The Platform Law Blog

CMA music streaming market study: what’s going on?

Music streaming is a fascinating industry, and many people were looking forward to seeing how the UK’s Competition and Markets Authority (“CMA”) had used its wide-reaching information gathering powers to uncover any problems. This is a huge and culturally-important industry for the UK, and it seems to operate in some weird and convoluted ways. There were big questions to be settled about the strength of the major music labels, possible collusion between them, and how to ensure songwriters could make a living from their talents.  But then the CMA’s interim report was published on 26 July 2022, and it produced no strong findings at all.

Of course, it’s always possible that the CMA might investigate an industry and find there are no significant problems and no improvements worth making. It just doesn’t happen very often.  In this case, the CMA has found that the market is delivering good outcomes for consumers, and it does not propose to launch an in-depth market investigation at the end of the market study. No remedies are proposed.

What’s going on?

Key findings of the interim report

The CMA is assessing the impact streaming has had on the music sector and whether competition is working well for consumers by delivering high-quality, innovative services for low prices. While the CMA’s primary focus was on consumers, it also considered the impact on songwriters and artists, following concerns raised that the market is not serving creators’ interests sufficiently.

The key findings from the interim report are as follows:

Streaming has transformed the music industry. 80% of recorded music is now listened to via streaming services. Recorded music is now also costing consumers less overall compared to when CDs and other physical formats were more popular. Streaming has also overcome the problem of illegal filesharing, which caused a collapse in the music industry and creator revenues from 2001 to 2015. With the increasing use of music streaming services, inflation-adjusted recorded music revenues have increased from £0.8 billion in 2015 to £1.1 billion in 2021.

The recorded music sector is concentrated, with three major record labels (i.e., Universal, Sony and Warner) holding an aggregate share of over 70% of UK streams. The CMA has also found that the market power of the three major record labels has persisted for some time. However, despite the concentrated nature of the market, the competition to sign artists, especially proven and upcoming artists, can be very intense. Overall, the evidence available to the CMA did not show that this concentration in the market is causing consumers harm or that it is driving the concerns raised by artists. Neither labels nor streaming services appear to be making sustained excess profits.

The CMA also did not find evidence that the majors are suppressing publishing revenues (the royalties due to songwriters rather than recording artists). Deals with the music streaming services are largely negotiated separately by the recording and publishing arms of the major labels, and even though they answer to the same management and shareholders, the CMA found – in what appears to be a departure from the “economic unit” principle in competition law – no evidence to indicate a close cooperation or cross-influence on financial terms. Record label and publishing businesses are ultimately accountable for securing the best contract terms possible for their respective artists and songwriters. The CMA did not seek to answer how labels manage this duty with the fiduciary duties they owe to their shareholders.

In relation to concerns of some artists and their representatives on the lack of transparency over how record labels calculate their earnings from streaming services, the CMA stated that it will share its findings with the Intellectual Property Office to help them inform their work on issues around transparency for artists. The CMA found, while some positive examples of labels presenting information on the number of streams and the rate per stream in a user-friendly way, this is not consistent across all labels.

The legal arrangements between major labels and music streaming services are inevitably long and complex. The CMA observed that some of these agreements weakened competition. However, the CMA found that while a slight strengthening of competition might be expected by their removal, it is not clear that any improvement would be more than marginal. In its examination of these contracts, the CMA uncovered:several non-discrimination clauses (e.g., clauses preventing the music streaming service from giving more prominence to a music simply because it is cheaper for the service); andMost Favoured Nation (‘MFN’) clauses covering a range of provisions, including the setting of payment and marketing terms, providing that the music streaming service cannot offer another record company better terms. The CMA noted that none of these MFN clauses relate to the price of music streaming services to the end consumer, which would be more likely to raise serious competition concerns. Nonetheless, these clauses might still weaken competition.

Overall, the CMA says that its initial analysis indicates that the music streaming market is delivering good outcomes for consumers. However, the CMA noted that it would be concerned if the market changed in ways that could harm consumer interests, for example, if innovation in the sector decreased, or if the major labels and streaming services began to make sustained and substantial excess profits.

The origins of the market study

When the CMA is deciding how to allocate its scarce resources, each prospective case goes through a fairly rigorous selection process using its (published) prioritization principles. As part of that process, the CMA considers the likely outcomes of the case and whether it can see a route through to a successful outcome. It considers whether plausible remedies are available that seem likely to improve the functioning of the market in question. For obvious reasons, the CMA does not want to commit resources to a case that will make no difference to competition in a market.

