DMA forces large platforms to give users more choices, rivals more chances.

DMA

For months, some of the biggest tech companies have been wrapped up in discussions with the European Commission (EC), seeking feedback and tweaking their plans to ensure their core platform services comply with the Digital Markets Act (DMA) ahead of that law taking force in the European Union tomorrow.

Under the DMA, companies designated as gatekeepers—Alphabet/Google, Amazon, Apple, ByteDance, Meta, and Microsoft—must follow strict rules to ensure that they don’t engage in unfair business practices that could limit consumer choice in core platform services. These include app stores, search engines, social networking services, online marketplaces, operating systems, web browsers, advertising services, cloud computing services, virtual assistants, and certain messaging services.

At its heart, the DMA requires more interoperability than ever, making it harder for gatekeepers to favor their own services or block other businesses from reaching consumers on their platforms.

Each gatekeeper will publish compliance reports in the coming days, detailing for the first time what changes they’ve made to comply with the DMA. All companies have already previewed changes coming in the buildup to the deadline. Some companies, like Google, have announced various changes impacting businesses and users, while others, like TikTok-owner ByteDance, are begrudgingly updating services now while still contesting their gatekeeper status.

Although the EC has said that the DMA is intended to protect fair and open markets—theoretically offering users more choices to enhance transparency, privacy, security, and competition online—some tech companies have warned that some of the changes coming under the DMA may increase risks or decrease choices for their users.Advertisement

Last January, Apple warned that complying with the DMA required the company to take additional new steps “to reduce privacy and security risks the DMA creates.” According to Apple, DMA requirements linked to user choice—such as options to choose an alternative default contactless payment method other than Apple’s—could introduce new threats, like malware or malicious code used to scam users, that Apple can’t promise to protect against.

So far, all gatekeepers except for ByteDance have specified that changes coming soon will only impact users in the EU, the European Economic Area (EEA), and Switzerland. In a TikTok blog, ByteDance announced in March that new functionality added for DMA compliance will “roll out globally in the near future.”

However, it’s possible that other gatekeepers adjusting services may end up doing a cost-benefit analysis and, like ByteDance, eventually updating services in other parts of the world. This would potentially extend the DMA’s reach beyond the EU’s borders.

It also seems possible that other regions will quickly adopt the DMA’s standards. The EU and the US, for example, formed the EU-US Trade and Technology Council in 2021, which has been meeting more consistently in the ramp-up to DMA enforcement. Partly formed to cooperate on setting best practice technology standards, the next meeting is scheduled for this spring, just after the EC publishes summaries of gatekeepers’ compliance reports. Other countries, including Turkey, Australia, Brazil, India, and the United Kingdom, have already embraced the DMA model, according to the nonprofit tech policy think tank the Information Technology and Innovation Foundation (ITIF).

Some critics of the DMA, including ITIF, have urged countries to “carefully consider the full implications before copying the EU’s digital regulatory system,” warning of potentially burdensome restrictions possibly hampering innovation and distorting competition.Advertisement

Now that the EC is preparing to enforce the DMA officially, its impact will soon become clearer. However, the EC does not expect the online world to immediately look different tomorrow in the EU than it does today.

Some companies, like Microsoft, have estimated that DMA updates may not be available to all EU users until April, while other companies may fall short of DMA standards and be ordered to make more changes after submitting their first compliance reports.

Gatekeepers are expected to share compliance reports starting this afternoon, but for now, here’s a brief overview of changes coming to core services offered in the EU by all six gatekeepers.

Apple warns DMA creates potential risks

In January, Apple announced changes coming to iOS, Safari, and the App Store that will “become available to users in the 27 EU countries beginning in March 2024.”

Some changes are small. The only change in Safari, for example, is that users will be prompted to choose a default browser when they first open Safari in iOS 17.4 or later.

But changes to the App Store and iOS are more significant.

In the App Store, developers can expect extensive changes “affecting apps across Apple’s operating systems, including iOS, iPadOS, macOS, watchOS, and tvOS.” These include new options to process payments for digital goods with alternative service providers or by linking out to a website. Developers can now offer deals, discounts, and promotions outside their apps, too.

To help developers navigate these options, Apple also developed business tools to estimate fees or potentially reduced commissions.

Specifically for iOS, updates include new options to distribute iOS apps in alternative marketplaces and new APIs enabling developers to create alternative app marketplaces, use alternative web browser engines for in-app browsing, and “submit additional requests for interoperability with iPhone and iOS hardware and software features.”

