Digital firms are subject to general competition and consumer protection laws applicable to all firms (e.g., the Treaty of the Functioning of the European Union (“TFEU”), European Union Merger Regulation, and General Data Protection Regulation).

The European institutions have adopted two main regulations to govern the conduct of digital firms: the Digital Markets Act (“DMA”) and the Digital Services Act (“DSA”). These regulations form part of the European Commission’s wider “Digital Services Act Package” which aims to “establish a level playing field for businesses” and to “create a safer digital space where the fundamental rights of users are protected.”¹

The DMA marks a paradigm shift in the regulation of digital markets, giving the Commission unprecedented powers to regulate large digital platforms. It formulates a series of behavioral “dos and don’ts” for “gatekeeper” platforms that are inspired by past and current competition cases and that are considered important to protect and enhance competition in digital markets. The DMA entered into force on November 1, 2022 and became applicable on May 2, 2023. The DMA’s behavioral rules will kick-in on March 7, 2024 for gatekeepers that were designated on September 6, 2023.

The DSA, in turn, seeks to improve user safety online and ensure accountability of platforms for content that they transmit, host, or publicly disseminate. It formulates rules for digital intermediaries relating to exemption from liability for content, due diligence obligations, and oversight of content moderation activities.

The DSA entered into force on November 16, 2022. Designated “Very Large Online Platforms” (“VLOPs”) and “Very Large Online Search Engines” (“VLOSEs”) had until August 25, 2023 to comply with the relevant DSA obligations. The DSA’s substantive rules will start applying to all other intermediary service providers during Q1 of 2024.

The DMA formally entered into force on November 1, 2022, and became applicable on May 2, 2023. Firms that triggered the gatekeeper notification requirements notified the Commission of their “Core Platform Services” (“CPSs”) on July 3, 2023. The Commission received notifications from Alphabet, Amazon, Apple, ByteDance, Meta, Microsoft and Samsung.

On September 6, 2023, the Commission designated six gatekeepers and a total of 22 CPSs based on these notifications:

• Alphabet: Google Search, Google Ads, Google Android, Google Play, Google Shopping, Google Maps, Chrome, and YouTube.
• Amazon: Amazon Marketplace and Amazon Ads.
• Apple: App Store, Safari, and iOS.
• ByteDance: TikTok
• Meta: Facebook, Instagram, Meta Ads, WhatsApp, and Messenger
• Microsoft: Windows PC OS and LinkedIn

In addition, the Commission:

• Opened market investigations into four services to assess whether they can be exempted as “important gateways” despite meeting the DMA’s user thresholds. These are: Microsoft’s Bing, Edge, and Microsoft Advertising and Apple’s iMessage. These investigations will last five-months.
• Opened an additional 12-month market investigation into Apple’s iPadOS to assess whether it should be designated despite not meeting the users thresholds.
• Decided to not designate Gmail, Outlook, and Samsung Internet Browser as CPSs despite these services meeting the DMA’s thresholds.

The DMA’s substantive rules will become operational for the designated gatekeepers six months after the designation decisions, on March 7, 2024. The rules on mergers, discussed below in Question 15, entered into force on the date of the designation decisions.

For an overview of the CPS designations, see Annex 1 at the end of this Chapter.

The DSA formally entered into force on November 16, 2022.

Providers of online platforms and search engines were required to publish data on their average monthly active service recipients (i.e., end users and business users) by February 17, 2023.

Based on this publication, on April 25, 2023, the Commission designated the following platforms as VLOPs or VLOSEs:

• VLOPs: Alibaba Aliexpress, Amazon Store, Apple App Store, Booking.com, Facebook, Google Maps, Google Play, Google Shopping, Instagram, LinkedIn, Pinterest, Snapchat, TikTok, Twitter, Wikipedia, YouTube, Zalando.
• VLOSEs: Bing and Google Search.

Firms designated as VLOPs and VLOSEs had until August 25, 2023 to comply with the relevant DSA obligations. The DSA’s substantive rules will start applying to all other online intermediary service providers during Q1 of 2024.

The Commission is the sole authority empowered to enforce the DMA, though private parties may be able to bring actions based on the DMA before civil courts for some of the rules (see Question 16).

