Competition, antitrust and trade

EU rules for 'gatekeepers' coming in 2023 as Digital Markets Act is published

Published on 13th Oct 2022

Significant change in competition legislation will affect all players active in digital markets

European parliament empty assembly room

The Digital Markets Act (DMA) was published in the European Union's Official Journal on 12 October 2022. The DMA will enter into force 20 days after appearing in the Official Journal (1 November 2022), which will be followed by a six-month period before the rules apply (2 May 2023). The designation of firms as "gatekeepers" – namely those players who will need to comply with the new rules – will take place in mid-2023 and gatekeeper firms will need to comply by March 2024.

The EU is hoping that these rules will have a significant impact on the functioning of competition in digital markets, as well as the effectiveness of public and private enforcement. This is hoped to be achieved by allowing perceived market power detriments to be tackled flexibly using both the ex-ante rules established by the DMA alongside the traditional competition tools. This is a significant piece of legislation that all players active or planning to become active in digital markets should be aware of, and not just those to whom the rules apply.  

The Commission's Implementation Taskforce is already engaging with gatekeepers and other interested third parties and many companies in this space can expect contact over the coming weeks and months.

What is the DMA?

As previously reported, the stated aims of the DMA are to "ensure a competitive and fair digital sector with a view to promoting innovation, high quality digital products and services, fair prices and high quality and choice in the digital sector." This is to be done by creating a system of ex-ante regulation which is targeted at digital players with significant scale and reach within the EU – these firms will be designated as "gatekeepers". 

Gatekeepers are firms that have a significant impact on the internal market, provide a core platform service which is an important gateway for business users to reach end users and enjoy an entrenched and durable position in its operations or it is foreseeable that it will enjoy such a position in the near future.

How will gatekeepers be designated?

The DMA contains objective thresholds for assessing gatekeeper status – if firms meet the criteria below they will be presumed to satisfy the gatekeeper criteria:

  • the firm has an annual turnover in the EU of €7.5 billion or more in each of the last three financial years or its average market capitalisation/market value is at least €75 billion in the last financial year. In addition, it must provide the same core platform service in at least three Member States; and
  • the firm provides a core platform service that had an average of at least 45 million monthly active end-users and at least 10,000 yearly active business users established or located in the EU in the last financial year; and
  • each of these thresholds was satisfied in each of the previous three financial years.

The DMA provides that companies will need to notify the Commission if they meet these thresholds, within two months from when the thresholds are met. 

Additionally the DMA allows the Commission to designate firms as gatekeepers on a case-by-case basis. The Commission is able to carry out a market investigation in order to assess a range of qualitative criteria in order to assess whether any firm should be designated as a gatekeeper.

The turnover/capitalisation thresholds are the result of substantial negotiation between the European Council, Commission and Parliament. Earlier drafts had put the turnover and market capitalisation thresholds at €6.5 billion/€65 billion and €8 billion/€80 billion.

Given these thresholds, the rules are expected to only apply to a limited number of major players. However, companies are obliged to continuously self-assess whether they fall within the scope of the DMA and given that some aspects of the tests (like the scope of some core platform service as well as who is counting towards the active user) are still up for interpretation, the rules may capture more players than anticipated at this stage. 

What will gatekeepers have to do?

Firms designated as gatekeepers will be subject to rules that set out both prohibited behaviour and obligations which the gatekeepers must comply with.

Examples of the obligations which the gatekeeper must comply with include:

  • Allowing third parties to interoperate with the gatekeeper's own service in certain specific situations (for example, allowing alternative messaging services to be able to interoperate with the gatekeeper's messaging service, if requested).
  • Allowing business users to access certain data that they generate in their use of the gatekeeper's platform.
  • Giving end users and third parties the ability to effectively port their data from the platform. 
  • Providing companies advertising on the gatekeeper's platform with the tools and information necessary for advertisers and publishers to carry out their own independent verification of their advertisements hosted by the gatekeeper.
  • Allowing end users to easily uninstall software applications on the gatekeeper's operating system.

Prohibited behaviours include:

  • Self-preferencing – treating services and products offered by the gatekeeper itself more favourably in ranking than similar services or products offered by third parties on the gatekeeper's platform.
  • Usage of certain data, including usage by a gatekeeper of any non-public data from business users on its platform to compete with those businesses, and combining personal data obtained from the core platform services with any other service unless in accordance with the General Data Protection Regulation (GDPR). 
  • Preventing business users from concluding contracts with users on the platforms outside the platform, or preventing business users from offering products or services at different prices of conditions outside the platform (such as via a direct channel)
  • Requiring parties to use, offer or interoperate with an identification service, a web browser or a payment service offered by the gatekeeper, for instance requiring parties to use the gatekeeper's payment system for in-app purchases. 

Osborne Clarke comment

This is a significant piece of legislation – in combination with the upcoming content moderation law contained in the Digital Services Act (see our Insight for more detail), the DMA is key to the EU's digital strategy and tackling perceived harms associated with the growth of fast-moving digital markets.  

While the most obvious impact will be on the firms who are designated as gatekeepers and who will be required to undertake significant work to ensure compliance with the rules, the ramifications will be felt by all players active in digital markets as business practices begin to change – both gatekeepers and those that deal with gatekeepers will need to ensure they understand the rules and what changes are coming.

In addition, it is expected that private enforcement of the DMA will play a vital role. Most recently, Germany’s Federal Ministry for Economic Affairs and Climate Action (BMWK) presented a draft amendment of national competition law according to which private enforcement of the DMA should benefit from the same rules as private enforcement of competition laws.

Furthermore, we are seeing a significant shift in enforcement – a point that has been emphasised by the Director-General of the Directorate General for Competition, Olivier Guersent, who has said that the tools provided by the DMA are necessary in a new era of "global and cooperative enforcement." Not only do we expect to see more flexibility in the use of enforcement tools (as the DMA and traditional competition enforcement tools are combined), but also a continued move towards more robust enforcement. 

The EU is not alone in seeking to bring in rules to regulate digital markets; the UK, for instance, is proposing to bring in similar rules to be overseen by a new regulator, the Digital Markets Unit, and regulation is also being considered in the US. Other countries, such as Germany, have introduced quasi-regulation in their competition laws tackling similar companies and issues to those targeted by the DMA and also going beyond the scope of the DMA in certain respects.  

As the regulators use these new tools to tackle cross-border issues, there is increasing need for cross-border cooperation. However, divergences are expected – particularly because regulation in this area is highly political – and it will be important for international businesses to be aware of and respond to different regulatory approaches.  


* This article is current as of the date of its publication and does not necessarily reflect the present state of the law or relevant regulation.

Connect with one of our experts

Interested in hearing more from Osborne Clarke?