Showing posts with label Digital Markets Act. Show all posts
Showing posts with label Digital Markets Act. Show all posts

Saturday, April 06, 2024

'Super Apps' and the Digital Markets Act

 


Short piece 'invited' by a Journal, preprint here.


Notate Bene: written before the DOJ v. Apple Complaint was filed ;-).

Saturday, July 08, 2023

A Chinese DMA?

Yesterday, I had the pleasure to teach a 90-minute class on the DMA for Chinese competition officials. Despite a) being just after lunch b) enticing weather outside c) lovely but consecutive interpretation slowing down things a lot, I enjoyed the opportunity to provide an overview of this amazing ;-) regulatory tool. I think they felt my enthousiasm (but I very much doubt they directly shared it) and there were some interesting, intriguing questions. Let‘s wait and see…

Friday, May 26, 2023

DMA: State of Play. An amended transcript, shared.

As I was concentrating also on cooking while listening to the very rich discussion cum book presentation, I was very glad that the recording was quickly shared with us all by Rupprecht & Friends/Colleagues. I’m offering this slightly redacted transcript of what I heard and think particularly worth remembering, in case you might also find it useful yourself (#givingback).  

Discussion, 24 May, 2024, CET lunch/cooking time

Video here

(EC: European  Commission; GG: German Government; EP: European Government. For readability’s sake, I cut all the lawyerly “I think, in my view, etc.”. Warning: there were many!)

-----

Timeline (EC)

The entry into application of the DMA has been May, 2. That means latest date for the notification of the gatekeepers is 3rd of July. Then there are 45 days for the  Commission to designate. At the latest September, 6 we will have designation decisions and compliance will have to kick in by March 2024, six month after designation.

That already sets the scene for the two work streams that the Commission is currently working on. Number one, obviously, the need to deal with the designations, the notifications will come in very soon. Arguably, no gatekeeper will actually make a notification in advance of the deadline because that will cut short the compliance deadline. There's no particular interest on the side of the gatekeepers to do that so the  Commission expects notifications at the very last moment, around second or third of July. First workstream is designation but second workstream which the  Commission has already started to work on is compliance -  that's pre-compliance discussion.

Notification (EC)

The  Commission is currently in pre-notification discussions with the gatekeepers. This is very well known to those who've worked in the merger field: before you make a notification, you normally discuss the content of your notification with the  Commission.

Obviously, here the incentives are slightly different because in a merger you'd normally notify in order to get the deal approved by the  Commission, while here you don't notify in order to get designated - rather the contrary might be the case for many of the potential Gatekeepers, namely that they notify in order not to get designated. So, obviously, the incentives are a bit different when it comes to DMA notifications. Nevertheless, all of the potential  gatekeepers that potentially fall in the thresholds of Art. 3 DMA have actually engaged with the  Commission.

The implementingregulation of the DMA has been adopted and published. It contains a “form GD”, a gatekeeper designation, which provides for what the potential gatekeepers have to notify in terms of which core platform services fall within this threshold but also plausible delineations.

There are two work streams on designation: delineation of the CPSs and working towards rebuttals.

Delineation of the CPSs

Integrated services

The interesting bit that the Commission is currently discussing with most of the gatekeepers that have submitted draft form GDs is namely how to deal with integrated services. The legislator has thought this process probably a bit more straightforward than it turns out to be in practice, a bit more automatic. If you fulfill the thresholds of Art. 3 the legislator, as recalled from the legislative discussions, actually thought this is quite automatic. It turns out that there's still discussions to be had with the potential  gatekeepers about mostly integrated services.

That has to do with the notion of purpose that is used in the Annex of the DMA which describes how business users and end users should be calculated. The DMA makes very clear that in case there's an integrated service which from a business user or end user perspective is used for different purposes, that integrated service can also be split into two different CPSs - that's mostly the discussion the  Commission is currently having with the gatekeepers.

To make this a bit more tangible, here are two examples. One that has been litigated already in court is the delineation between search and online intermediation services, so people might have in mind vertical search services. So on the search page when you have an embedded online intermediation service such as Google Shopping. The question could arise whether this online intermediation service Google Shopping is part of the search results or is a separate CPS and therefore has to be designated separately. So, is there search plus an online intermediation service which is, for instance, Google Shopping or is this an integrated service that has to be designated together as search?

