This article first appeared in The Edge Malaysia Weekly on April 4, 2022 - April 10, 2022

FOR years now, the most serious threat to dominant Big Tech companies has been regulation, rather than competition from upstarts. Last week, the European Union (EU) finally agreed on a landmark legislation to regulate “digital gatekeeper platforms” including search engine behemoth Google’s holding company Alphabet Inc, social media giant Facebook’s owner Meta Platforms Inc, as well as e-commerce supremo Amazon.com and iPhone maker Apple Inc. On March 24, the continent’s governing bodies — the European Commission, European Parliament and the 27 member states — agreed on the final text of the Digital Markets Act (DMA) that they had been negotiating for nearly two years. Approval by the European Parliament in late June is now seen as a mere formality. The new law will be formally adopted in October and take effect next year. Top US-based global tech platforms are expected to appeal to stall its immediate implementation.

Yet, even with the court-mandated delays in implementation, it is clear that the groundbreaking European regulation will change the global tech platforms forever. For one thing, it will now be harder for the big platforms to do large acquisitions like Ama­zon’s recent purchase of Hollywood movie studio MGM, Google’s acquisition of YouTube or Facebook’s purchase of WhatsApp or Instagram. For another, they will no longer be able to leverage data to dramatically expand their current business lines or thwart emerging competitors the way Facebook tried to stop the growth of Snapchat’s owner Snap Inc. And while the new legislation won’t break up Big Tech as many detractors want, it will definitely break open Big Tech platforms and allow smaller, nimble players to compete effectively on a more level playing field.

The key aim of the DMA is to regulate “contestable and fair markets” in the digital sector, says socialist Danish politician and European Commission vice-president and digital chief Margrethe Vestager, who helped shepherd Europe’s response to the growing power of Big Tech.

Europeans will no longer be forced to use Google as their only search engine, WhatsApp as their messaging platform or Instagram as their primary social media platform just because they are the most popular. “There are major providers who have an enormous amount of users and use that as an advantage of the service,” Czech member of the European Parliament Marcel Kolaja told journalists last week. “So citizens don’t necessarily join the service because they think it’s the best but because it is the most used and where they find most of their friends or business partners.”

The new European rules will have a huge global impact. Because the internet is essentially an interconnection of disparate global networks, the rules that one country, or for that matter a group of countries like the EU, applies to the use of its network will eventually have an effect on every country in the world that is connected to the global network. European regulators are aware of the impact their regulations have on the rest of the world. You might recall that about four years ago, in May 2018, Europe began implementing its privacy-protecting General Data Protection Regulation (GDPR). American and Asian companies that did business with Europe or had European customers were forced to comply with these rules.

The DMA will not just rein in “gatekeepers” like Amazon, Apple and the owners of Google and Facebook but indeed any tech platform with €7.5 billion (US$8.37 billion, or RM35.2 billion) in annual revenues and a market capitalisation of €75 billion. To be classified as a “digital gatekeeper”, tech firms should have least 45 million active monthly end-users in Europe and 10,000 yearly business users. The negotiations over the DMA dragged on for months, with governments sharply divided on what should be included and what should be left out.

Member states of the EU squabbled over what constituted a digital platform. At the last minute, EU included web browsers and voice assistants to the definition of “core platform services” but excluded connected TVs, like those from Roku, from the scope of the act. Non-compliance of DMA rules would lead to a maximum fine of up to 20% of the offending digital gatekeeper’s worldwide revenue in cases of repeated infringements. Amazon last year had sales of US$469 billion. If the EU finds Amazon isn’t complying with its rules, it could impose a US$93.8 billion fine on the e-commerce giant.

It’s not just the hefty fine that’s a problem. The onus will be solely on the global tech platforms to prove that they are innocent and were not deliberately hampering competition, rather than the European regulators laying out their case that the tech giants have unfair business models and proving it in a court of law as the US Department of Justice was forced to do in its anti-trust case against Microsoft Corp in 2001. Back then, DoJ took Microsoft to court for illegally maintaining its monopoly position in the global personal computer (PC) market primarily through the legal and technical restrictions it had put on the ability of PC makers and users to uninstall its Internet Explorer web browser and use other browsers such as Netscape.

Although the US is pursuing its own anti-trust cases against Google, Facebook, Amazon and Apple, Washington has cried foul against the new European law. US Commerce Secretary Gina Raimondo recently urged the EU not to “discriminate” against US firms and “ensure that European and other foreign competitors” of US tech platforms are also covered by the new law. “It is important that regulatory efforts on either side of the Atlantic do not create unintended adverse consequences, such as inadvertent cybersecurity risks or harms to technological innovation,” a recent US government paper on Europe’s DMA noted. US officials have said the EU deliberately increased the market cap and revenue thresholds of companies that need to comply with the DMA to protect the continent’s own firms. European legislators and regulators have maintained that a key aim of the DMA is to boost the European economy and protect the rights of European consumers and investors.

