As I was concentrating also on cooking while listening to the very rich discussion cum book presentation, I was very glad that the recording was quickly shared with us all by Rupprecht & Friends/Colleagues. I’m offering this slightly redacted transcript of what I heard and think particularly worth remembering, in case you might also find it useful yourself (#givingback).
Discussion, 24 May, 2024, CET lunch/cooking time
Video here.
(EC: European Commission; GG: German Government; EP:
European Government. For readability’s
sake, I cut all the lawyerly “I think, in my view, etc.”. Warning: there were
many!)
-----
Timeline (EC)
The entry into
application of the DMA has been May, 2. That means latest date for the
notification of the gatekeepers is 3rd of July. Then there are 45 days for the Commission to designate. At the latest
September, 6 we will have designation decisions and compliance will have to
kick in by March 2024, six month after designation.
That already
sets the scene for the two work streams that the Commission is currently
working on. Number one, obviously, the need to deal with the designations, the
notifications will come in very soon. Arguably, no gatekeeper will actually
make a notification in advance of the deadline because that will cut short the
compliance deadline. There's no particular interest on the side of the
gatekeepers to do that so the Commission expects
notifications at the very last moment, around second or third of July. First
workstream is designation but second workstream which the Commission has already started to work on is compliance
- that's pre-compliance discussion.
Notification (EC)
The Commission is currently in pre-notification
discussions with the gatekeepers. This is very well known to those who've
worked in the merger field: before you make a notification, you normally
discuss the content of your notification with the Commission.
Obviously, here the
incentives are slightly different because in a merger you'd normally notify in
order to get the deal approved by the Commission, while here you don't notify in
order to get designated - rather the contrary might be the case for many of the
potential Gatekeepers, namely that they notify in order not to get designated.
So, obviously, the incentives are a bit different when it comes to DMA notifications.
Nevertheless, all of the potential gatekeepers that potentially fall in the
thresholds of Art. 3 DMA have actually engaged with the Commission.
The implementingregulation of the DMA has been adopted and published. It contains a “form GD”,
a gatekeeper designation, which provides for what the potential gatekeepers have to notify
in terms of which core platform services fall within this threshold but also
plausible delineations.
There are two
work streams on designation: delineation of the CPSs and working towards rebuttals.
Delineation of the CPSs
Integrated services
The interesting bit
that the Commission is currently discussing with most of the gatekeepers that have
submitted draft form GDs is namely how to
deal with integrated services. The legislator has thought this process probably
a bit more straightforward than it turns out to be in practice, a bit more
automatic. If you fulfill the thresholds of Art. 3 the legislator, as recalled
from the legislative discussions, actually thought this is quite automatic. It
turns out that there's still discussions to be had with the potential gatekeepers about mostly integrated services.
That has to do with
the notion of purpose that is used in the Annex of the DMA which describes how
business users and end users should be calculated. The DMA makes very clear
that in case there's an integrated service which from a business user or end
user perspective is used for different purposes, that integrated service can
also be split into two different CPSs - that's mostly the discussion the Commission is currently having with the gatekeepers.
To make this a bit
more tangible, here are two examples. One that has been litigated already in
court is the delineation between search and online intermediation services, so
people might have in mind vertical search services. So on the search page when
you have an embedded online intermediation service such as Google Shopping. The
question could arise whether this online intermediation service Google Shopping is part
of the search results or is a separate CPS and therefore has to be
designated separately. So, is there search plus an online intermediation
service which is, for instance, Google Shopping or is this an integrated service that has to
be designated together as search?
Another example is also evident, namely social networks and video sharing. What do you do with the service that
has both components that on the one hand is a social network but on the other
hand provides a platform for sharing videos? Is the video sharing component
only a small part of the social network, do they have to be separated? Are
these two CPSs? Can they be seen as an integrated service? What is the purpose
of the one and the other?
Repercussions
The answers to these
questions have repercussions because, for instance, Art. 6.12 DMA does not apply
to video sharing services, so whether you are a video sharing service or a
social network or a combination of the two actually makes a difference in terms
of compliance.
It will also have
repercussions on, for instance, Art. 5(2),
because whether you are an integrated service or a separate CPS might have
repercussions on whether you need to require or ask for end user consent if you
want to combine across-use personal data. These discussions are relatively
advanced because the notification deadline is looming.
