EU's Digital Markets Act targets Big Tech giants

The European Union's Digital Markets Act has entered full enforcement, placing sweeping new obligations on the world's most powerful technology companies and marking the most ambitious regulatory intervention into the digital economy in a generation. The legislation targets so-called "gatekeepers" — a legal term for platforms so dominant they control access to entire digital markets — and carries fines of up to ten percent of global annual turnover for violations, rising to twenty percent for repeat offenders.

What the Digital Markets Act Actually Does

The Digital Markets Act, commonly referred to as the DMA, establishes a new category of technology company called a "gatekeeper." To qualify, a company must operate a "core platform service" — which includes search engines, social networks, app stores, messaging services, operating systems, cloud computing, and online advertising — and must meet specific size and entrenchment thresholds set by the European Commission. Once designated, gatekeepers face a detailed list of obligations they must meet and practices they are prohibited from engaging in.

Core Obligations for Designated Gatekeepers

Among the most significant requirements, gatekeepers must allow third-party businesses to interoperate with their services. This means, for example, that a dominant messaging platform cannot block users from exchanging messages with people on rival apps. Gatekeepers must also allow app developers to distribute software through channels other than the gatekeeper's own app store — a provision that directly challenges the business model of major mobile operating system operators. They are further prohibited from ranking their own products and services more favourably than competing offerings on their platforms, a practice regulators have long accused certain companies of employing in search and e-commerce contexts.

Data obtained through one service cannot be combined with data from another service without explicit user consent, and gatekeepers may not use data gathered from business users — the companies that sell goods or advertise through their platforms — to compete against those same businesses. According to the European Commission, these requirements are designed to restore contestability to markets that have become structurally resistant to competition. (Source: European Commission)

Who Is Designated and Why It Matters

The Commission has formally designated Alphabet, Amazon, Apple, ByteDance, Meta, and Microsoft as gatekeepers. Collectively, these six companies account for a commanding share of digital advertising, cloud infrastructure, consumer device ecosystems, and online retail globally. Research from IDC indicates that the top five cloud providers alone control more than 65% of global cloud infrastructure spending, underscoring the concentration of market power that prompted the DMA's creation. (Source: IDC)

The designation process is not purely automatic. Companies can contest their designation before the Commission, and the legal process for doing so has already generated significant procedural activity. However, once designated, compliance timelines are strict, and the Commission has made clear that it will not offer extended grace periods for companies that fail to restructure products and policies accordingly.

The Enforcement Architecture

Unlike previous European competition law, which required regulators to prove harm had already occurred before intervening, the DMA operates on a forward-looking, behavioural basis. Regulators do not need to demonstrate that a gatekeeper has caused measurable market damage. Instead, the mere existence of prohibited practices — or failure to fulfil obligations — is sufficient to trigger enforcement.

Non-Compliance Investigations Already Underway

The Commission has opened formal non-compliance investigations into several designated gatekeepers since the Act took effect. Areas under scrutiny include app store policies, browser and search engine choice screens, and the treatment of rival services in platform rankings. Officials said the investigations signal that the Commission intends to treat the DMA as a live enforcement instrument rather than a framework document. Wired reported extensively on the early friction between regulators and platform operators over the precise technical implementation of interoperability requirements, noting that the practical challenges of building open messaging interfaces at scale have become a significant point of contention. (Source: Wired)

The Commission has also indicated that it is actively monitoring compliance with advertising data separation requirements, which require gatekeepers to obtain explicit consent before combining personal data across services. This provision has particular relevance for companies that operate large advertising ecosystems spanning multiple platforms and data sources.

Big Tech's Response

The designated companies have responded to the DMA through a combination of product restructuring, legal challenge, and public advocacy. Apple announced changes to its App Store policies in Europe, introducing alternative distribution mechanisms and revised fee structures for third-party app marketplaces, though the Commission subsequently indicated it was examining whether those changes constituted genuine compliance. Meta launched a subscription model for ad-free access to its social platforms in Europe, framing it as a consent mechanism under DMA and broader data protection requirements.

Legal Challenges and Lobbying Pressure

Several companies have mounted legal challenges to specific provisions of the DMA at the European Court of Justice, arguing that certain obligations are disproportionate or technically unworkable. Industry bodies representing technology companies have submitted detailed representations to the Commission arguing that the interoperability requirements in particular could create security vulnerabilities by forcing platforms to open infrastructure to unvetted third parties. Regulators have largely rejected these arguments, stating that security concerns cannot serve as a general exemption from competition obligations. MIT Technology Review has noted that the interoperability debate encapsulates a broader tension in platform regulation: the genuine complexity of engineering open systems at scale versus the use of technical complexity as a shield against regulatory accountability. (Source: MIT Technology Review)

Lobbying expenditure by major technology companies in Brussels has risen sharply since the DMA was first proposed, according to EU transparency register disclosures. Officials from the Commission's Directorate-General for Competition have publicly acknowledged the intensity of industry engagement but maintained that the legislative text is final and enforcement will proceed on its terms.