Perhaps more significantly for users, Apple introduced “new controls that allow users to select a third-party contactless payment app—or an alternative app marketplace—as their default.”

Using these alternatives, Apple warned, may diminish the user experience by impacting system performance or draining battery life. And some features, like Family Purchase Sharing and Ask to Buy, won’t work “with apps downloaded from outside of the App Store.”

To protect users from supposed risks associated with using alternatives just made available, Apple also added safeguards to authorize marketplace developers, protect against malware, and conduct a “notarization” process involving “a combination of automated checks and human review.”

“These protections,” Apple’s blog said, “help reduce some of the privacy and security risks to iOS users in the EU,” but “Apple has less ability to address other risks—including apps that contain scams, fraud, and abuse, or that expose users to illicit, objectionable, or harmful content.”

Apple also will notify users when “no longer transacting with Apple” or “an app they’re downloading uses alternative payment processing.” These safeguards, Apple warned, don’t ensure customers can be refunded or supported when “encountering issues, scams, or fraud.”

Since announcing these changes, Apple has fielded feedback from thousands of developers and provided resources to help developers navigate new options. As a result of those discussions, Apple told Ars that it made changes to make it easier for developers to take advantage of new capabilities and business terms, as well as provided access to 50 new App Analytics reports.

Because of Apple’s changes, at least two alternative app marketplaces are expected to launch soon in the EU. Mobivention announced its marketplace coming Thursday, and MacPaw has promised a more “user-centric app ecosystem” coming in April.

DMA may reduce choice, Google whined

This week, Google announced changes coming to Search, Android, and its app store that will impact both users and businesses.

Like Apple, Google’s director of competition, Oliver Bethell, warned that the EU’s “new rules involve difficult trade-offs that will impact the people and businesses who use our products.”Advertisement

“Changes to our Search results may send more traffic to large intermediaries and aggregators, and less traffic to direct suppliers like hotels, airlines, merchants and restaurants,” Bethell wrote. And “for consumers, some of the features that we have developed to help people get things done quickly and securely online—like providing recommendations across different products—won’t work in the same way anymore.”

Making 20 updates to Search alone, Bethell said that Google will deliver richer search results, but some features will also be removed, such as the Google Flights unit.

Google also added new choice and consent screens. When setting up Android phones, a choice screen will now prompt users to set preferred default search engines and browsers. The same choice screen will soon appear on Chrome for desktop and iOS. Users will also see consent screens to “choose if they want to continue to share data across Google services.” Advertisers should also expect “multiple upgrades” impacting how they “communicate consent for data they collect.”

Additionally, Google will be changing how payments can be processed for in-app purchases, allowing alternative billing systems and expanding user-choice and alternative billing options to game developers this week. The Play Store will also feature new options to promote deals or lower prices on a rival app store or website.

And starting this week, developers can access a newly launched Data Portability API to make it easier for users to move a copy of their data to third-party services.

Where Apple has warned that the DMA may harm users, Google ended its blog with a mere whimper that the DMA may “reduce the choices available to people and businesses in Europe,” promising to continue working with the EC to promote its users’ best interests.

Some Meta changes limit choices

Meta’s competition and regulatory director, Tim Lamb, wrote in January that the tech giant began rolling out changes well ahead of today’s deadline.

By mid-February, users, for example, were able to “choose whether they would like to share information between” Meta services—like linking Facebook to Instagram or keeping them separate.

Similarly, Meta users could choose to disconnect Messenger, Gaming, and Marketplace from Facebook and use them as stand-alone apps. Some of these choices come at a cost, though. The stand-alone Marketplace app blocks users from contacting buyers and sellers through Messenger, and the stand-alone Gaming app limits choices to only single-player games.

Perhaps most controversially, Meta is also allowing users to opt out of ads by paying a subscription instead. In November, privacy advocate Noyb sued Meta, accusing the tech giant of charging a “privacy fee” instead of “freely given” consent as required under the EU’s General Data Protection Regulation.

Meta has not provided many more details on changes coming. However, notably, Meta could become the first gatekeeper to share its compliance report, which is expected this afternoon.

More transparency for Amazon advertisers

In January, Amazon announced changes coming for EU advertisers and publishers, enhancing transparency and making it easier for users to opt out of ads.

Changes for advertisers and publishers include providing more granular pricing reports, as well as “new, expanded reports that will provide data on the fees paid by the advertiser and received by the publisher for ads shown on third-party websites and apps.” Regarding the latter, any advertiser or publisher can opt out of disclosing fee data, Amazon said.

