What is the Digital Markets Act (DMA)?

DMA and the flag of the european union displayed on a modern laptop.DMA or Digital Markets Act concept.

The Digital Markets Act (DMA) is a European regulation designed to protect user privacy, foster fair competition, and promote transparency and innovation in the digital sector. It targets six major tech companies known as “gatekeepers” and imposes specific obligations on them to level the playing field for smaller businesses.

These obligations include ensuring interoperability, avoiding discrimination, facilitating data access, and promoting transparency. Third-party companies using gatekeepers’ platforms must also comply with DMA requirements, primarily concerning user data consent. Tools like Conzent CMP can aid in achieving and maintaining compliance by managing and signaling user consent effectively.

Get a Free Cookie Banner now

Why wait when its free? It makes absolutely no sense to wait following the law.
It doesn't matter if your are in the US, Europe or anywhere else.
Be compliant in minutes

Five Key Takeaways:

  1. DMA Purpose
    The DMA aims to protect user privacy and ensure fair competition and transparency within the digital marketplace.
  2. Enforcement Date
    The DMA will be enforced starting March 6, 2024.
  3. Designated Gatekeepers
    Six tech giants have been designated as gatekeepers: Alphabet, Amazon, Apple, ByteDance, Meta, and Microsoft.
  4. Gatekeeper Obligations
    These companies must ensure interoperability, avoid discrimination, facilitate data access, promote transparency, regulate profiling, and obtain explicit user consent for data collection.
  5. Compliance Tools
    Tools like Conzent CMP help businesses comply with DMA requirements by efficiently managing user consent and signaling it to gatekeepers, thus ensuring smooth operations and compliance.

DMA is a European regulation aimed at safeguarding user privacy while promoting fair competition, transparency, and innovation within the digital marketplace.

Get Ready for DMA with GDPR & ePrivacy Compliance
Understanding and achieving data privacy compliance can be streamlined when using GDPR and ePrivacy compliant user consent collection and signaling tools.

Introduction to the Digital Markets Act

The Digital Markets Act was introduced by the European Commission (EC) and will be enforced starting on March 6, 2024. This legislation is crafted to safeguard online data privacy for users while fostering fair competition among businesses operating within the EU and/or EEA.

Under the DMA, the European Commission has identified six tech giants as gatekeepers. These companies have particular operational and compliance obligations. The regulation also extends to third-party businesses that use the platforms and services of these gatekeepers, such as those involved in advertising.

Companies Impacted by the Digital Markets Act

Currently, five of the most prominent gatekeepers are based in the US, and one is from China. These companies wield significant influence and have large user bases, impacting both consumers and digital businesses.

The six designated gatekeepers are:

  • Alphabet (Google and Android)
  • Amazon
  • Apple
  • ByteDance (TikTok)
  • Meta (Facebook, Instagram, WhatsApp)
  • Microsoft (LinkedIn)

The DMA specifies core platform services (CPS) provided by these gatekeepers, which include:

  • Intermediary platforms like Amazon Marketplace and Google Play
  • Social networks such as Facebook and Instagram
  • Online advertising services by Amazon, Google, and Meta
  • Popular operating systems like Android, iOS, and Windows
  • Web browsers such as Chrome and Safari
  • Communication services including Facebook Messenger and WhatsApp
  • A video-sharing platform (YouTube)
  • A search engine (Google)

This list of CPS may expand as additional companies and platforms are considered

Preparing for DMA Compliance with Conzent CMP

Adopt Conzent CMP on your business website to align yourself with DMA regulations. Our free for life plan can help you understand and maintain compliance quickly.

Responsibilities of Gatekeepers under the DMA

The DMA’s primary goal is to enhance competition by leveling the playing field for smaller third-party companies. Major requirements for gatekeepers include:

  • Ensuring interoperability
  • Avoiding discrimination
  • Facilitating data access and portability
  • Promoting transparency
  • Regulating profiling
  • Gatekeepers must open up their platforms to equal access for third parties, obtain explicit user consent before data collection, and allow users to transfer their data easily. They are also expected to permit users to uninstall pre-installed apps and functions.

Responsibilities of Smaller Companies under the DMA

Smaller companies utilizing gatekeepers’ services must ensure compliance with the DMA, primarily through obtaining valid user consent before collecting personal data. These companies often need to signal this consent to gatekeepers, ensuring continuous access to their platforms.

Conzent CMP™ offers a seamless way to manage user consent, securely store it, and signal it to gatekeepers.

Benefits of the Digital Markets Act

The DMA offers numerous benefits, aimed at diverse stakeholders:

For Technology Startups and SMEs

  • Greater opportunities for innovation and fair competition
  • More equitable terms that encourage development and growth
  • For Businesses on Gatekeepers’ Platforms:
  • Fairer business environments
  • Enhanced access to data and audiences for growth

For Online Consumers

  • Access to better-targeted services
  • Enhanced privacy rights and data protections
  • More control over platform usage at fair prices

For Designated Gatekeepers

  • Opportunity to maintain their reach while still complying with privacy regulations
  • Potential to enhance brand reputation through transparent data practices
  • Leveraging Conzent CMP for DMA Compliance
  • Conzent CMP helps companies meet DMA user consent requirements, ensuring smooth operations with gatekeepers.

More from the Conzent Blog

POPIA – South Africa’s Data Protection Act

The Protection of Personal Information Act (POPIA) is a significant data privacy legislation in South Africa that became effective on July 1, 2020, with ...
LGPD - Brazilian Data Protection Authority DPA, rights under the Lei Geral de Prote o de Dados

LGPD Data Protection Law in Brazil

Brazil’s Lei Geral de Proteção de Dados Pessoais (LGPD) is an extensive data protection law enacted in August 2020 and enforced from August 2021, ...

Virginia Consumer Data Protection Act (VCDPA)

With no equivalent federal law, the VCDPA adds another layer to U.S. data privacy regulations. It came into effect on January 1, 2023. If ...

Start for free now

Why wait when its free? It makes absolutely no sense to wait following the law.
It doesn't matter if your are in the US, Europe or anywhere else.
Conzent got your back