Designation process. Firms need to be designated as gatekeepers for the DMA’s rules to become applicable. Only the specific services designated as CPSs are subject to the DMA’s behavioral rules. The process for designation is as follows:

• Gatekeeper notification. If a firm operates one of the CPSs listed in the DMA that meets the quantitative thresholds under Art. 3 (see further Question 5), it must notify the Commission within two months that it falls within the scope of the DMA.² In their gatekeeper notifications, firms can seek to rebut the presumption of gatekeeper status, albeit the DMA says that this would happen only in “exceptional circumstances”. The DMA also explains that the Commission will not consider arguments against designation based on market definition or economic efficiencies.³
• Gatekeeper designation. The Commission must designate a firm as a gatekeeper within forty-five working days after receiving the firm’s gatekeeper notification.⁴
• If a firm has sought to rebut the gatekeeper presumption, but the Commission does not believe the arguments to be “sufficiently substantiated,” it must reject the rebuttal within forty-five working days after receiving the firm’s gatekeeper notification.⁵
• If a firm has sought to rebut the gatekeeper presumption, and the Commission believes the arguments to be “sufficiently substantiated,” it may launch a market investigation within forty-five working days.⁶ The Commission should communicate its preliminary findings within three months and complete the investigation within five months.⁷
• The Commission may also launch a market investigation to determine whether a CPS should be designated despite the service not meeting the quantitative thresholds.⁸ The Commission should communicate its preliminary findings within six months and complete the investigation within twelve months.⁹
• Compliance. Firms will have six months to comply with the DMA’s behavioral rules following the Commission’s designation decision.¹⁰ Within this timeframe, gatekeepers must submit to the Commission an independently audited description of any consumer profiling techniques that it applies to or across its CPSs.¹¹ They should also submit a report describing their compliance with the behavioral rules in Arts. 5-7.¹²

Further specification process. The behavioral rules set forth in Arts. 5 to 7 of the DMA apply directly and are self-executing, without further specification by the Commission.

That said, gatekeepers may request the Commission to engage in a process to determine whether the gatekeeper’s measures comply with the behavioral obligations set out in Arts. 6 and 7 (but not Art. 5).¹³ The Commission has the discretion to decide whether to engage in this process in line with general principles of equal treatment, proportionality, and good administration.

If the Commission wants to specify measures the gatekeeper must implement to comply with Art. 6 or 7, it must first adopt a decision opening formal proceedings.¹⁴ Within six months of this decision, it may then adopt an implementing act specifying the measures that the gatekeeper must implement to be compliant.

This engagement process, however, does not prevent the Commission from adopting a non-compliance decision or imposing fines.

Enforcement process. The Commission may at any stage issue a request for information to a firm, carry out interviews with consenting natural or legal persons, and conduct physical inspections.¹⁵

Where the Commission suspects that a gatekeeper may not be complying with the DMA’s rules, its enforcement practice will likely follow these steps:

• Opening of proceedings. The Commission must adopt a decision opening formal proceedings when it intends to investigate potential non-compliance.¹⁶
• Statement of objections. If the Commission considers adopting a non-compliance decision, it must communicate its preliminary findings to the gatekeeper and set out its proposed remedies in a statement of objections. The Commission may also consult with third parties.¹⁷
• Response to statement of objections and access to file. Gatekeepers will be permitted to respond to the Commission’s preliminary findings.¹⁸ They will also be able to receive access to the Commission’s file (see Question 10).¹⁹
• Non-compliance decision. The Commission must aim to publish a non-compliance decision within twelve months from the opening of proceedings where it considers that a gatekeeper has infringed the DMA’s rules.²⁰ The Commission may impose fines (see Question 11).²¹ The DMA does not set out a timeline for the Commission to adopt a decision finding no violation.
• Response to non-compliance decision. In response to a non-compliance decision, the gatekeeper must explain how it intends to bring the infringement to an end within the deadline specified in the Commission's decision.²²
• Appeal. Commission decisions are subject to appeals before the EU courts by the addressees of those decisions but they do not automatically have suspensory effect (see Question 10).
• Investigations into systematic non-compliance. The Commission may also launch a market investigation to assess whether a gatekeeper engages in systematic non-compliance (i.e., where the Commission has issued at least three non-compliance decisions within a period of eight years). The Commission must communicate its preliminary findings to the gatekeeper within six months (including what remedies it considers may be necessary and proportionate) and conclude the investigation within twelve months.²³ If the Commission finds a gatekeeper to have engaged in systematic non-compliance, the Commission may impose behavioral or structural remedies on the gatekeeper (see Question 11).²⁴

The DMA applies to platforms that operate as gatekeepers between business users and end users and that hold an “entrenched and durable position.”

