Exactly three months ago, the EU Digital Markets Act (DMA) entered into force on November 1, 2022. Soon to be implemented in May 2023, the DMA’s objective is to “put an end to unfair practices by companies that act as gatekeepers in the online platform economy.” This is a very European-like approach to big tech regulation, reminiscent of the EU’s General Data Protection Regulation (GDPR) which alleges to prioritize citizens’ data privacy and security. The underlying premise of these regulations is that companies will somehow benefit from emerging competition and the fostering of innovation. However, regulations like the GDPR and DMA do nothing of the sort.
In justifying the DMA, the European Commission has stated that “gatekeepers” can “prevent competition, leading to less innovation, lower quality, and higher prices,” and “consumers are likely to pay more.” Their approach of punishing big tech companies for being “big,” however, harms consumers. In fact, as a result of such policies like the DMA, citizens are subject to lower quality services, greater cybersecurity risks, and a smaller range of products available.
For instance, Article 6(d) of the DMA states that gatekeeper platforms are not permitted to “treat services and products offered by the gatekeeper itself more favorably in ranking than similar services or products offered by third parties on the gatekeeper’s platform.” In essence, this is a restriction on “self-preferencing,” the act of offering consumers a synergized way of accessing services or products in the same platform. For example, Google can put Google Meet in Gmail, which is practical and accessible for users. Apple makes its own products available on the App Store, such as iTunes. This ease of access benefits consumers greatly, and they can choose whether or not to take advantage of it. Governments, then, should not restrict businesses from preferring their own products, or limit consumers’ choices- especially when they can be utility-maximizing.
Furthermore, Article 6 of the DMA states that “obligations for gatekeepers [are] susceptible of being further specified,” indicating indetermination and possibly leading to unintended compliance violations by companies that have little way of knowing exactly what the generalized obligations entail.
Perhaps this was intended on the policymakers’ ends. As Portuese states, “constant micro-managing companies can be said to be more cumbersome for regulators than a one-time company breakup.” Essentially, breaking up a company would be less time consuming and resource costly than having to check its algorithm regularly and frequently. This realization risks incentivizing policymakers to overregulate through rules like the DMA and GDPR while simultaneously foregoing innovation incentives for tech companies.
Admittedly, consequences of the DMA have some positive effects on consumers. For instance, Apple is no longer permitted to sell its own exclusive charger, but instead must comply with the USB-C charger mandate for all of its devices. This will lower costs for users by an estimated combined 250 million euros per year, according to the European Commission. However, this miniscule per-person cost reduction is unlikely to make up for impacts from self-preferencing restrictions which would forego consumer benefits.
Another common pro tech and data privacy regulation argument is that the increased accountability through laws improves consumer trust. Věra Jourová, Commissioner for Justice, Consumers and Gender Equality, claimed that the GDPR “gives businesses opportunities to make the most of the digital revolution, while ensuring people’s trust in it.” Indeed, a 2022 McKinsey survey showed that 53 percent of respondents claimed to make online purchases or use digital services only after making sure that the company had a reputation for protecting its consumer data. However, implementing policies with the intention of shrinking large-scale enterprises will not improve consumer trust. Moreover, while 75 percent of organizations believe the GDPR in particular had a beneficial impact on consumer trust, it was revealed that only 13 percent of EU citizens read websites’ privacy statements fully.
GDPR components such as its primary trust-mechanism, its requirement for obtaining informed consent for data collection, is widely misinterpreted as an effective means of improving trust. In reality, as Herrle and Hirsh point out, “The act of quickly clicking a button is fairly incongruent with the concept of offering meaningful consent, particularly when ‘consent fatigue’ arises in the face of an endless stream of vaguely worded, often unreadable, notifications.”
The EU’s approach to big tech regulation, while supposedly aiming to redistribute power from large firms to small businesses, does not accomplish its goal. For instance, Article 5(b) of the DMA requires businesses to give rivals access to their own technologies, as they must “allow business users to offer the same products or services to end users through third-party, online intermediation services.” This overregulation deters potential new businesses from both entering the market and innovating.
Those in the EU government would do well to review basic economy theory, which states that companies rely on economies of scale. This is especially true for digital companies that depend on mass usage of services across networks for profit. The EU is already behind in the technology market among intimidating competitors such as the US and China. Its GDPR, despite being a good step in spreading awareness on the importance of data privacy and security, was a significantly market-disruptive policy. Now with the DMA, the EU risks further disadvantaging itself in tech innovation and entering the digital market. On top of that, the EU’s new Artificial Intelligence Act (AIA), which the EU aims to adopt by the end of this year, will very likely do the same.
Obstacles for emerging companies remain unchanged, if not worsened, by the regulation. It seems the EU government is going after American tech companies by not giving any alternatives except for compliance. In addition, it appears that EU policies are having drastic impacts on American tech governance, with the US House even approving an antitrust bill targeting big tech dominance. The future of private governance in the tech industry is looking grim. However, as EU official Gerard de Graaf put it, “Negotiations are over, [and] we’re in a compliance situation. You may not like it, but that’s the way it is.”