Once again, FOSDEM did not disappoint! Meeting the Free Software community in Brussels is always one of the best moments of the year! And just before we meet again to celebrate I Love Free Software Day with the news of the Interoperable Europe Act being adopted! This newsletter also includes our first interviews with 2023 Youth Hacking 4 Freedom participants… and more!
Digital Markets Act
Device Neutrality is the policy concept to regulate monopoly over devices and re-establish end-user control over their digital equipment. The Digital Markets Act (DMA) regulates the economic activity of large digital platforms and introduces Device Neutrality into EU legislation, fostering access to Free Software in devices.
Table of contents
- Market monopolisation and end-users' rights
- Digital Markets Act: an overview
- DMA and concerns for Free Software
- Help making Device Neutrality a Reality!
Market monopolisation and end-users' rights
The monopolistic power of large tech corporations causes distortions in digital markets. This negatively affects end-users’ rights and control over devices. Users' freedoms relating to Free Software depend on a political and economic environment in which they can exercise their free choice when using their devices without being stuck in closed environments under control of gatekeepers.
Device Neutrality is a policy concept aimed to deal with unbalanced power over digital devices. Free Software has a central role to re-establish fair competition and market dynamics that are more favourable to end-users. In this page we will learn how digital markets can benefit from strict rules for regulating the economic activity of companies with such power. The Digital Markets Act (DMA) is an example of such regulation. With proper enforcement, the law has the potential to facilitate access to Free Software in devices.
Device Neutrality translates in the DMA as stricter consent rules for pre-installed apps, safeguards against vendor lock-in, and data interoperability. Such regulatory elements represent powerful mechanisms to safeguard better access and usage of Free Sofware in devices by end-users. Nevertheless, the enforcement of these rules holds challenges for the practical implementation of Device Neutrality principles, and ultimate attainment of Device Neutrality.
Digital Markets Act: an overview
The Digital Markets Act (DMA) - Regulation (EU) 2022/1925 - regulates the economic activity of large digital platforms that act as "gatekeepers" in an attempt to create a fairer and more competitive market for online platforms in the EU. The DMA is an important advance, setting up several anti-monopoly obligations that impact software freedom, interoperability, and control over personal data. The three principal elements of the DMA are the designation of gatekeepers, the list of dos and don'ts, and the enforcement mechanisms.
Who are the gatekeepers
The scope of the DMA does not cover all digital services in the markets, but only those qualifying as "core platform services" (CPSs) listed in Art. 2(2). These include online intermediation services, search engines, social networks, video sharing platforms, messaging apps, operating systems, web browsers, virtual assistants, cloud computing services, and online advertising.
The DMA constitutes asymmetric regulation. Its obligations do not apply to all tech companies, but only to those providers which have been designated as gatekeepers. Such designation is done by the European Commission based on a cumulative "three criteria test" listed in Art.3(1): Gatekeepers are those companies with "significant impact on the EU internal market", which "control an important gateway for business users to reach end-users", and enjoy an "entrenched and durable position in the market". The DMA presumes the criteria are met when the company is extremely large with an average market capitalisation of ≥ EUR 75 billion and more than 45 million monthly active end-users.
Device Neutrality rules in the DMA
DMA is an economic regulatory tool, not consumer protection legislation. But many of its rules directly and indirectly affect end-users. The DMA seeks to balance the power of gatekeepers in digital markets by protecting end-users from monopolistic practices and promoting fair competition among market players. For Device Neutrality, this means that end-users should be able to bypass gatekeepers and have the right to access alternative routes to the markets, so they can enjoy products and services not dominated by gatekeepers (e.g. installing Free Software on their devices). In other words, gatekeepers should not restrict business and individual end-users from accessing rival routes to market for content, software, and other digital services.
The DMA presents a list of "hard" and "soft" obligations for each of the gatekeeper’s core platform services that are designated by the Commission in Arts. 5-7, coupled with corrective mechanisms in Arts. 8-13. These include several provisions related to Device Neutrality.
In relation to software freedom, gatekeepers are required to allow end-users to uninstall any pre-installed software in devices (Art. 6(3)), as well as to enable the installation and use of third-party apps or apps stores on devices (Art. 6 (4)).