So, who will be hurt the most, and how? The DMA will prevent Amazon from using the information it sees about third party transactions on its service to offer its own private-label products. The DMA’s “self-preferencing” prohibitions will also prevent Google from prioritising its own shopping service in search results. The act will force Apple’s iOS and Google’s Android mobile operating systems to allow smartphone and tablet users to uninstall any preloaded apps, including the original app stores themselves. Once the law is enforced, you could have not just the Apple’s App Store on your iPhone but also other competing app stores, just as your Android phone could have Apple’s App Store and a host of other stores. It would be akin to having a dozen unwieldy app malls on your smartphone instead of a single curated department store.

Within the app stores, app developers would no longer be forced to use Apple Pay or Google Pay systems and identity functions, but will be able to “sideload” their products and avoid the platforms’ high fees. Sideloading is a process that allows for the distribution of apps outside closed systems, such as Apple’s App Store. The new European digital rules will force platforms like Google to provide advertisers and publishers access to the price-setting conditions and algorithms that it uses, in addition to the European Commission’s original access obligation related to advertising portfolio. That will go some way into breaking Google’s ad and adtech monopoly, which allows it to set prices and rig ad auctions to its advantage.

The DMA will also force platforms such as Amazon to allow firms that sell on its e-commerce platform access to all the data they create there, including to analytics about their products. The new European digital law will also compel platforms that target advertising using personal data to obtain “explicit consent” from customers.  Apple has already been forcing Facebook and others to obtain such consent but the DMA will make seeking such consent mandatory for any platform that gathers personal data for targeted ads.

Apple may have a good chance of skirting the rules on sideloading, if it makes enough concessions on other aspects of the App Store, including payments and its 15% to 30% in-app purchase fees. Washington has raised strong concerns about the DMA’s impact on “security”, noting that certain obligations could create vulnerabilities online, citing the practice of “sideloading”. For its part, Apple says the act will undermine its security and allow malicious actors to take advantage of sideloading. Apple CEO Tim Cook said last year that the DMA’s prohibition on sideloading restrictions would “destroy the security of iPhone” and allow users to be “tricked and coerced into downloading apps from third-party app stores by bad actors using copy-cat apps and other methods”. Cook noted that governments and international agencies around the world “have explicitly advised against sideloading requirements, which would cripple the privacy and security protections that users have come to expect”.

The biggest impact of the DMA will likely be on the two major messaging platforms — Apple’s iMessage, by far the leader in North America, and its main competitor, Meta Platforms’ WhatsApp, which is a big player outside America. Facebook acquired WhatsApp for US$19 billion in 2014. The DMA will force messaging apps such as WhatsApp to allow interconnection with other messaging services, just like the way email interconnects across different services. Right now, you can send me an email on my Hotmail account using your Google Gmail account. I normally use my Apple iMessage to send messages to family, friends and even business contacts in North America. But with my friends in Asia, I am currently forced to use WhatsApp because many do not have an Apple device.

From next year, WhatsApp and iMessage users would be able to contact people using other messaging services, such as Signal or Telegram and Signal users would be able to send messages to a WhatsApp user. Still, messaging platform interoperability will be limited to competitors for one-to-one conversations between users and not for group chats, at least for another four years. So, if you have a WhatsApp chat group, you will be able to chat with me on iMessage as soon as the DMA becomes law but won’t be able to invite me to join your chat group for at least four more years. Similarly, there is the problem of interoperability between social media platforms like say Instagram, Snap and Pinterest. But forced interoperability is only likely to make messaging less secure.

Two big ideas currently hold sway among European regulators, notes prominent tech blogger Casey Newton. “One is that it should be easier to compete with tech giants, and that a good way to accomplish this is to force their services to play nicely with others,” he says. The other, he adds, is that users’ data privacy is of paramount concern, and any data sharing between corporations is to be treated with the utmost suspicion. Unfortunately, the two ideas are contradictory. Because EU regulators want to charge ahead with their rules, the future of end-to-end encryption hangs in the balance.

If the DMA was implemented, messaging on WhatsApp and iMessage will not be secure at all. “The ability to communicate privately in a world of ubiquitous expanding surveillance and data retention is of real, practical importance to almost all of us,” notes blogger Newton. “Europe’s simultaneous push for increased competition and maximum user privacy feels like a clear case of one hand not knowing what the other is doing. Any solution that materialises may open up worrisome new vulnerabilities around privacy, misinformation, hate speech and other danger zones.”

Big Tech needed to be regulated. But Europe’s new DMA may be a clear case of regulatory overreach and might open a can of worms with messaging systems that are clearly not secure because they are forced to operate with each other. The world needs more secure messaging systems rather than interoperability.

Assif Shameen is a technology writer based in North America

Save by subscribing to us for your print and/or digital copy.

P/S: The Edge is also available on Apple's AppStore and Androids' Google Play.