Rebuttals
What will also come
up very soon is rebuttals. A second work stream that the Commission is going to have to deal with is
companies that fulfil the thresholds, but will try to rebut the presumption of Art.
3 that they fulfil thresholds. They will argue that even if they have the
numbers, these numbers are not constitutive of being an important gateway as
the DMA requires. The legislator has made this rebuttal relatively strict. Those who followed the legislative process will remember that there has been
a debate on what you can actually bring forward in terms of rebuttal and
whether there should be a reference to the qualitative criteria that are now in
Art. 3.8 or whether it should be rather limited to the quantitative criteria that
you find in Art. 3 DMA.
Recital 23 of the DMA,
which has been put in the DMA in the Parliamentary discussion, makes it very
clear that the legislator wanted the Commission to focus solely on the figures, on
the numbers in the rebuttal scenario and not so much on other things. So we
have to now basically see with these rebuttals whether we can accept any of
those on the basis of the very narrow reading of Recital 23.
The Commission basically has three options:
1) - reject the rebuttal in the 45 days if they're
clearly not meeting the rebuttal thresholds;
2) - in the 45 days accept the rebuttal - that
will be very, very rare given what the legislator has basically given as the
legal basis for rebuttals;
3) - open a market investigation in order to verify
whether the rebuttals that have been brought forward make any sense.
The trick will be: what
kind of criteria is the Commission going
to use in order to assess these rebuttals and in which cases is the Commission going to open a market investigation?
Those should be exceptional cases, so it must be a very stringent case for
rebuttals. One hook in Recital 23 is the reference to the scale of activities
that this gatekeeper service has in relation to the category of CPSs. So that could be a hook in terms of relative
size one could look into. The Commission will not look into market shares
because the Recital 23 and Art. 3 don’t talk about market share, but it'll have
to find a way to operationalize the assessment of the rebuttals.
Compliance (EC)
Many gatekeepers have already told the Commission that six months period between September
and March 2024 is not going to be enough to achieve compliance. Therefore, they
need to already engage with the Commission now on particular issues where a lot
of engineering work is needed. That is not totally wrong because for some of
these obligations definitely a lot of engineering work needs to go into it in
order to come up with a compliance solution.
Informal compliance discussions (two-way street)
Some of the potential gatekeepers prefer not to engage very intensively
and probably will wait until designation. Others prefer to get more clarity
already now and the Commission is happy
to provide that clarity as much as it can at this point in time on possible
compliance solutions.
The topics that
come up most frequently so far are:
Art. 5.2
How it should be
implemented in terms of:
1) the
layout the different consent mechanisms
2) kind of data covered by Art. 5.2
3) difference between combination
and cross use
Art. 6.5
That's something which
is important for a couple of gatekeepers because
it has a direct impact on the presentation of some of their services.
Art. 7
That needs a lot of
engineering work to be put in place.
App store/marketplace related obligations
Those were the ones
that have been particularly interesting for the gatekeepers in terms of compliance
discussions already now.
The Commission is having these informal compliance
discussions and nothing is set in stone yet because gatekeepers are not yet designated but it is
possible at least to explore a bit what kind of compliance solutions gatekeepers want to put in place and give
already first feedback on these compliance solutions.
More participatory compliance
But that's just one
component of compliance obviously this cannot just be a one-way street or
two-way street between the Commission and the gatekeepers. It needs to involve third parties
because the information asymmetry between the Commission and the gatekeepers is such that the
Commission needs to bridge the gap by bringing
in third parties now.
This can be done in
two ways.
Bilaterally
Bilateral
conversations which the Commission is having
with a number of third parties if they want to speak to it bilaterally
Technical workshops
Multilateral
conversation and that's where the workshops come in. There were already four
workshops on DMA which basically provided a forum for gatekeepers and third parties to meet in order
to exchange on key topics.
The topics that that were
featured in the workshops are exactly the ones that also have most of the interest
from the gatekeepers.
To recapitulate:
Art. 6.5
The interpretative questions
that were raised were:
1) what does ranking mean?
2) what is a separate service?
3) what does the FRAND provision mean?
