Of Hope, Reality, and the EU Digital Markets Act

There is unmitigated, giddy, dizzy pride in the Brussels antitrust bubble and among “digital do-gooders” around Europe about the stupendous innovation which is the Digital Market Act (DMA). It’s early – the DMA only entered into effect in March. But while I applaud the effort and commitment of the implementation team, I am less optimistic on what can realistically be achieved, and wish for some critical introspection amongst regulators and experts. I also hope to see more support for other, complementary initiatives.

I have at least three “reality bites” reactions to the “DMA show” which currently occupies so much of the policy space in Brussels:

• First, what is achievable under this law has been significantly hyped, and claims that rules would be “self executing” without the need for lengthy enforcement are (predictably) turning out to have been unrealistic.
• Second, and related, regulators need a deeper understanding of business models and technology to see which individual rules really matter, as opposed to complainants’ wishlists. This is an issue endemic to digital enforcement: just like the failed antitrust cases of the last decade in Europe missed the mark, because they were often just a repackaging of a complainant’s specific agenda, regulation which essentially reproduces those very same antitrust issues as ex ante rules will have piecemeal effects and will not truly disperse power. Democratizing the digital space away from extractive business models and giving greater agency to people on their data requires disintermediation of gatekeepers. While complainants provide key insights, their incentives may also be to get a larger share of the rents extracted by the platform (in other words, partake in the profits of monopoly) rather than a vision for how to truly deconcentrate markets.
• Third, there is a legal academic community which also does not often understand business models, but has been presented with a new shiny object that gives them the opportunity to publish legal papers for years to come, and thinks only one side (the complainants) are always by definition right. Relatedly, the academic economists who engage in policy are also in the main relatively blinkered about how business models work and have blind spots or narrow sense for what the objective should be.

For sure, we should celebrate the DMA as a democratic achievement. I do not think the DMA is doomed to failure, but the amount of energy and focus it is absorbing in Brussels is disproportionate to the results it can achieve. It will not come close to addressing any of the fundamental issues of power, data extraction and toxic business models which have degraded the internet experience and are getting rapidly worse with AI. And there are other worthwhile things to do alongside it that get no attention. More on this below.

1. We have overstated what is achievable, and even partial results will be slow

“Regulating” vast digital businesses with market caps larger than most European countries’ GDP was always going to be a triumph of hope over experience. Aside from practical challenges, the foundational question remains for me: what are we regulating for? What is our goal, and is that achievable? Suppose our main principled objection was to these companies’ size and sprawling reach (am using shorthand) which enables them to control multiple aspects of our lives (through digital identities they own, expropriation and exploitation of our data, massive networks of assets and capabilities they can swing from market to market and create deep moats). And suppose the ultimate aim was to address that power, deconcentrating core markets, creating paths for scaling challengers and more democratic opportunities for citizens.

The trouble is that undoing platform power cannot be realistically achieved with regulation as we know it, “European style.” Europe has a history of separating infrastructure from services, and using regulation to set the rules of the road to enable entry in services (e.g. an access regime). But monopoly power remains with the infrastructure owner whose conduct is then prescriptively set (unless there is active promotion of infrastructure competition as part of sectoral industrial policy). The principal point is that the power of an infrastructure owner cannot be typically dispersed by regulation of conduct which does not have structural deconcentrative powers.

What outcomes can the DMA as a regulatory regime realistically deliver? Recall the DMA was put in place in the wake of failure of antitrust enforcement – a handful of digital cases not delivering any change on the ground. Sometimes the theory of harm was wonky and contested for years, sometimes the remedies were worthless. But the engineering of the DMA, its design, was ultimately based on a synopsis of the very same theories of harm in those antitrust cases, narrow and specific, translated into “do’s and don'ts.” In passing, I note that the Federal Trade Commission’s Amazon complaint and the US Department of Justice Apple complaint actually have sought to put forward ambitious “overall theories of the case” where multiple aspects of conduct are seen as related and combine to generate extractive, moated ecosystems that frustrate entry and innovation. The questions for the judge will be the strength of the evidence and what if anything one does about it, but there is in those complaints at least an effort to pull together overall narratives about ecosystem power. The DMA is not that. Although commentators have been at pains to argue ‘this is not traditional antitrust and it is not traditional regulation,’ it is a set of discrete rules imported from a narrow antitrust experience, and repurposed as ex-ante regulation.