The DMA includes several provisions to enhance the protection against vendor lock-in. Gatekeepers cannot prohibit app developers to set different prices and conditions for their apps in alternative stores (e.g. F-Droid) (Art. 5(3)). Gatekeepers cannot make software developers and end-users register or sign in for a service or app as a condition for access to their or another gatekeeper's service or app (Art. 5(7)). Besides, they should allow end-users to access and use third-party apps, content, subscriptions, features, or other functionalities (Art. 5(5)). Finally, Gatekeepers cannot restrict the ability of end-users to switch between and subscribe to different apps and services that are accessed via the operating system or apps store (Art. 6(6)).
Interoperability and control over data is also contemplated as an important factor against lock-in. Gatekeepers should provide the same hardware and software features accessed or controlled via the operating system to third-party developers (Art. 6(7). This includes data interoperability (also called real-time data portability (Art. 6(9) and interoperability among messaging apps (Art. 7).
The DMA represents a new attitude towards platform regulation. It is a hybrid form of competition and telecommunications law, whereby a designated authority identifies who will fall under the scope of the regulation. However, unlike telecom law, which requires action by national regulatory authorities, enforcement is centralized in the European Commission. The Commission can investigate (Art. 16) whether a company should be designated as a gatekeeper and its compliance, as well as update the list of obligations. The Commission can also impose fines up to 10% of the gatekeeper's yearly turnover or periodic penalty payments up to 5% of the average daily worldwide turnover (Arts. 30-31).
End-users, competitors and other organisations can collaborate in the enforcement of the DMA by informing national regulatory authorities about illegal practices by gatekeepers. The regulators can communicate to the Commission to start proceedings.
DMA's implementation and Free Software
Users' freedoms relating to Free Software depend on a political and economic environment in which they can exercise their free choice when using their devices without being stuck in closed environments under control of gatekeepers. Digital markets can benefit with the DMA regulating the commercial practices of large platforms, forcing them to facilitate access to Free Software in devices. Nevertheless, the DMA still falls short in some aspects involving Open Standards, the pressure gatekeepers can exercise over decision makers, and complex digital enviroments.
Open Standards are missing
In the legislative process, the FSFE urged the inclusion of clear language mandating the adoption of Open Standards for the interoperability obligations, which was not done in the final version of the law. Instead, the DMA mentions "free and effective interoperability" (Art. 6(7)) regarding hardware and software features that can be accessed/controlled via an operating system by third parties, as well as "fair, reasonable and non-discriminatory access conditions" to apps stores, search engines, and operating systems. The solution adopted may allow gatekeepers to implement proprietary standards and restrictive access to APIs that are incompatible with Free Software. This was a lost chance to leverage competition with accessible and non-discriminatory technical specifications. Open Standards remain an important element for innovation by allowing market actors to innovate on top of technical standards.
Security concerns vs commercial interests
Another source of concern relates to how the law allows gatekeepers to limit interoperability for the sake of integrity and security of the gatekeepers' services or devices (Art. 6 (3) and (7)). Our experience demonstrates that companies have been claiming security concerns to limit users' rights and software freedom even in the absence of empirical evidence of such risks for the integrity of the devices. Instead, commercial interests are the main drive to pursue such restrictive practices. This provision in the DMA has the potential to hinder compliance or even, in a worse case, strength or consolidate the gatekeepers' entrenched position in the market.
The procedural enforcement efforts also raise questions regarding achieving real and effective Device Neutrality. The DMA encompasses the regulation of several complex layers of devices, as operating systems, browsers, and apps stores, as well as interoperability and data portability. Similarly to telecommunications law, such measures would require further specification and further regulatory efforts for practical implementation. As our experience has shown with Router Freedom in the EU, although the related telecom rules were much simpler to implement, even so they have been taking years to be properly applied by national regulators. Therefore, not only the lobbying power of such platforms, the allowances the law makes towards "security and integrity", and the absence of clear language mandating Open Standards, but also market pressure can relativize the enforcement priorities of the Commission and other policymaking bodies.
Help making Device Neutrality a reality!
The FSFE has extensive experience in monitoring compliance with telecommunications and internet legislation, working together with the commission in antitrust cases, as well as with national regulatory bodies. We will continue to dedicate efforts in the process of enforcing the DMA and making Device Neutrality a reality in the EU. For that, we count on your support for our work with a donation. Get active and help us empower you to regain control over your devices!