To be a gatekeeper, a firm must operate at least one CPS in at least three member states. CPSs are defined based on a broad list of services: online intermediation services (e.g., online marketplaces and app stores), search engines, social networks, video-sharing platforms, number-independent interpersonal communication services, operating systems, web browsers, virtual assistants, cloud computing services, and online advertising services.²⁵

If a firm operates a CPS, it will be presumed to be a gatekeeper if it meets three cumulative criteria:²⁶

• Financial threshold. The firm’s group must have an annual EU turnover of at least EUR 7.5 billion in each of the last three financial years or an average market capitalization amounting to at least EUR 75 billion in the last financial year.
• End users and business users. The CPS must have at least 45 million monthly active end users (“MAUs”) established or located in the EU and at least 10,000 annual active business users established in the EU. The DMA’s annex provides a methodology and indicators for calculating MAUs and business users, per CPS category.
• Lasting basis. The quantitative thresholds for end users and business users must be met in each of the last three financial years.

Even if the presumption of gatekeeper status does not apply, the Commission can designate firms offering CPSs as gatekeepers on the basis of qualitative criteria, albeit this is a longer process requiring an up to twelve month market investigation.²⁷ The Commission is currently conducting such a market investigation into Apple iPad OS (set to be completed by September 2024).

The Commission must, under the qualitative designation procedure, establish that the firm in question has a significant impact on the market and operates a CPS that is an important gateway and that enjoys an entrenched and durable position.

The DMA sets out a series of factors that the Commission must take into account, at least in part, to qualitatively designate a gatekeeper.²⁸ Examples include the size and turnover of the firm, CPS user figures, network effects and data-driven advantages, benefits arising from scale and scope, and lock-in effects.

The DMA also allows firms providing CPSs, in exceptional circumstances, to rebut a presumption of gatekeeper status.²⁹ The DMA states that arguments related to market definition or efficiencies will not be taken into account as part of this assessment.³⁰ As discussed in Question 4, the Commission may reject these arguments within forty-five working days after the firm’s gatekeeper notification or launch a market investigation that should take up to five months.³¹ The Commission is currently conducting such market investigations into Bing, Edge, Microsoft Advertising and Apple’s iMessage (set to be completed by February 2024).

Once a firm is designated as a gatekeeper, it must comply with the DMA’s behavioral rules for each of its CPSs that satisfy the quantitative thresholds. In other words, the DMA is not “all in” such that once a firm is designated as a gatekeeper, the DMA’s rules would apply to all its products or services. Rather, only the specific products or services designated as CPSs are subject to the DMA’s rules. This feature of the DMA contrasts with some other digital regulatory regimes, such as Section 19a of the German Competition Act.

The DMA sets out three sets of behavioral obligations with which gatekeepers must comply. The first set of obligations is presented as being “specific” (Art. 5), while the other two are described as being open ended and capable of further specification by the Commission (Arts. 6 and 7). In practice, the difference between these obligations is reasonably minor: all rules appear to apply directly and are self-executing.³²

Some of the DMA’s rules apply to all CPS categories. For example:

• Prohibition on combining or cross-using personal data obtained by a CPS with data obtained by other services without the user’s consent (Art. 5(2)).
• Prohibition on using non-publicly available data of business users of CPSs to compete with the business users (Art. 6(2)).
• Requirement to provide end users of CPSs, free of charge, with the ability to port their data to other platforms (Art. 6(9)).

Other rules apply to specific categories of CPS. For example:

• Requirement to allow end users to uninstall apps from a CPS operating system (Art. 6(3)).
• Requirement to enable users to easily change defaults and to show choice screens on their CPS operating systems for choosing virtual assistants, web browsers and online search engines in certain circumstances (Art. 6(3)).
• Prohibition on CPS search engines, online intermediation platforms, social networking services, virtual assistants, and video sharing platforms to treat first party services more favorably in ranking compared to similar third party services (Art. 6(5)).
• Requirement for CPS operating systems and virtual assistants to give third party service providers and hardware providers, free of charge, interoperability with and access to the same hardware and software features as to the gatekeepers first party products (Art. 6(7)).
• Requirement for CPS online search engines to share anonymized ranking, query, click, and view data with rival search engines on a fair, reasonable, and non-discriminatory basis (Art. 6(11)).
• Requirement to make the basic functionalities of a number-independent interpersonal communications services interoperable with rival services “by providing the necessary technical interfaces or similar solutions that facilitate interoperability” (Art. 7).