Starting tomorrow, Amazon will also make it easier for advertisers to measure ad performance by “independently” verifying “the success and impact of their campaigns in a privacy-safe, cloud-based environment.”Advertisement

For customers, visiting Amazon services will soon also trigger consent screens, allowing them to easily opt out of having their personal information used by “any Amazon service or third party to show them personalized ads.”

Windows auto-updates coming soon

Starting last November, Microsoft began previewing changes coming to Windows and LinkedIn.

On LinkedIn, users will see a choice screen to opt out of connecting the core LinkedIn service with other services. This could result in a “less tailored” experience, Microsoft warned.

Last month, LinkedIn also introduced APIs enabling users to “better access their data.”

On Windows, Microsoft confirmed that Windows operating system functionality will be clarified, and users will soon be able to uninstall Windows apps like Camera, Cortana, and Web Search from Microsoft Bing, Microsoft Edge, and Photos. In addition to tools currently offering interoperability, like toast notifications and widgets, Microsoft added more “interoperability points,” including feeds in the Windows Widgets Board and web search in Windows Search.

Further, to enhance privacy and transparency, Windows “will ask users if they want to sync their Microsoft account with Windows so that Windows data is available on their other Windows devices and in Microsoft products that users sign into.”

As of tomorrow, “customers in the EEA who have turned on the ‘Get the latest updates as soon as they’re available’ feature for Windows Update will get the DMA changes right away.” (That blog also provided instructions for users wanting to opt in to updates.)

Microsoft said that it expects to gradually roll out updates to all PCs through early April “while closely monitoring for any quality issues.”

Currently, Microsoft’s chatbot, Copilot, is only available as a preview in the EEA, and Microsoft stressed that updates under the DMA do not apply to Copilot. Once Microsoft officially introduces Copilot in the EEA, that service could change, though.

TikTok disputes gatekeeper status

TikTok was only designated as a gatekeeper for its social networking service, limiting its relevant obligations under the DMA.

To comply, TikTok announced this week that it will improve the “speed and functionality” of its Download Your Data tool. Perhaps most significantly, users can refine the data that they export to only include desired categories.

TikTok also introduced a new Data Portability API that will “allow registered developers to request user permission to transfer a copy of their TikTok data,” TikTok’s blog said.

Through this new tool, EEA “users will be able to authorize either a one-time or recurring transfer and will be able to select specific categories of data or their full archive, allowing for continuous and real-time data portability,” TikTok said.

Unlike most companies emphasizing that most of these changes exclusively impact EEA users, TikTok has already announced intentions to expand new tools to users in other markets.

“These changes are rolling out now to users in the EEA, with plans to roll out globally in the near future,” TikTok said, while noting that it has begun collecting feedback from business owners on these changes to help inform any “future developments.”

However, although TikTok championed these changes, writing that “TikTok believes our users benefit from both competition and control of their data and is pleased to be offering these portability solutions to EEA users,” TikTok still plans to oppose its gatekeeper designation.Advertisement

“As we have made clear, we fully support the goals of the DMA, but believe that our designation risks undermining the DMA’s own stated goal by protecting actual gatekeepers from newer competitors like TikTok and will continue our legal challenge to the underlying designation,” TikTok said.

TikTok may be able to wriggle out of gatekeeper status if it convinces the EC that, as a newcomer, it’s too young to be considered a threat. Last month, Apple and Microsoft succeeded in dismissing DMA obligations for iMessage, Bing, Edge, and Microsoft Advertising.

The future remains unclear, however, because, like tech companies, the EC is still figuring out how to enforce the DMA. As platforms grow and change over time, more gatekeepers will likely be designated, provoking new discussions on compliance. Most recently in March, the EU began reviewing disputes on potential gatekeeper status from ByteDance, X, and Booking.com.

And the EC won’t be the only one weighing in on how the DMA should apply. In March, TechCrunch reported that Epic Games, Spotify, Proton, 37signals, and other developers accused Apple of making a “mockery” of the DMA. They’ve asked the EC to take “swift, timely, and decisive action against Apple” to shield developers from new fees and stop Apple from allegedly misleading users about risks associated with new alternatives offered under the DMA.

“It took about an hour for app developers to realize they had been screwed,” Damien Geradin, a lawyer for developers critical of Apple, said last month shortly after Apple’s announcement.

LEAVE A REPLY

Please enter your comment!
Please enter your name here