It is thus important to be realistic about the goals. When fairness and contestability were hailed as the animating principles, discussed at length in multiple academic papers, there was also an expectation that the rules would be complied with pretty much spontaneously because companies surely would understand “they must obey the law,” and compliance would bring about directly greater fairness and contestability. How, when, how much? Can these rules beat down Google, Apple, Amazon, or Meta to create real competition to them in their core businesses? Search, devices, social networks? My view is the rules can bring about some more fairness vis-à-vis dependents, and some contestability in the sense of allowing some complementary businesses to set up on the platform in competition with the platform’s own service. That’s a worthwhile effort as long as we are all clear this is not a real challenge to the platform’s core status. It’s mostly competition on the platform, not competition to the platform. It’s not worthless, but let’s be clear that digital giants are not being disassembled here – it’s about creating competition to the services they offer.

Process is also a problem – inevitably so. Precisely to avoid the pitfall of prolonged enforcement actions, the legal text set out a process whereby following “designation” for some of its activities, the gatekeeper is requested to proactively “comply with the law” and set out how it was doing so in a compliance report that was due by March 7, 2024. The intention was understandable: making gatekeepers proactively comply is of course much preferable to dragging them kicking and screaming through a regulatory process. They have to mark their homework, with the EU Commission then verifying they actually comply with the law. The main problem with this is that it does not formally provide for what is the essential role of a judge, or indeed a regulator: clear instructions on how to comply. Regulation requires the regulator to regulate: i.e. to engage in detail with the facts and set out the rules of the road in a tightly prescriptive manner. This is what we have done with access prices in telecoms, for instance. The process was deliberately designed to be different here, described formally as “reversing the burden of proof” (away from regulators having to find harm and eventually trying to remedy it). In practice, this has meant multiple Commission meetings over the months with the gatekeepers reporting back to discuss their progress, and a few “public workshops” where each gatekeeper set out its proposed plans to an audience of complainants and interested parties (from consumers’ associations to lobby groups). The Commission curiously played the role of the host, doing the honors. “Learning by doing,” yes. But this approach allows gatekeepers to say one of three things in response to the expectation they will comply:

1. I don’t know what I am supposed to do. You say I must “comply with the law”, but the letter of the law isn’t clear to me. Unless you tell me exactly what to do, I will do what I think I am required to do. Don’t like it? The complainants don’t like it? If you want more or different, you’ll need to tell me exactly what to do.
2. I think this is the minimum I am required to do given what the law literally says, and I will do precisely this. Do you want more? Explain why the law requires me to do more, otherwise I am not going to volunteer more.
3. This is dumb, from an engineering/technical point of view, and I just will not do it.

Most gatekeepers used some combination of all three, but fell short of someone’s expectations – complainants or commentators – and were described as “maliciously complying” The Commission followed up just a few days after the March deadline with the announcement it was opening suspected “non compliance investigations” against Google, Apple and Meta, and possibly Amazon. There was jubilation in the antitrust bubble about the speed and force of this reaction, although this was also calling out that the early take that regulation was going to be “fast” as “self executing” was hype. The number of pages in legal articles and presentations on the “self executing nature” of the rules has been mind boggling in light of the reality that the Commission will require time to decide whether the suggestion of non compliance is founded, and more months to decide exactly what the compliance plan is missing. Further, these decisions can all be challenged in court. Thus, for a law entered formally into effect a year ago, it will be at least 6 months or perhaps another year before we have an initial pronouncement on whether there is failure to comply. Only then will the discussion start on what else do gatekeepers need to do.

One might ask: but if all roads lead to Rome – meaning in the end the gatekeepers will have to converge with the Commission’s will somehow – why not cut one’s losses and do it proactively? The answer is, of course, that time is money: every few months of status quo persisting means the redde rationem is pushed forward and business models are protected a little longer. And of course, there is limited fear that things will get seriously worse, notwithstanding sabre rattling by the Commission and lawmakers that “business models need to change” and “we will move to DMA 2.0 and even breakups for repeated noncompliance.” The credibility of these statements as incentives to comply early is low.

Overall, my issue is that while the Commission is learning by doing and it’s still “early days,” the scope of the rules is focused on individual conducts and does not address fundamental issues of power, extractive business models which exploit data and diminish agency, and threats to the democratic discourse. There will be some improvement, perhaps, in consumer choice and in the ability to impose unfair bargains on “dependants” – but no major change; and any change will involve a long slog.