Another example is also evident, namely social networks and video sharing. What do you do with the service that has both components that on the one hand is a social network but on the other hand provides a platform for sharing videos? Is the video sharing component only a small part of the social network, do they have to be separated? Are these two CPSs? Can they be seen as an integrated service? What is the purpose of the one and the other?

Repercussions

The answers to these questions have repercussions because, for instance, Art. 6.12 DMA does not apply to video sharing services, so whether you are a video sharing service or a social network or a combination of the two actually makes a difference in terms of compliance.

It will also have repercussions on, for instance, Art. 5(2),  because whether you are an integrated service or a separate CPS might have repercussions on whether you need to require or ask for end user consent if you want to combine across-use personal data. These discussions are relatively advanced because the notification deadline is looming.

Rebuttals

What will also come up very soon is rebuttals. A second work stream that the  Commission is going to have to deal with is companies that fulfil the thresholds, but will try to rebut the presumption of Art. 3 that they fulfil thresholds. They will argue that even if they have the numbers, these numbers are not constitutive of being an important gateway as the DMA requires. The legislator has made this rebuttal relatively strict. Those who followed the legislative process will remember that there has been a debate on what you can actually bring forward in terms of rebuttal and whether there should be a reference to the qualitative criteria that are now in Art. 3.8 or whether it should be rather limited to the quantitative criteria that you find in Art. 3 DMA.

Recital 23 of the DMA, which has been put in the DMA in the Parliamentary discussion, makes it very clear that the legislator wanted the  Commission to focus solely on the figures, on the numbers in the rebuttal scenario and not so much on other things. So we have to now basically see with these rebuttals whether we can accept any of those on the basis of the very narrow reading of Recital 23.

The  Commission basically has three options:

1)    - reject the rebuttal in the 45 days if they're clearly not meeting the rebuttal thresholds;

2)    - in the 45 days accept the rebuttal - that will be very, very rare given what the legislator has basically given as the legal basis for rebuttals;

3)    - open a market investigation in order to verify whether the rebuttals that have been brought forward make any sense.

The trick will be: what kind of criteria is the Commission going to use in order to assess these rebuttals and in which cases is the Commission going to open a market investigation? Those should be exceptional cases, so it must be a very stringent case for rebuttals. One hook in Recital 23 is the reference to the scale of activities that this gatekeeper service has in relation to the category of CPSs.  So that could be a hook in terms of relative size one could look into. The Commission will not look into market shares because the Recital 23 and Art. 3 don’t talk about market share, but it'll have to find a way to operationalize the assessment of the rebuttals.

Compliance (EC)

Many  gatekeepers have already told the  Commission that six months period between September and March 2024 is not going to be enough to achieve compliance. Therefore, they need to already engage with the  Commission now on particular issues where a lot of engineering work is needed. That is not totally wrong because for some of these obligations definitely a lot of engineering work needs to go into it in order to come up with a compliance solution.

Informal compliance discussions (two-way street)

Some of the potential gatekeepers prefer not to engage very intensively and probably will wait until designation. Others prefer to get more clarity already now and the Commission is happy to provide that clarity as much as it can at this point in time on possible compliance solutions.

The topics that come up most frequently so far are:

Art. 5.2

How it should be implemented in terms of:

1)     the layout the different consent mechanisms 

2)     kind of data covered by Art. 5.2

3)   difference between combination and cross use

Art. 6.5

That's something which is important for a couple of  gatekeepers because it has a direct impact on the presentation of some of their services.

Art. 7

That needs a lot of engineering work to be put in place.

App store/marketplace related obligations

Those were the ones that have been particularly interesting for the gatekeepers in terms of compliance discussions already now.

The  Commission is having these informal compliance discussions and nothing is set in stone yet because  gatekeepers are not yet designated but it is possible at least to explore a bit what kind of compliance solutions  gatekeepers want to put in place and give already first feedback on these compliance solutions.

More participatory compliance

But that's just one component of compliance obviously this cannot just be a one-way street or two-way street between the Commission and the gatekeepers. It needs to involve third parties because the information asymmetry between the  Commission and the gatekeepers is such that the  Commission needs to bridge the gap by bringing in third parties now.