There were also
very concrete proposals by at least one gatekeeper. Google put out how they
would want to comply with Art. 6.5 in terms of how they would present their
verticals on the search results page that has met a lot of criticism by third
parties. Third parties and Google don't see eye to eye so there will be a lot
of discussion still needed but at least the first step has been made.
Art. 7
There was a lot of
technical discussions on:
1) How to ensure that end-to-end
encryption is safeguarded, that security of consumers is safeguarded
2) Interoperability can be achieved in the
timeline that is given by the DMA.
Some stakeholders plead
for standardization, but standardization is not the first call in Art. 7 DMA. It's
more a unilateral disclosure of interoperability information from the
gatekeeper to the potential interoperability seekers and not an overall
standardization. There was a lot of debate on that in the workshop.
App stores/marketplaces
Art. 6.12
Prof. Podszun participated
very helpfully on the notion of FRAND. A very difficult concept: you can take
it from an outcome perspective (i.e., try to price regulate) or you can take it
more from a process perspective. That's the way it has been dealt with in the
context of standard essential patents with the courts (not just the European
courts but including the German courts and the Bundesgerichtshof have set up a
process related to the FRAND framework. The jury is still out. Probably Art. 6.12
encompasses the two approaches to FRAND, namely an outcome-related one but also
a process-related one
Art. 6.4
Much discussed with
Apple and Google, and Apple specifically, was sideloading and their main
concern about security and how they can safeguard the security of end users and
also the security of the hardware against fraudulent players but also against
hackers.
Art. 5.4
There was a lot of discussion
also with Google especially about the steering article because both Google and Apple
have steering provisions in place. They don't allow third parties to link out
to their own apps and especially they make third parties pay for those links, whilst
Art.5.4 DMA says that these linking out has to be free of charge. There'll still
be debate on that, this is certainly not the last word, there was a lot of
forth and back in the workshop with potential stakeholders about how this could
work in practice.
Art. 5.2
Last but not least
we had the data Workshop which mainly featured Art. 5.2.
The CNIL, the
French data protection authority was coming
in pointing out that the Commission needs
to carefully calibrate the interplay between the DMA and the GDPR because the DMA
borrows a lot of notions from the GDPR, like the notion of consent which has to
be defined within the meaning of the GDPR. So how do we interpret in the
context of for instance Art. 5.2 DMA consent
within the meaning of the GDPR and how can you basically make these two provisions
work together seamlessly so that there isn't a lot of consent fatigue. Because
what we know from all of these consents that we have to give currently is that
the more of these consents are put in front of us, the less users interact with
them. So one has to strike a balance between obviously what the law wants to achieve
in terms of contestability and fairness. But also what the law wants to
certainly not achieve is that people basically are so fed up with these consent
requirements that they really don't consciously interact with them because then
the law has probably failed on this purpose.
Compliance reports
There will have to
be a compliance report in March 2024.
The Commission will put out a draft for this compliance
report for public consultation. It's very interesting and very needed that
third parties can basically have a say in terms of the benchmarks that we would
expect the gatekeepers to test compliance against. That would be a lot of
figures a lot of A/B testing that the Commission will require from the gatekeepers but
there needs to be a reality check of whether the Commission got that right third parties and
therefore the Commission is going to put
out a draft compliance report for public consultation relatively soon.
Q&A
Q
The question really
goes into the direction of the compliance reports because there was not that
much in the DMA as such and therefore there's not that much on it in the Podszun
Commentary. So, if the Commission could
elaborate a little bit more on that and also how this goes hand in hand with Art.
8.3 and the option of amicable solutions going forward.
A
Art. 8 is quite central
to the DMA. It speaks about the gatekeepers having to demonstrate effective
compliance in line with the goals of the DMA and that's quite important. The
compliance report serves as a first shot basically for the gatekeepers to convince the Commission that what they're doing is actually
ensuring effective compliance, but sort of this that it is not just words as the
Commission is going to require figures
and numbers that back up. And not only figures and numbers but also testing
that backs whether the gatekeeper really effectively complies with the obligations.