Implications for Businesses and Consumers

For the businesses that rely on dominant platforms — app developers, online retailers, digital advertisers, and media publishers among them — the DMA represents a significant structural shift in their operating environment. The prohibition on self-preferencing, if enforced effectively, could materially change the visibility and competitiveness of third-party products on major search and e-commerce platforms. The obligation to provide access to data generated through platform interactions, subject to consent requirements, could alter the economics of digital advertising for smaller operators who have historically been at a disadvantage compared to gatekeepers with access to first-party data at scale.

Consumer-Facing Changes

For individual users, the most immediately visible changes are likely to involve choice screens — prompts presented during device setup or browser launch that allow users to select default search engines, browsers, or assistants — and messaging interoperability. The latter remains technically complex. Encrypted messaging services, for instance, face a specific engineering challenge: connecting end-to-end encrypted conversations across platforms with different cryptographic architectures without weakening the security guarantees that encryption provides. The Commission has acknowledged this complexity and has established technical working groups to develop standards, but the timeline for full interoperability implementation remains subject to negotiation.

Gartner analysts have observed that consumer awareness of DMA-driven changes remains limited, suggesting that the regulatory impact will be felt more immediately by business users and developers than by general consumers in the near term. (Source: Gartner)

The Broader Regulatory Context

The DMA does not exist in isolation. It sits alongside the EU's Digital Services Act, which governs content moderation and platform transparency obligations, and interacts with the General Data Protection Regulation, which has been the primary instrument for data privacy enforcement across the bloc. Together, these instruments constitute what Commission officials describe as a comprehensive digital regulatory framework — one that other jurisdictions are watching closely as they develop their own approaches to platform regulation.

In the United Kingdom, Parliament has moved forward with comparable legislation. The Digital Markets, Competition and Consumers Act establishes a strategic market status regime that shares conceptual similarities with the DMA but differs in important structural respects, granting the Competition and Markets Authority broad discretion to impose bespoke conduct requirements on individual firms rather than applying uniform sector-wide rules. The UK Digital Markets Bill navigated a contentious parliamentary process before receiving Royal Assent, reflecting the political difficulty of legislating in an area where powerful commercial interests intersect with genuine policy complexity.

Regulators on both sides of the Atlantic have also been grappling with the implications of artificial intelligence integration into platform services, a dimension that the DMA's drafters did not fully anticipate at the time of drafting but that is now central to enforcement discussions. The UK government has moved to tighten AI regulation for major technology companies, and the Commission has acknowledged that AI-driven features embedded in gatekeeper platforms may require specific DMA guidance. Meanwhile, broader safety considerations have shaped related legislative efforts, as seen when UK authorities unveiled new AI safety requirements for technology giants operating in consumer-facing contexts.

Transatlantic Divergence and Its Consequences

A significant question hanging over the DMA's implementation concerns regulatory divergence between the EU and the United States. American federal antitrust enforcement has historically relied on case-by-case litigation rather than ex ante regulation — the DMA's approach of setting rules in advance regardless of proven harm. The absence of equivalent federal legislation in the US means that major technology companies may face fundamentally different legal obligations depending on geography, creating incentives to build separate product configurations for different markets. This fragmentation has cost implications for platforms and may, over time, produce meaningfully different user experiences for European and American consumers using nominally the same services.

The Digital Markets Act represents a fundamental test of whether democratic governments can meaningfully constrain the structural power of technology platforms through legislation, without triggering capital flight, service degradation, or protracted legal stalemate. The Commission has signalled repeatedly that it regards the DMA not as the end of a legislative process but as the beginning of a sustained enforcement effort — one it intends to pursue with the resources and institutional will required to make it effective. Whether that ambition translates into durable market change will depend on the outcome of the legal battles ahead, the technical feasibility of mandated interoperability, and the willingness of enforcement bodies to impose the full weight of available sanctions when violations are established. The digital economy, and the competitive dynamics that shape it, will look materially different depending on the answers to those questions. Further legislative developments in adjacent areas — including the ongoing evolution of online safety frameworks challenged by the technology industry — will continue to define the boundaries of platform accountability across Europe and beyond.