Kirkland Alert

EU Proposes Rules for Big Tech “Gatekeepers”

On 15 December 2020, the European Commission (“Commission”) published the draft Digital Markets Act (“DMA”) which would introduce ex ante rules for platforms acting as digital “gatekeepers”.1 The DMA would allow the Commission to impose hefty fines for non-compliance and introduce behavioral and structural remedies (including break-ups) for “systematic non-compliance” of the new rules.

Who qualifies as “gatekeepers”?

The DMA will apply to businesses who meet all of the following criteria:

  1. Companies who control at least one “core platform service” which means:

    • E-commerce market places and price-comparison websites;
    • Online search engines; 
    • Social networks; 
    • Video sharing platforms; 
    • Non-traditional electronic communication services; 
    • Operating systems; 
    • Cloud services; and 
    • Advertising services. 
    This broad definition will capture all the main types of platforms that consumers and businesses use every day, including for B2B and/or B2C services, online searches, social media, and personal communications.
  2. The core platform provider must also have a significant impact in the EEA market. This is presumed if:

    • the company achieved annual EEA turnover of at least €6.5 billion (~$7.9 billion) in its last three financial years, or where its average market capitalization or equivalent fair market value amounted to at least €65 billion (~$79.5 billion) in the last financial year; and
    • it provides a core platform service in at least three EU Member States.
  3. The company must also operate a core platform service that serves as an important gateway for business users to reach end users. This is presumed to be the case where the core service platform provider has more than 45 million monthly active EU end users and had more than 10,000 yearly active EU business users in its last financial year.
  4. The core platform provider must hold or be expected to hold an entrenched and durable position in their operation. This is presumed where the company meets the two previous criteria in each of last three financial years.

If the above quantitative criteria are met, the company will be presumed to be a gatekeeper under the DMA, unless it submits arguments that demonstrate the contrary, i.e., the presumption is rebuttable. Even if these criteria are not met, the Commission may still designate core platform service providers as gatekeepers based on an overall qualitative assessment, taking into account factors such as: company size, number of business/end users, entry barriers, scale effects and user lock-in.

To-date the Commission has sought to use its antitrust enforcement powers against a number of platforms, in particular the law which prohibits the abuse of a dominant market position. The DMA, however, does not require a company to be dominant in order to be classified as a gatekeeper.

The Commission will review at least every two years whether designated gatekeepers continue to satisfy the relevant criteria and may also adjust the list of core platform services of gatekeepers.

What are the proposed gatekeeper rules?

The main obligations that will apply to companies within six months after being designated a gatekeeper are summarized below.


  • Interoperability: Gatekeepers need to allow third parties to interoperate with the gatekeeper’s services (e.g., through allowing third party apps and app stores to be installed)
  • Data access/portability: Give business users access to the data generated by their activities on the gatekeeper’s platform
  • Transparency for advertisers and publishers: Give advertisers on the gatekeeper platform access to the performance measuring tools and other relevant information allowing the advertiser to verify performance
  • Price transparency: Provide advertisers and content publishers information on price paid by the advertiser and remuneration paid to the publisher


  • No self-preferencing: Gatekeepers cannot give preference to their own products and services in search result rankings
  • No misuse of business data: Gatekeepers cannot use non-public data obtained from business users to compete with them
  • Collection of data: Gatekeepers cannot combine personal data sourced from their platform with that from other services offered by the gatekeeper 
  • Impose MFN clauses: Gatekeepers cannot prevent business users from promoting, contracting or offering better prices or conditions via other channels
  • Bundling: Gatekeepers cannot require users to subscribe or register to other core platform services as a condition to access the gatekeeper platform
  • Uninstall software: No blocking of users for un-installing pre-installed software or apps
  • Switching: Gatekeepers may not technically restrict the ability of end users to switch/subscribe to different software applications

There are two types of obligations:

  • those that apply outright where the Commission would ensure compliance via sanctions;
  • other obligations for which the Commission would ensure compliance by specifying implementation measures in dialogue with the gatekeeper (in addition to sanctions). Such obligations include self-preferencing and the misuse of business data.

Obligations with regard to merger control

With regard to mergers, the DMA proposes that gatekeepers will be required to inform the Commission of all acquisitions of businesses providing services in the “digital sector” (irrespective of whether the transaction is notifiable under EU or national rules).

Market investigations

The DMA gives the Commission the power to carry out market investigations. During the public consultation phase the Commission had considered a potentially far-reaching market investigation tool (the “New Competition Tool”) modelled after the UK market investigation regime. However, following internal push-back and stakeholder criticism, the market investigation tool has been limited in scope. It will now only allow the Commission to do the following:

  • Identify gatekeepers that are not be captured by the quantitative criteria set out above, or that have presented submissions rebutting the presumption based on these thresholds;
  • Identify whether other services within the digital sector should be added to the list of core platform services, or whether new practices appear that may not be effectively addressed under the DMA;
  • Design additional remedies if a gatekeeper has systematically infringed the rules of the DMA.

Given the “need for speed” in the digital space, the Commission intends to conclude its market investigations within 12-24 months from opening the investigation. This is fast relative to the time the Commission usually requires for antitrust investigations, which typically take several years.

Enforcement powers

Investigative powers/sanctions. If adopted, the Commission will have wide investigative powers under the DMA similar to those under the existing EU antitrust regime. The Commission could issue information requests and demand access to databases and algorithms, conduct interviews and carry out on-site inspections. In case of non-compliance with the gatekeeper’s DMA obligations, the Commission would be able to impose fines of up to 10% of the gatekeeper’s total global revenue. If the gatekeeper is systematically non-compliant, i.e., at least three non-compliance or fining decisions have been issued in the last five years, the Commission could impose behavioral or structural remedies, including divestitures or break-ups. However, Executive Vice President Margrethe Vestager has said that breaking up a company would only be considered as a “last resort”.

Appeal. Gatekeepers would be able to appeal the Commission’s enforcement decisions under the DMA to the European Court of Justice, the EU’s highest court.

Damages. Private damages multiply the potential financial risk for gatekeepers, as the DMA would be directly enforceable in national courts.


After several years of intensive debate, the Commission has presented a first legislative proposal to regulate the conduct of large platform providers. As a next step, the Commission’s proposal will have to go through the ordinary legislative process, which is expected to take between 18-24 months. We expect intense debate going forward given the wide variety of views and different policy perspectives in the EU Parliament and from Member States’ governments. So far there has been very active engagement from many stakeholders putting forward strong views on either side of the argument. There have also been two negative opinions from the Regulatory Scrutiny Board (an independent body within the Commission assessing initiatives at early stages of the legislative process) which in fact led to a delay in publishing the draft DMA. In particular, we expect that the gatekeeper definition will be subject to further debate as it captures not only large US tech players, but is likely to capture some European tech companies as well. Also, the DMA would impose harmonised rules across the EU, which would mean that Member States (e.g., Germany) may have to amend or drop their own legislative proposals. If the proposals survive scrutiny, however, and are adopted, this significantly increases the Commission’s leverage against big tech, given the potential for heavy and even intrusive sanctions under the DMA, alongside the existing antitrust enforcement kit.

1. The DMA was presented together with the Digital Services Act (“DSA”) which seeks to update the e-Commerce Directive and modernize the EU’s framework for digital services.
This communication is distributed with the understanding that the author, publisher and distributor of this communication are not rendering legal, accounting, or other professional advice or opinions on specific facts or matters and, accordingly, assume no liability whatsoever in connection with its use. Pursuant to applicable rules of professional conduct, this communication may constitute Attorney Advertising.