In the case of the music and streaming market study, the case was foisted upon the CMA by a Parliamentary committee rather than being a case that the CMA chose for itself. The Digital, Culture, Media and Sport select committee had published a report on the economics of music streaming, which voiced concerns about the dominance of the three major music labels. The report called for a CMA investigation and “a complete reset” of the music streaming market due to the small slice of the pie received by music creators.

The CMA clearly felt it needed to investigate, and this will have significantly affected its prioritization assessment. Some may believe that the politicians are to blame for forcing the CMA to waste its resources on a market study that produced no tangible results.

My colleague Stijn Huijts commented on this political dimension at the time the market study was launched, saying:

The fact that this market study originates from a political report also adds an interesting dynamic, since the CMA will need to be mindful of the political dynamics at play, while maintaining independence. There will be some vocal Members of Parliament following the CMA’s every move, and any perception that the CMA is treating the big players in this industry with kid gloves will no doubt result in an invitation to appear before the DCMS Committee.

Senior staff at the CMA may well be receiving such an invitation very soon.

A clean bill of health?

To be fair to the CMA, there are occasions when giving an industry a clean bill of health is the only intellectually coherent outcome and it can be useful for the industry. There have been widespread suspicions of collusion between the three major music labels, murky deals between the labels and streaming services, and a stitch up between their publishing and recording divisions. It seemed reasonable to want to investigate. The CMA may even have started its market study believing that some kind of forced break-up (or at least operational separation) was a plausible outcome. When the evidence did not support such an outcome, the only thing for them to do is to say so, and accept that they may have to absorb some political heat.

Meanwhile, industry participants may still have legitimate grievances. For example, the fact that one million streams only nets a songwriter an income of £1,000 is particularly striking, especially in combination with the finding that less than 1% of songwriters even achieve that level of streaming. Independent labels will also disagree with the view that deals guaranteeing major labels a share of streaming services’ playlists corresponding with their market shares do not harm competition. This effectively means independent labels are fighting for a minority of places on those playlists, regardless of the quality of their offering.  

Many UK artists will scratch their heads as to why – when the industry would not exist without their creative input in the first place – they are seeing some of the outcomes this market is producing. Whether the CMA has truly “shone a light” (as its press release claims to have done) on these issues is unclear. At a time when competition law is opening up to interventions that approach theories of harm from the point of view of self-employed workers like authors, freelance broadcasting workers and footballers, some will question whether the CMA has fully analyzed why one of the UK’s most successful export industries is not delivering for its creators.

Next steps

The CMA’s findings are only provisional at this stage. Responses to the interim report are invited by 19 August 2022, and the final report is due by 26 January 2023. Respondents can make comments on the CMA’s substantive findings and/or on the CMA’s proposed decision not to make a market investigation reference.

[Disclosure: Geradin Partners represents parties involved in this market study. The author used to work at the CMA, but left shortly before this market study began.]

Regulating big tech raises big implementation questions

A milestone was reached yesterday for the regulation of digital platforms: the Council of the European Union gave its final approval to the Digital Markets Act (“DMA”), following the European Parliament’s adoption of the legislative text in plenary on 5 July. The DMA, which will ensure the fairness and contestability of digital markets by setting out a list of “dos and don’ts” for designated gatekeepers, will change the regulatory landscape in the European Union (“EU”). The Regulation, proposed by the European Commission (“Commission”) in December 2020, was adopted in record time, following hundreds of amendments and intense negotiations between the co-legislators. It will now be published in the Official Journal of the EU and enter into force 20 days later.

The short timeframe within which the DMA was adopted indicates the legislators’ willingness to resolve matters that the existing competition law framework may arguably not address in an effective manner. A great job was done by the EU institutions in navigating through the problematic practices of platforms that act as unavoidable gateways between businesses and end users, and in setting rules for complex digital markets. However, the final text also leaves some big questions unanswered.

The designation of gatekeepers

How will the designation process work? At which level will designation occur? These questions need to be answered by the regulator in a timely manner in order to guide potential gatekeepers in their preparations for notification and compliance. 