2. Regulators struggle making sense of business models, under pressure from complainants and interveners

In the prior decade and a half of European antitrust enforcement failures, regulators not really understanding gatekeepers’ models made for wonky cases. This was certainly true, for instance, in the enforcement cases against Amazon and Apple. Amazon pushed back on allegations it was “excluding” third-party sellers from its platform, until the “foreclosure” concern was transmogrified into a quasi-exploitation charge around use of seller data (and the case was shut down with a settlement). For nearly a decade, Apple faced a case initiated by Spotify on terms for music streaming services selling subscriptions from the App Store – which again the Commission for years framed as an exclusion case and only at the last minute repurposed into a narrow exploitation case limited to Apple’s no-steering rules for music streaming apps. Apple has recently been fined and told to abandon anti-steering rules. The next natural question is what is Apple entitled to request that Spotify pays when it signs up subscribers on its website for use on an Apple device. Dismally for Spotify, Apple proposed to allow “linking out,” but also set a 27% commission (30% minus the payment processing cost) for each subscriber gained outside and then imported into the device. The resolution to this case has since been wrapped into the discussion of analogous provisions in the DMA mandating that an app store gatekeeper should allow developers to reach potential users directly (“steer”), and should allow third party app stores to be allowed within iOS.

But what virtually no one talks about in the external debate is the real elephant in the room: what Apple should be allowed to charge for use of the platform. There is no question from the letter of the DMA that Apple can charge something, and on first principles, access to a platform typically recognizes a fee to the platform owner (who undertakes ongoing investments to maintain the platform, provides tools to services on the platform, and distributes the service to platform users). This is a classic access pricing problem. The DMA talks about “FRAND rates,” but what does this mean? In standard SEP settings, the patentee sets a FRAND rate that applies, unless the implementer challenges it in court. How will this work here? Who is working on this question? What is the fair payment a platform should receive for access to its services? How should it be structured? We have encountered this problem before, with regulators painfully working out access pricing to infrastructure. Here the FRAND framing means the issue is left to the company to resolve, and then the EC will presumably decide whether the rate is “non FRAND” and therefore “non compliant.” This will be some process.

Another example is self preferencing rules. The Commission opened a suspect non-compliance investigation around the concern that Amazon is self preferencing its own private label products over third parties (though it apparently settled that very question with Amazon in 2022 after a series of gyrations on the theory of harm). As economics professor Martin Peitz from the University of Mannheim stated at an April 3 Parliament hearing, Amazon’s incentives to do this are not clear, and the evidence from outside researchers is indicative but inconclusive because no one has Amazon’s data (this also holds true in economist Joel Waldfogel’s recent paper). Prof. Peitz suggested lawmakers should mandate the Commission to ask for data for academic researchers to be able to make more reliable inferences. All of which is surely a good thing for academe, but a long shot for policy.

The problem is information asymmetry: regulators or external researchers just cannot reliably infer intentions from outturns. What would need to be really understood by a regulator is how Amazon designs its recommendation algorithm, what is the role of advertising on the marketplace, and how that interacts with the recommendation process. That is, the essence of the business model. Expecting the regulated company to declaratively deal with the rule is silly without algorithm transparency.

The overall picture is thus that the DMA is a collection of heterogeneous rules filleted from antitrust cases of the past, gatekeepers need to show they comply with those that are most germane to them, and distinguishing what of their pushback is pretextual and what may be more justified is tricky. In Brussels, case selection and prioritization have been historically heavily driven by the agendas of complainants. Complainants can help build serious theories of harm in some cases (Google Android was one such theory, with a good story being imported by Yandex from Russia). Yet businesses which are sometimes of dubious long term value, including some with business models that just aren’t viable going forward, continue to play a major role in driving the agenda. Sometimes this is for the sole purpose of creating not competition, but rather a liability regime on which they can then build a damages claim. Think of comparison shopping, which entirely dominated the Commission’s work on search bias. How much do we care about the comparison shopping industry? Much as I dislike Google’s business model based around surveillance and self preferencing, it’s hard to cheer a regulator for actively pursuing a case for years to protect a business model with uncertain potential.