This can be done in two ways.

Bilaterally

Bilateral conversations which the Commission is having with a number of third parties if they want to speak to it bilaterally

Technical workshops

Multilateral conversation and that's where the workshops come in. There were already four workshops on DMA which basically provided a forum for  gatekeepers and third parties to meet in order to exchange on key topics.

The topics that that were featured in the workshops are exactly the ones that also have most of the interest from the gatekeepers.

To recapitulate:

Art. 6.5

The interpretative questions that were raised were:

1)    what does ranking mean?

2)    what is a separate service?

3)    what does the FRAND provision mean?

There were also very concrete proposals by at least one gatekeeper. Google put out how they would want to comply with Art. 6.5 in terms of how they would present their verticals on the search results page that has met a lot of criticism by third parties. Third parties and Google don't see eye to eye so there will be a lot of discussion still needed but at least the first step has been made.

Art. 7

There was a lot of technical discussions on:

1)    How to ensure that end-to-end encryption is safeguarded, that security of consumers is safeguarded

2)    Interoperability can be achieved in the timeline that is given by the DMA.

Some stakeholders plead for standardization, but standardization is not the first call in Art. 7 DMA. It's more a unilateral disclosure of interoperability information from the gatekeeper to the potential interoperability seekers and not an overall standardization. There was a lot of debate on that in the workshop.

 App stores/marketplaces

Art. 6.12

Prof. Podszun participated very helpfully on the notion of FRAND. A very difficult concept: you can take it from an outcome perspective (i.e., try to price regulate) or you can take it more from a process perspective. That's the way it has been dealt with in the context of standard essential patents with the courts (not just the European courts but including the German courts and the Bundesgerichtshof have set up a process related to the FRAND framework. The jury is still out. Probably Art. 6.12 encompasses the two approaches to FRAND, namely an outcome-related one but also a process-related one

Art. 6.4

Much discussed with Apple and Google, and Apple specifically, was sideloading and their main concern about security and how they can safeguard the security of end users and also the security of the hardware against fraudulent players but also against hackers.

Art. 5.4

There was a lot of discussion also with Google especially about the steering article because both Google and Apple have steering provisions in place. They don't allow third parties to link out to their own apps and especially they make third parties pay for those links, whilst Art.5.4 DMA says that these linking out has to be free of charge. There'll still be debate on that, this is certainly not the last word, there was a lot of forth and back in the workshop with potential stakeholders about how this could work in practice.

Art. 5.2

Last but not least we had the data Workshop which mainly featured Art. 5.2.

The CNIL, the French data protection authority was  coming in pointing out that the  Commission needs to carefully calibrate the interplay between the DMA and the GDPR because the DMA borrows a lot of notions from the GDPR, like the notion of consent which has to be defined within the meaning of the GDPR. So how do we interpret in the context of for instance Art. 5.2 DMA  consent within the meaning of the GDPR and how can you basically make these two provisions work together seamlessly so that there isn't a lot of consent fatigue. Because what we know from all of these consents that we have to give currently is that the more of these consents are put in front of us, the less users interact with them. So one has to strike a balance between obviously what the law wants to achieve in terms of contestability and fairness. But also what the law wants to certainly not achieve is that people basically are so fed up with these consent requirements that they really don't consciously interact with them because then the law has probably failed on this purpose.

Compliance reports

There will have to be a compliance report in March 2024.

The  Commission will put out a draft for this compliance report for public consultation. It's very interesting and very needed that third parties can basically have a say in terms of the benchmarks that we would expect the gatekeepers to test compliance against. That would be a lot of figures a lot of A/B testing that the  Commission will require from the gatekeepers but there needs to be a reality check of whether the  Commission got that right third parties and therefore the  Commission is going to put out a draft compliance report for public consultation relatively soon.

Q&A

Q

The question really goes into the direction of the compliance reports because there was not that much in the DMA as such and therefore there's not that much on it in the Podszun Commentary. So, if the  Commission could elaborate a little bit more on that and also how this goes hand in hand with Art. 8.3 and the option of amicable solutions going forward. 