So the compliance report, as the Commission will put out in the draft form will
require a lot of material from the gatekeepers to show that they are effectively
complying. And then that would be the first port of call. But that doesn't
exclude that gatekeepers would want to
engage into the dialogue pursuant to Art. 8.3 beforehand so that would mean
that The Commission doesn't have to
engage in these dialogues, it has a discretion. So the Commission will then have to judge whether what
the gatekeeper has put forward is something which is in the grey area where one
can discuss or whether it's so blatantly non-compliant that the further
discussion about it doesn't make a lot of sense and the Commission would directly go to
non-compliance procedures. Or the Commission decides that there it makes sense
to engage in a more formal dialogue with the gatekeeper and to try to specify
more specifically what effective compliance means in the context of this
gatekeeper. A lot of these discussions will take place informally because the
gatekeepers will have a lot of interest in knowing relatively early the
direction of travel and the Commission
thinking because it’s not a very comfortable position for a gatekeeper to be in
to find out on March 2024 that what they've been doing so far is totally off
the mark and then be surprised. A lot of engagement at least as from September
can be expected. The Commission has already
seen a lot of engagement now by at least some of the gatekeepers, the ones that
we shouldn’t say are more willing to comply because everybody has to comply but
some of them are engaging more than others.
High-Level Group (EC)
Q
How did the first meeting of the High-Level Group go, are there any
tangible outcomes, and what is its likely role going forward?
A
According to the DMA,
the High Level group has two main purposes. The first purpose is to advise generally
on the implementation of the DMA with respect to the intersection of the DMA
with other laws. There was a useful discussion because the group has the data
protection authorities, the telecom regulators, the competition regulators, the
audiovisual Regulator. So, there was a very broad, rich debate on how these
areas of law actually cross fertilize.
The second purpose of
this group is to basically do a bit of horizon scanning to advise on what could
be done better in terms of working together in these areas and I think it was
very fruitful discussion. It was a first meeting, obviously more work needs to
be done but it was the first ever meeting at least in the European Union of all
of these different Regulators in one go. So, it was kind of historical in a way
that we all met in one room and discussed common interest topics like data
protection and DMA, or competition law and DMA.
Academia and the DMA (EC)
Q
What would the Commission see as the role of Academia in this first phase, anything that the Commission wish for that academia should be writing about in
the next months?
A
Academia could
usefully come in is in these compliance benchmarks. So go basically through the
obligations and try to figure out what would be a measure of compliance because
that will also come in the public consultation on the compliance report. We
would want to know from third parties including Academia: what would you use as
a benchmark for, for example, Art. 6.5 DMA? Is it an outcome related benchmark
a process related benchmark? What kind of benchmarks would you want to see in
terms of verifiability?
Competition law and the DMA (GG)
Regarding the relationship
between national law, or European competition, and the DMA, we have to bear in
mind that the Commission had two souls
housed in her breast. First of all, we have to remind ourselves that Art. 114 TFEU is the legal basis of the DMA, so it's an internal market competence. Therefore,
the Commission was really striving to create an harmonized set of European rules
for the internal market, so as to avoid fragmentation and achieve harmonization.
On the other hand, the full title of the digital markets act speaks to the
regulation on contestable and fair markets. That was really the underlying goal,
namely to achieve contestable and fair markets in the digital sector and
therefore the Commission didn't want to be too strict with regard to rules that
try to achieve the same or complementary goals. So, we have Art. 1 DMA that
really tries to balance out those two souls. It lies down which additional
rules are applicable next to the DMA.
There we can
differentiate three different pillars:
DMA complementary to European competition law
European
competition law remains fully applicable, complementary to the DMA. It's really
the full discretion of the Commission whether it starts an investigation under
the DMA or continues to pursue an investigation under competition law. There
have been great papers on the topic on how the Commission should decide whether to continue an
ongoing investigation also with the view to possible remedies (…).
DMA complementary to national competition law
The second pillar would
be the national competition law provisions which correspond to European
competition law and they also remain unaffected by the DMA, so fully applicable
DMA and national competition provisions which prohibit
other forms of unilateral conduct
The third pillar is
the one where it becomes a little bit trickier. These are the national
competition provisions which prohibit other forms of unilateral conduct. These
are in particular those national provisions which go beyond Art. 102 TFEU.
