On 25 May, EACA participated in the “ReThink Digital Summit” organised in collaboration with the European Commission. The summit discussed the Digital Services Act (DSA) and a Digital Markets Act (DMA), presented by the European Commission on 15 December 2020. The DSA aims to make online platforms more accountable for the content published on them. The rules set out in the DMA, f adopted, will enshrine in EU law a set of ex-ante rules that will radically change how gatekeeper platforms operate.
The draft DMA designates “gatekeepers” as entities that: (i) have a significant impact on the EU internal market; (ii) operate one or more critical gateways for customers; and (iii) enjoy or are expected to enjoy an established and stable position in their operations (Article 3).
According to Articles 12 and 13 of the DMA, gatekeepers must inform the Commission if another provider of a ‘basic platform service’ or any other service provided in the digital domain is involved; they must also, on an annual basis, submit to the Commission an independently verified description of all techniques used for consumer profiling. The gatekeeper designation process proposed in the draft DMA has been criticised. There has been criticism regarding the potential risk that such a process based on quantitative criteria could capture platforms that meet the quantitative thresholds due to their size but do not act as gatekeepers. Moreover, as the gatekeeper concept is a new concept enshrined in EU law, commentators propose to improve legal predictability through the adoption of guidelines on how to use and assess the proposed indicators.
In addition, the DMA imposes several obligations to reduce gatekeepers’ exclusive control over the data they collect. However, the exact scope and implementation of the rules on data portability, data sharing and interoperability is not further specified. In this context, a possible solution, implementing an alternative to data portability, was proposed, granting individuals ‘in situ rights to access end-user data’. In this scenario, rather than transferring individual data from the gatekeeper to another business user, the business user could run third-party algorithms on the data residing on the gatekeeper’s server without direct access to the individual data.