For a summary of all the DMA's rules, see Annex 2 at the end of this Chapter.

There are no rules in the DMA regulating the relationship of online platforms and news publishers. In particular, contrary to some demands raised during the legislative process, there are no obligations for platforms to pay news publishers for content that appears on their CPSs.

While some have suggested that Art. 6(12) might require gatekeepers to pay news publishers for the display of content, Members of Parliament that were involved in the negotiation of the DMA’s text have clarified that this is not the case.³³

Not expressly. The Commission does not need to establish the competitive effects of gatekeeper’s conduct in order to establish a breach of the DMA’s behavioral rules. The Commission will, however, need to consider firms’ arguments that the conduct in question either is not covered by the scope of the rule, falls under the narrow grounds for suspension or exemption in Arts. 9 and 10 of the DMA, or is proportionate given the DMA’s overall objectives.

In addition, the DMA is subject to the overall principle of proportionality (see Question 9).

The DMA does not explicitly allow for efficiency justifications and only provides for narrow grounds for suspension or exemption:

• Suspension, if the obligation puts the “viability” of the service at risk “due to exceptional circumstances beyond the control of the gatekeeper,” which is a high bar.³⁴ Suspension may be subject to conditions and obligations defined by the Commission.
• Exemption, on grounds of public health or public security.³⁵

In practice, however, the DMA must be interpreted, applied, and enforced based on the fundamental principle of proportionality.³⁶ The Commission's measures must therefore be appropriate and necessary to achieve the objectives of the DMA. Where there are numerous appropriate measures, the least onerous measures should be used, and the disadvantages of the measures must not be disproportionate to the aims pursued.³⁷

Accordingly, gatekeepers should be able to rely on the principle of proportionality to justify their conduct under the DMA. Proportionality is a general principle of EU law, and it is therefore implied that proportionality has to be considered by the Commission in each individual case.

Finally, several rules explicitly import concepts of fairness, reasonableness, or proportionality, and therefore by implication allows for justification on those grounds. Such rules include:

• Art. 6(3), which carves out the uninstallation obligation for apps that are essential for the operating system or device and are not offered on a standalone basis by third parties;
• Art. 6(5), which refers to fair conditions of ranking;
• Art. 6(7), which refers to necessary and proportionate measures to ensure interoperability while not compromising the integrity of the CPS or its associated hardware and software;
• Art. 6(11), which refers to fair and reasonable conditions of access to search data; and
• Art. 6(12), which refers to fair and reasonable access to app stores, search engines, or social networks.

Ahead of adopting any decision under the DMA (e.g., non-compliance, fines, commitments, suspension, exemption, market investigation), the Commission must inform the gatekeeper of its preliminary findings and measures that it may propose in light of its preliminary findings. The Commission will provide the gatekeeper with a deadline (at least fourteen days) within which it may respond to the Commission’s preliminary findings.³⁸

Gatekeepers are entitled to have access to the Commission’s file subject to the legitimate interests of undertakings in the protection of their business secrets. The right of access does not extend to confidential information and internal documents of the Commission or the NCAs.³⁹

Gatekeepers will be able to appeal the Commission’s decisions under the DMA before the EU courts. The EU courts will conduct a full review of the facts and law underpinning the Commission’s reasoning, and the normal processes can be expected to apply (e.g., there is no bar on private parties adducing new evidence before the EU Courts).⁴⁰

In traditional competition cases, the Commission has enjoyed a margin of discretion when it comes to complex economic assessments, such as market definition and dominance.⁴¹ When it comes to the DMA, however, there is not expected to be such a margin of discretion because the DMA is supposed to avoid complex economic assessments in favor of simple rules.

Appeals before the EU courts will not have automatic suspensive effect unless interim measures are granted. Parties can apply for interim measures. The test for granting such measures is whether the appeal gives rise to a prima facie case and there is urgency because implementing the decision gives rise to a risk of serious and irreparable harm.

Non-compliance with the DMA’s rules can lead to fines of up to 10%ㅡor, in the event of repeated infringements, up to 20%ㅡof annual global turnover.⁴² The Commission may also impose behavioral and structural remedies in the case of systematic infringements (i.e., where the gatekeeper violates the rules at least three times in eight years).⁴³

In instances where there has been a breach of the procedural framework (e.g., failure to provide the Commission with complete and accurate info, including notification for gatekeeper designation), gatekeepers can be fined up to 1% of global annual turnover.⁴⁴

There is no personal or criminal liability under the DMA.