There the solution
is that it can only be applied to undertakings other than the gatekeeper if
they amount to the imposition of further obligations. That's basically the text
of Art.1.6 DMA, but what does it mean concretely?
Is the provision a
national competition rule?
For example, looking
at Section 19a GWB. There has been some discussion about whether this is a
national competition rule. Looking for guidance in the DMA, that would be Recital
10, which says basically that there are two decisive factors for the
classification of a competition law rule. First, whether there's a case-by-case
examination of the circumstances, so like market position, effects and conduct;
second, whether there's an efficiency defence open to the undertaking concerned.
If you look at Section 19a GWB, it's fair to say that it's really deeply rooted
in competition law. We look at the case by case assessment we have an
efficiency defence. Briefly, it is definitely a competition rule.
In which cases will a provision
like Section 19a GWB remain applicable?
There are three
different groups that we can broadly categorize:
1. Undertaking not yet
designated as a gatekeeper
The first group
will be cases where we have a behaviour of an undertaking that has not yet been
designated as a gatekeeper by the Commission under the DMA. So far we don't
have the designation decisions, they will be expected this fall and before we
have any designation decisions the Bundeskartellamt is entirely free to issue decisions
under Section 19a GWB.
One example was the decision of the Bundeskartellamt to issue a statement of objections
against Google's data processing terms. Some raised the the question whether
this was possible because the behaviour might be addressed by the DMA, but as we
don't have a designating decision the Bundeskartellamt was able to take this
decision.
2. Platform services
not listed in the designation decision
The second group
that we have for the future application of Section 19a is on platform services
that do not constitute a CPS under the DMA or that do not constitute an
important gateway under Art. 3 and are therefore not listed in the designation
decision. So, the Budeskartellamt will be able to issue decisions against such
services that were not addressed by the DMA because at this time or the time of
the negotiations we did not see that there might be competition issues.
3. New types of conducts
The third group encompasses
those cases where the Bundeskartellamt would like to react to new types of conducts
and therefore creates further obligations. It will be a very interesting
question, and Academia might be needed to really draw the fine line, to say
where it is a new obligation and where it is really more like a specification
or a modification of an existing obligation of the DMA.
Relationship between
the DMA and Section 19a GWB in particular (11th GWB amendment)
In sum, there's
ample room for the Bundeskartellamt to apply Section 19a GWB in the future and
that is why the federal government decided to include in its 11th Amendment to theGerman competition act some proposals also with a view to the DMA.
One of them is that the GG wants to empower the Bundeskartellamt to investigate possible cases of DMA
violations, not only to support the Commission but also because the German
government thinks there might be situations where the Bundeskartellamt doesn't
know right in the beginning whether a specific behaviour might be a DMA
violation or a violation of Section 19a GWB. The German government really wants
to equip the Bundeskartellamt to do their job and to find out which rule might
be the right one. Therefore, it's really important that Bundeskartellamt and
the European Commission really work hand in hand, fully cooperate. Making
reference to a quote by Vice-President Vestager, she said that the work of a
competition Authority can be described like clearing out the rubbish that's
been dumped in a river and the digital markets Act is sort of a filter that
removes some of this rubbish. She also said pretty frankly that still some
issues will remain and that competition law will therefore be an additional
tool that will still be important in the future. It's not only European
competition law that will remain important with a view to that but also the work
of the national competition authorities and national competition law.
How close are the DMA obligations to traditional competition law?
Q
Are the DMA
obligations referring to the same behaviours (e.g. self-preferencing, parity clauses)
as we have dealt with in competition cases or do we need a completely new sort
of approach to these provisions?
A by a competition lawyer
It's a challenge because
if you are a competition lawyer you have this filter or glasses on and see that
a lot is like in competition law or you think of antitrust precedents. That can
be helpful but can also be a trap.
One example are
FRAND obligations in Art. 6.12 or also in Art. 6.5 DMA (namely, the ranking
criteria need to be non-discriminatory). For a competition lawyer that means:
okay there might be objective justifications for a different treatment (actually
also for any public law lawyer). So the question there is: does this suddenly
mean you can you know put forward any objective justification for your criteria
which would presumably undermine the entire system? There is no efficiency defence,
and only very few exceptions, so you really need to take this provision by
provision and really challenge your own thinking and the concepts. Still, you
can take some concepts from antitrust law but it's not a given, it's it's not
one way or the other. It's really a provision by provision exercise and to look
at what really the goal and the purpose and the aim of that particular
provision. This is one of the questions we thought about when we started commenting
on these provisions.
