FSM putting a rich debate into two narrowly
framed economic "theories of harm" sounds a bit reductionist at this
point. Unsurprisingly, Google is a big fan of Judge Mehta.
Give us the time, Google implores regulators! *Hear* hundreds of eyes in the room roll over.
Bundeskartellamt, hier.
Adobe's enshittification, here? Not our problem! We are the purest of antitrust authorities...
House of Lords Communications and Digital Committee, here.
It is plainly a good thing if competition law manages to save British families a couple of pounds. But the CMA's priority setting has a faintly playground quality to it: much easier for the regulator to pick on the weak than to take on the strong.
Columbia Business School, videos here Lina Khan and more.
The Verge, here.
[BTW, while "Free the app stores" was the topic of Episode 1 of the DMA Vox Populi Podcast, Episode 2 is all about browsers and PWAs, preview here]