The Commission has the power to issue guidance to assist gatekeepers in the implementation of their obligations under the DMA, but it has not yet done so.⁴⁵

• On April 14, 2023, the Commission adopted the final text of the DMA’s Implementing Regulation setting out the procedural requirements for the form gatekeepers use to notify their CPSs and other procedural elements of the DMA, including time limits, confidentiality, and access to file. The final text was adopted following a public consultation period from December 2022 to January 2023.⁴⁶
• On July 31, 2023, the Commission published for consultation a draft Independent Audit Report. As with the Compliance Report, gatekeepers will have six months following the Commission’s designation decision to submit an Independent Audit Report, in line with the Commission’s template, providing an independently audited description of any consumer profiling techniques that it applies to or across its CPSs (see Question 4).⁴⁷
• On October 9, 2023, the Commission published the final text of:
• The Compliance Report Template. Gatekeepers will have six months following the Commission’s designation decision to submit a Compliance Report, in line with the Commission’s template, describing their compliance with the behavioral rules in Arts. 5-7 (see Question 4).⁴⁸
• The Request for Specification Dialogue Template. Gatekeepers can request to engage in a process with the Commission to determine whether the gatekeeper’s measures comply with the behavioral obligations set out in Arts. 6 and 7 (but not Art. 5). They can make this request by submitting a Request for Specification Dialogue, in line with the Commission’s template (see Question 4).⁴⁹
• The Art. 14 Template. Gatekeepers have had to notify the Commission of virtually all intended mergers and acquisitions since September 6, 2023 by providing all the information requested in the Art. 14 Template (see Question 15).⁵⁰
• The Suspension Request Template. Gatekeepers can request that the Commission suspend compliance with any of the behavioral rules in Arts. 5-7 by submitting a Suspension Request, in line with the Commission’s template.⁵¹
• The Exemption Request Template. Gatekeepers can request to be exempt, in whole or in part, from any of the behavioral rules in Arts. 5-7 by submitting an Exemption Request, in line with the Commission’s template.⁵²

The DMA is principally competition based and many of its behavioral rules have been inspired by previous competition cases. Its rules touch on conduct relating to a range of issues, such as privacy, data usage, and consumer protection issues.

The EU is separately introducing new regimes to tackle other areas of concern in digital markets. The DSA seeks to improve user safety online (particularly in relation to illegal content), transparency, and the accountability of online platforms. The Data Act intends to regulate online platforms’ data practices, provide users and businesses with greater control over their data, and create a harmonized framework for data sharing within the EU.⁵³

Many of the DMA’s rules are inspired by the European Commission’s previous competition decisions or ongoing investigations. For example:

• Apple Pay investigation. The Commission has issued a statement of objections in its investigation into whether Apple has abused its dominance by limiting access to the near-field communication technology used for contactless payments on mobile devices only to Apple Pay.⁵⁴ This investigation inspired the DMA’s interoperability obligation for operating systems and virtual assistants (Art. 6(7)), along with the workgroup server case against Microsoft.
• Apple App Store investigation. The Commission’s initial investigation focused on concerns of Apple mandating the use of its proprietary in-app billing system by app developers on iOS and restricting the ability of iOS app developers to inform users of alternative payment methods outside of apps via anti-steering provisions.⁵⁵ This investigation inspired the DMA’s anti-steering provisions (Arts. 5(4) and 5(5)) and the ban on app stores requiring the use of first party payment systems by app developers (Art. 5(7)). The most recent statement of objections focuses only on Apple’s anti-steering provisions and no longer raises concerns about Apple’s requirements relating to its billing systems (the latter will be covered by the DMA).
• Amazon Marketplace investigation. In December 2022, the Commission accepted commitments by Amazon barring it from using marketplace seller data, and ensuring equal access to “Buy Box” and the “Prime” label. The commitments follow the Commission’s investigation into Amazon’s use of non-public data related to its third party sellers to compete with them as a retailer on its own online marketplace, its criteria for selecting which product offer is placed in the “Buy Box”, and which sellers can list products under Amazon’s “Prime” label on its marketplace.⁵⁷
• Google Shopping decision. The Commission found that Google had abused its dominance by positioning and displaying Google Shopping more prominently than rival comparison shopping services in its general search results pages. The General Court partly upheld the Commission’s ruling.⁵⁸ Google is appealing the decision to the Court of Justice. This decision inspired the DMA’s non-discriminatory ranking obligation (Art. 6(5)).