Or think again of app stores. Developers have multiple causes for unhappiness on the terms and restrictions they face to feature in an app store, which I understand and share. The historic 30% commission involves a major cross subsidy from very few developers to the mass of those paying virtually nothing. What would be a “fair” structure of charges? And how likely is it that an app store owner will proactively come up with a structure that complainants approve of? How can one expect that to work? The question is how rents that are jointly created should be fairly split. A gatekeeper without very clear directions will always be inclined to repurpose the structure of charges to achieve similar overall extraction rates – only from different categories of developers. Who is thinking rationally about these key questions? Access to platforms, even in a common carrier frame, require fair access charges to be set. This is a quintessential regulatory question. “Plutes are gonna plute,” as the saying goes, but regulators must regulate.

3. Academics have turned to fandom instead of critical review

Adding to the noise and the fog is the uncritical support of the academic community to the DMA as the best of all possible worlds. Of course the DMA regime was achieved in record time and it is the first of its kind in the world. Great. That said, academics should be much more critical with their contribution.

I have multiple observations. First, there is in the community at large a widespread sentiment that while all gatekeepers are equally, terminally, indistinguishably bad, complainants are “the good guys” by definition. This may not always be true. Complainants may be motivated by extracting back a greater share of rent from the platform. Which is fine, but they may not care for competition as such. If they could cut a special deal in which they could split monopoly rents alone with the incumbent, they often would. Some want to game the process just as the gatekeepers do, in the other direction: use the regulator to pursue their commercial aims by proxy. I can give multiple examples – this is how the commercial advisory business works. But academics should not be Manichean in their love for complainants under the assumption they are all saintly. Similarly, they should not assume regulators can do no wrong, and cheer every word and tweet with emotive counter-tweets. They must keep their perspective.

Second, for legal academia the DMA is a gift (a new law!) which can provide new material to write about for many years to come. It is a veritable employment charter for academics: papers, symposia, conferences, institutes, and new “centers.” That’s fine, but let’s not pretend this is built on a deep understanding of commercial realities. I often wonder who these discussions of high-level concepts at a philosophical level are aimed at. An academic discussion of the law is insider chatter that really has no bearing on commercial realities. It is not read by gatekeepers, it does not matter outside of its own channels. Yet there is significant posturing that “we are academics, we are pure, therefore our views are true.”

Academic economists are also keen to get involved, but have similarly decided they are en masse on the opposite side of gatekeepers (except those who give them research grants, in which case they don’t disclose but abstain from commenting). Economists should know better about incentives and how it all works. Yet who is thinking about terms for an access regime, for instance? How should extraction of rents on the platform be rightly shared given value jointly created? These would be worthwhile exercises. Who is thinking about disintermediation? Who is thinking about more radical remedies? Who is thinking about dispersion of power? The narrow focus on “here are the DMA rules and they are great” is peculiar. The cheerleading for complainants and regulators is peculiar. Claims that “I have no practical experience and therefore no real practical advice to give to regulators, but I am not taking money from anyone” (something I heard almost verbatim at a European Parliament hearing) are peculiar. Again, perspective please.

4. So what else should matter?

The DMA is a first, and a great deal of earnest effort is going into its implementation. But we don’t know what “success” will look like, even on its own terms. Of course, even a limited set of improvements would be better than the status quo. Godspeed, but let’s be realistic also. The more fundamental point is that the real interesting question is not if we can nibble the gatekeepers at the margin: but whether we can disintermediate them at least in part so that we do not need to rely entirely on a proprietary Web 2.0 that they comprehensively control. Antitrust complaints in the US have at least some prospect of involving divestments and break ups as the eventual remedy – though this will also be a long and inevitably hard fought road. This is not on the cards in Europe through digital markets regulation.

There is intellectual effort in the direction of looking for alternatives to private platforms and advocating for investment in open digital infrastructures involving new public protocols, on which developers can build a variety of applications and citizens can have more agency to determine how their data is used – perhaps allowing for a more democratic digital society. There is a community of policy makers, scholars and philanthropists putting effort into this: from Francesca Bria to Glen Weyl and Audrey Tang (the Digital Minister of Taiwan), Mariana Mazzucato’s group, Frank McCourt of Project Liberty, and many more academics and funders. There have been some initial experiments, although it’s difficult to scale investments to critical mass. Yet there is interest. “India stack” provides an intriguing model for developing countries. Estonia’s remarkable “digital society” is an example closer to Europe, and there are more underway. Let us not just think that regulation and the DMA are the only worthwhile efforts in this space: yes we need to curb abuses of bargaining power by the current gatekeepers, but we will not achieve dispersion of power without deconcentration. So let’s not burn all calories with regulation. Because the effort may take a long time, and even if it succeeds it can only be a partial shift. We need more.