A

Art. 8 is quite central to the DMA. It speaks about the gatekeepers having to demonstrate effective compliance in line with the goals of the DMA and that's quite important. The compliance report serves as a first shot basically for the  gatekeepers to convince the  Commission that what they're doing is actually ensuring effective compliance, but sort of this that it is not just words as the  Commission is going to require figures and numbers that back up. And not only figures and numbers but also testing that backs whether the gatekeeper really effectively complies with the obligations. So the compliance report, as the Commission will put out in the draft form will require a lot of material from the  gatekeepers to show that they are effectively complying. And then that would be the first port of call. But that doesn't exclude that  gatekeepers would want to engage into the dialogue pursuant to Art. 8.3 beforehand so that would mean that The  Commission doesn't have to engage in these dialogues, it has a discretion. So the  Commission will then have to judge whether what the gatekeeper has put forward is something which is in the grey area where one can discuss or whether it's so blatantly non-compliant that the further discussion about it doesn't make a lot of sense and the Commission would directly go to non-compliance procedures. Or the Commission decides that there it makes sense to engage in a more formal dialogue with the gatekeeper and to try to specify more specifically what effective compliance means in the context of this gatekeeper. A lot of these discussions will take place informally because the gatekeepers will have a lot of interest in knowing relatively early the direction of travel and the  Commission thinking because it’s not a very comfortable position for a gatekeeper to be in to find out on March 2024 that what they've been doing so far is totally off the mark and then be surprised. A lot of engagement at least as from September can be expected. The  Commission has already seen a lot of engagement now by at least some of the gatekeepers, the ones that we shouldn’t say are more willing to comply because everybody has to comply but some of them are engaging more than others.

High-Level Group (EC)


Q

How did the first meeting of the High-Level Group go, are there any tangible outcomes, and what is its likely role going forward?  

A

According to the DMA, the High Level group has two main purposes. The first purpose is to advise generally on the implementation of the DMA with respect to the intersection of the DMA with other laws. There was a useful discussion because the group has the data protection authorities, the telecom regulators, the competition regulators, the audiovisual Regulator. So, there was a very broad, rich debate on how these areas of law actually cross fertilize.

The second purpose of this group is to basically do a bit of horizon scanning to advise on what could be done better in terms of working together in these areas and I think it was very fruitful discussion. It was a first meeting, obviously more work needs to be done but it was the first ever meeting at least in the European Union of all of these different Regulators in one go. So, it was kind of historical in a way that we all met in one room and discussed common interest topics like data protection and DMA, or competition law and DMA.

Academia and the DMA (EC)

Q

What would the Commission see as the role of Academia in this first phase, anything that the Commission wish for that academia should be writing about in the next months?

A

Academia could usefully come in is in these compliance benchmarks. So go basically through the obligations and try to figure out what would be a measure of compliance because that will also come in the public consultation on the compliance report. We would want to know from third parties including Academia: what would you use as a benchmark for, for example, Art. 6.5 DMA? Is it an outcome related benchmark a process related benchmark? What kind of benchmarks would you want to see in terms of verifiability?

Competition law and the DMA (GG)

Regarding the relationship between national law, or European competition, and the DMA, we have to bear in mind that the  Commission had two souls housed in her breast. First of all, we have to remind ourselves that Art. 114 TFEU is the legal basis of the DMA, so it's an internal market competence. Therefore, the Commission was really striving to create an harmonized set of European rules for the internal market, so as to avoid fragmentation and achieve harmonization. On the other hand, the full title of the digital markets act speaks to the regulation on contestable and fair markets. That was really the underlying goal, namely to achieve contestable and fair markets in the digital sector and therefore the Commission didn't want to be too strict with regard to rules that try to achieve the same or complementary goals. So, we have Art. 1 DMA that really tries to balance out those two souls. It lies down which additional rules are applicable next to the DMA.

There we can differentiate three different pillars:

DMA complementary to European competition law

European competition law remains fully applicable, complementary to the DMA. It's really the full discretion of the Commission whether it starts an investigation under the DMA or continues to pursue an investigation under competition law. There have been great papers on the topic on how the Commission should decide whether to continue an ongoing investigation also with the view to possible remedies (…).  