Art. 14 DMA requires gatekeepers to inform the Commission of all intended mergers and acquisitions “where the merging entities or the target of concentration provide core platform services or any other services in the digital sector or enable the collection of data,” regardless of whether these transactions meet EU merger control thresholds.⁵⁹

In practice, Art. 14 means that gatekeepers should inform the Commission of substantially all of their transactions prior to closing. But the Commission does not need to make a clearance decision under Art. 14 before a gatekeeper can close a deal.

Art. 14 is designed to help the Commission review transactions that fall below the jurisdictional thresholds of the EU Merger Regulation by making it easier for NCAs to create jurisdiction for the Commission through referrals under Art. 22 of the EU Merger Regulation. The Art. 22 route allows the Commission to review transactions that do not meet EU or national merger control thresholds, even post-closing, within strict time limits.

This rule became applicable for Alphabet, Amazon, Apple, ByteDance, Meta, and Microsoft on September 6, 2023.

EU law provides for the ability of parties to invoke EU regulations before national courts if the rules in question are sufficiently precise and unconditional and confer rights to individuals.⁶⁰ At least some, but not necessarily all, of the DMA’s behavioral rules may meet these conditions. The DMA, accordingly, formulates rules for “proceedings for the application” of the DMA before national courts (e.g., the right of the national court to ask the Commission for an opinion, the obligation to transmit judgments, and the right of the Commission to intervene in such proceedings).⁶¹

National courts will, however, not have the power to impose fines or to designate gatekeepers, which will be reserved for the Commission.

Behavioral rules susceptible to private litigation might include rules listed under Art. 5. By contrast, it is more questionable whether the rules under Art. 6 and 7 are sufficiently precise for private litigation because the DMA recognizes that these rules require further specification.

The recent Court of Justice judgment in DB Station & Service AG may have implications for private enforcement of secondary EU legislation such as the DMA.⁶² On one reading, the judgment suggests that before a private action could be taken, there needs to be a decision of the competent sectoral regulator. The consequences of this judgment are still being assessed.

As the Commission will be the sole enforcer of the DMA, national competition authorities (“NCAs”) will not be able to adopt gatekeeper designation or infringement decisions under the DMA. However, the DMA provides for NCA involvement in supporting enforcement and investigating potential DMA infringements. In particular:

• The Commission may consult NCAs on any aspect of the DMA.⁶³
• The Commission will have the ability to ask NCAs to support its market investigations under the DMA.⁶⁴
• NCAs may investigate cases of potential non-compliance under Arts. 5, 6, and 7 of the DMA in their own territories provided that Commission is not investigating the same conduct.⁶⁵
• NCAs will be competent to hear complaints by third parties about non-compliance with the DMA.⁶⁶
• Once a gatekeeper informs the Commission of an intended acquisition under Art. 14(1) (see Question 15), the Commission must share that information with NCAs.⁶⁷ NCAs may then request the Commission to analyze the concentration under Art. 22 of the EU Merger Regulation.⁶⁸

While the DMA does not set out a specific complaint handling procedure, third parties may inform the Commission or NCAs about any conduct that may infringe the DMA. The Commission and NCAs retain full discretion to decide whether or not to investigate the conduct in question.⁶⁹

The DMA also provides for third party involvement at various stages of the enforcement process. In particular:

• Third parties may provide comments ahead of the Commission adopting any specifying measures that the gatekeeper must implement to comply effectively with specific Art. 6 or 7 obligations.⁷⁰
• Third parties may be consulted before the Commission implements a non-compliance decision.⁷¹
• Third parties may provide comments prior to the Commission adopting any commitments to address non-compliance.⁷²
• The Commission may consult third parties during a market investigation into whether to expand the list of CPSs or gatekeeper obligations.⁷³
• Third parties may provide comments ahead of the Commission adopting an implementing act.⁷⁴

Forthcoming implementing legislation may specify the position of complainants and interested third parties in more detail.

Yes, the Commission may conduct a market investigation to examine whether other services in the digital sector should be added to the list of CPSs or whether new obligations should be included in the DMA. The Commission must aim to publish a report outlining the findings of its investigation within eighteen months from the opening of the investigation. It may then make a legislative proposal to the European Parliament and Council to add further CPSs or new obligations to the DMA.⁷⁵