A by the Commission
The competition
lawyer was absolutely right. We should be very careful in importing Anti-Trust concepts into this regulatory framework. The DMA especially in Art. 8 makes it
very clear that the obligations are to be interpreted in the light of the
objectives of the act, which are contestability and fairness. These two
concepts are not necessarily those that you find in competition law because
they go. You see in the Recitals [32 and 33, SV] where contestability and
fairness are defined, that they go beyond the notions that would be used in in
competition law. There's no time for getting into all of this now but the gist is
that the DMA has its own objectives. The obligations need to be interpreted in the
light of those objectives and therefore you cannot just simply import the
objectives of competition law into because then the tool would fail to serve its
purpose.
The DMA and the German “new competition tool”
Q
What is the interplay between the DMA and the German “new competition tool”
planned in the most recent amendment to German competition law?
A (GG)
What could perhaps very
hesitantly be called a subsidiarity clause in the proposal says that the new
instrument can only be addressed to cases where the existing competition law cannot
address a malfunctioning of competition and therefore it's not really targeted
at potential Gatekeepers.
Monitoring of effective implementation and compliance (Art. 26 DMA)
Q
Concerning the monitoring
of the effective implementation and compliance as of Art. 26 DMA, does the Commission has something in mind for that?
A (EC)
About technical
expertise or experts generally and “technically” is important because this is
probably the field of use where the Commission is going to make use of
expertise most. It's not so much the legal interpretation but technical
expertise is a scarce resource and the Commission might need third-party expertise.
That can come from third parties which are competitors or business users or represent
end users. That can also come from independent experts that the Commission can
hire. Within the Commission there is already the Joint Research Center which is
a pool of experts that the Commission can
draw on and they have PhD economists and Engineers.
Obviously, the Commission
will also have to rely on third-party expertise, to be brought in on a
case-by-key basis.
Final reflections on the European Parliament's role, now with
regard to the DMA and in the future
Also the European
Parliament is doing workshops. The EP can ask questions in a “lighter” manner
because the decisions are taken by the Commission. The EP is just there to make
sure that this great law is now implemented as efficiently and as strongly as
possible. Therefore, the next Workshop that the EP is doing is happening
tomorrow [25 May, SV] and the EP is looking a bit in the future about the
possibilities of social networks to be interoperable. The EP will also look at Art.101 and 102 TFEU relative to regulation because for sure there is an overlap and
there will be a decision of the Commission to be done at a certain moment in
specific cases. The EP is following that with great interest because it wants to
make sure that contestability and fairness are the dominant elements of digital
markets and that the Commission is making sure that this is possible.
This summer will be
very hot because this time we will see by the 3rd of July what companies have declared
their role and then the Commission later will have to make the designation […].
DSA designations may have a meaning also for the designation within the DMA. For
example, search and maps are to be treated there and this is an important
element that may have also an indication for the DMA.
As digital markets
are so fast and so dynamic, the Commission will need a lot of
that independent input, maybe from national authorities, maybe from the
research center but maybe also from Academia and therefore academia’s contribution
may still be needed.
Important to notice
also that the DMA was the first ever legal piece where FRAND is referred to in
secondary legislation. Now the Commission has come up with another proposal on
standard essential patents where these principles of FRAND are outlined a bit
more in detail but it's a process where probably we'll even see more in the
future. It doesn't make things easier but for lawyers – but lawyers love if
it's complicated because that gives them some food for thought and for
arguments.
Moreover, with
regard to the designation, in Art. 47 there is that the guidance of the Commission.
What is an operating system? How do different advertising services within one
company work together, are they one or two separate core platform services? All this for example on search and maps and
mapping services are open questions. There are different answers to be given,
there are different concepts to be applied. In the end, it's in the hands of
the European Commission. Thanks to [the
Podszun Commentary], they know a bit more about how it could be done
intelligently, smartly.
|
Good (DMA) ingredients |
|
Implementation matters... |