DMA complementary to national competition law

The second pillar would be the national competition law provisions which correspond to European competition law and they also remain unaffected by the DMA, so fully applicable

DMA and national competition provisions which prohibit other forms of unilateral conduct

The third pillar is the one where it becomes a little bit trickier. These are the national competition provisions which prohibit other forms of unilateral conduct. These are in particular those national provisions which go beyond Art. 102 TFEU.

There the solution is that it can only be applied to undertakings other than the gatekeeper if they amount to the imposition of further obligations. That's basically the text of Art.1.6 DMA, but what does it mean concretely?

Is the provision a national competition rule?

For example, looking at Section 19a GWB. There has been some discussion about whether this is a national competition rule. Looking for guidance in the DMA, that would be Recital 10, which says basically that there are two decisive factors for the classification of a competition law rule. First, whether there's a case-by-case examination of the circumstances, so like market position, effects and conduct; second, whether there's an efficiency defence open to the undertaking concerned. If you look at Section 19a GWB, it's fair to say that it's really deeply rooted in competition law. We look at the case by case assessment we have an efficiency defence. Briefly, it is definitely a competition rule.

In which cases will a provision like Section 19a GWB remain applicable?

There are three different groups that we can broadly categorize:

1. Undertaking not yet designated as a gatekeeper

The first group will be cases where we have a behaviour of an undertaking that has not yet been designated as a gatekeeper by the Commission under the DMA. So far we don't have the designation decisions, they will be expected this fall and before we have any designation decisions the Bundeskartellamt is entirely free to issue decisions under Section 19a GWB.

One example was the decision of the Bundeskartellamt to issue a statement of objections against Google's data processing terms. Some raised the the question whether this was possible because the behaviour might be addressed by the DMA, but as we don't have a designating decision the Bundeskartellamt was able to take this decision.

2. Platform services not listed in the designation decision

The second group that we have for the future application of Section 19a is on platform services that do not constitute a CPS under the DMA or that do not constitute an important gateway under Art. 3 and are therefore not listed in the designation decision. So, the Budeskartellamt will be able to issue decisions against such services that were not addressed by the DMA because at this time or the time of the negotiations we did not see that there might be competition issues.

3. New types of conducts

The third group encompasses those cases where the Bundeskartellamt would like to react to new types of conducts and therefore creates further obligations. It will be a very interesting question, and Academia might be needed to really draw the fine line, to say where it is a new obligation and where it is really more like a specification or a modification of an existing obligation of the DMA.

Relationship between the DMA and Section 19a GWB in particular (11th GWB amendment)

In sum, there's ample room for the Bundeskartellamt to apply Section 19a GWB in the future and that is why the federal government decided to include in its 11th Amendment to theGerman competition act some proposals also with a view to the DMA.

One of them is that the GG wants to empower the Bundeskartellamt to investigate possible cases of DMA violations, not only to support the Commission but also because the German government thinks there might be situations where the Bundeskartellamt doesn't know right in the beginning whether a specific behaviour might be a DMA violation or a violation of Section 19a GWB. The German government really wants to equip the Bundeskartellamt to do their job and to find out which rule might be the right one. Therefore, it's really important that Bundeskartellamt and the European Commission really work hand in hand, fully cooperate. Making reference to a quote by Vice-President Vestager, she said that the work of a competition Authority can be described like clearing out the rubbish that's been dumped in a river and the digital markets Act is sort of a filter that removes some of this rubbish. She also said pretty frankly that still some issues will remain and that competition law will therefore be an additional tool that will still be important in the future. It's not only European competition law that will remain important with a view to that but also the work of the national competition authorities and national competition law.

How close are the DMA obligations to traditional competition law?

Q

Are the DMA obligations referring to the same behaviours (e.g. self-preferencing, parity clauses) as we have dealt with in competition cases or do we need a completely new sort of approach to these provisions?

A by a competition lawyer

It's a challenge because if you are a competition lawyer you have this filter or glasses on and see that a lot is like in competition law or you think of antitrust precedents. That can be helpful but can also be a trap.

One example are FRAND obligations in Art. 6.12 or also in Art. 6.5 DMA (namely, the ranking criteria need to be non-discriminatory). For a competition lawyer that means: okay there might be objective justifications for a different treatment (actually also for any public law lawyer). So the question there is: does this suddenly mean you can you know put forward any objective justification for your criteria which would presumably undermine the entire system? There is no efficiency defence, and only very few exceptions, so you really need to take this provision by provision and really challenge your own thinking and the concepts. Still, you can take some concepts from antitrust law but it's not a given, it's it's not one way or the other. It's really a provision by provision exercise and to look at what really the goal and the purpose and the aim of that particular provision. This is one of the questions we thought about when we started commenting on these provisions.

A by the Commission

The competition lawyer was absolutely right. We should be very careful in importing Anti-Trust concepts into this regulatory framework. The DMA especially in Art. 8 makes it very clear that the obligations are to be interpreted in the light of the objectives of the act, which are contestability and fairness. These two concepts are not necessarily those that you find in competition law because they go. You see in the Recitals [32 and 33, SV] where contestability and fairness are defined, that they go beyond the notions that would be used in in competition law. There's no time for getting into all of this now but the gist is that the DMA has its own objectives. The obligations need to be interpreted in the light of those objectives and therefore you cannot just simply import the objectives of competition law into because then the tool would fail to serve its purpose.

The DMA and the German “new competition tool”

Q

What is the interplay between the DMA and the German “new competition tool” planned in the most recent amendment to German competition law?

A (GG)

What could perhaps very hesitantly be called a subsidiarity clause in the proposal says that the new instrument can only be addressed to cases where the existing competition law cannot address a malfunctioning of competition and therefore it's not really targeted at potential Gatekeepers.

Monitoring of effective implementation and compliance (Art. 26 DMA)

Q

Concerning the monitoring of the effective implementation and compliance as of Art. 26 DMA, does the Commission has something in mind for that?

A (EC)

About technical expertise or experts generally and “technically” is important because this is probably the field of use where the Commission is going to make use of expertise most. It's not so much the legal interpretation but technical expertise is a scarce resource and the Commission might need third-party expertise. That can come from third parties which are competitors or business users or represent end users. That can also come from independent experts that the Commission can hire. Within the Commission there is already the Joint Research Center which is a pool of experts that the  Commission can draw on and they have PhD economists and Engineers.

Obviously, the Commission will also have to rely on third-party expertise, to be brought in on a case-by-key basis.

Final reflections on the European Parliament's role, now with regard to the DMA and in the future

Also the European Parliament is doing workshops. The EP can ask questions in a “lighter” manner because the decisions are taken by the Commission. The EP is just there to make sure that this great law is now implemented as efficiently and as strongly as possible. Therefore, the next Workshop that the EP is doing is happening tomorrow [25 May, SV] and the EP is looking a bit in the future about the possibilities of social networks to be interoperable. The EP will also look at Art.101 and 102 TFEU  relative to regulation because for sure there is an overlap and there will be a decision of the Commission to be done at a certain moment in specific cases. The EP is following that with great interest because it wants to make sure that contestability and fairness are the dominant elements of digital markets and that the Commission is making sure that this is possible.

This summer will be very hot because this time we will see by the 3rd of July what companies have declared their role and then the Commission later will have to make the designation […]. DSA designations may have a meaning also for the designation within the DMA. For example, search and maps are to be treated there and this is an important element that may have also an indication for the DMA.

As digital markets are so fast and so dynamic, the Commission will need a lot of that independent input, maybe from national authorities, maybe from the research center but maybe also from Academia and therefore academia’s contribution may still be needed.

Important to notice also that the DMA was the first ever legal piece where FRAND is referred to in secondary legislation. Now the Commission has come up with another proposal on standard essential patents where these principles of FRAND are outlined a bit more in detail but it's a process where probably we'll even see more in the future. It doesn't make things easier but for lawyers – but lawyers love if it's complicated because that gives them some food for thought and for arguments.

Moreover, with regard to the designation, in Art. 47 there is that the guidance of the Commission. What is an operating system? How do different advertising services within one company work together, are they one or two separate core platform services?  All this for example on search and maps and mapping services are open questions. There are different answers to be given, there are different concepts to be applied. In the end, it's in the hands of the European  Commission. Thanks to [the Podszun Commentary], they know a bit more about how it could be done intelligently, smartly.

 

 

Good (DMA) ingredients 

  

Implementation matters...