One important point pending clarification is the entity that will be designated as a gatekeeper. Will it be the parent undertaking or the provider of the core platform service that meets the thresholds? The text of the DMA is arguably unclear on this matter. This is because, in the final text, references to the “provider of core platform services” included in the Commission’s DMA proposal have been removed and replaced by references to the “undertaking providing core platform services”. Following the relevant case law, the DMA defines the term undertaking as “an entity engaged in an economic activity, regardless of its legal status and the way in which it is financed, includingall linked enterprises or connected undertakings that form a group through the direct or indirect control of an enterprise or undertaking by another.” Under this definition, the term “undertaking” could refer to either the provider of the core platform service or the parent company. The reference to “all linked enterprises or connected undertakings that form a group” may imply that the parent company will be designated. What is more, Article 3 of the DMA refers to the parent companyas the “undertaking” that must meet the criteria whereby it would qualify as a gatekeeper.

This is a matter with significant procedural implications. If the parent company is the designated gatekeeper, it will be expected to comply with a series of procedural obligations (e.g., notification, preparation of the compliance plan, establishment of a compliance function). The role of the core platform service provider in the designation process has yet to be clarified. A sensible approach would consist in both entities being involved in this process. 

The relevant business users

How should the number of business users of a gatekeeper be calculated? This matter, which is linked to the geographic scope of the DMA, is currently unclear. 

Both Article 1(2), setting out the DMA’s geographic scope, and Article 3(2)(b), establishing the quantitative thresholds for designation, state that business users must be “established in the Union”. Article 1(2) provides that, for the DMA to apply, business users must be established in the EU orend users must be established or located in the EU. However, Article 3(2)(b) sets out that, for a platform to qualify as a gatekeeper, it must have 10,000 yearly active business users established in the EU and 45 million users monthly active end users established or located in the EU. In light of the above, should potential gatekeepers only calculate business users established in the EU or should they also calculate business users established outside the EU when offering services to end users established or located in the EU? 

The latter approach is the one followed by the EU’s General Data Protection Regulation (“GDPR”): the GDPR applies to data processing by a controller or processor established in the EU. However, the GDPR also applies to controllers or processors not established in the EU to the extent that they process personal data of data subjects who are in the EU. According to Recital 23 of the GDPR, what matters is “whether it is apparent that the controller or processor envisages offering services to data subjects in one or more Member States in the Union.” The GDPR explains that the use of a language or a currency generally used in one or more Member States with the possibility of ordering goods and services in that other language may make it apparent that the controller or processor under consideration envisages offering services to data subjects in the EU (while mere accessibility of the controller’s or processor’s website in the EU, the provision of an email address or of other contact details, and the use of a language generally used in the third country where the controller is established are not sufficient factors to ascertain such intention). 

Will the GDPR approach, whereby the location of the (end) user matters, be followed in the case of the DMA? If such an approach is followed, will it apply in the context of calculating user numbers and complying with the DMA obligations, or will it apply to, e.g., compliance but not notification? Assuming this approach applied to compliance (to the effect that business users outside the EU could benefit from the DMA), would this be in line with the principle of proportionality?

Enforcement of the DMA

The Commission will be the sole enforcer of the DMA, with national competent authorities assuming a supporting role. While information is slowly being revealed, it is still far from clear how enforcement will work. How will the enforcement teams be structured within the Commission? And will the Commission have sufficient resources for enforcement? 

Initially, it was envisaged that 80 officials would shoulder the heavy task of monitoring gatekeepers and enforcing the DMA. Both the industry and Members of the European Parliament highlighted the need for ensuring that the Commission devotes adequate resources to the effective enforcement of the DMA. MEP Schwab, who led the DMA through the Parliament, reportedly stressed that without at least 150 dedicated staff, enforcement of the DMA will be a struggle for the Commission. MEP Schwab called for a separate enforcement team for each core platform service provided by a designated gatekeeper, stating that he has “two companies in mind where on every core platform service you will need to have a team. And that means you need a case handler, you need a manager, you need a data analyst … So you need easily ten people for one file … and that means that even the 150 [figure] is little.”

Commissioner Breton, in a post following the adoption of the DMA and the Digital Services Act (“DSA”) by the Parliament, gave us “a sneak peek at the future organization implementing the DSA & DMA.” Within the Directorate-General for Communications Networks, Content and Technology (“DG CONNECT”), dedicated teams will be organized around thematic domains, including societal, technical and economic aspects. The team focusing on societal aspects will handle issues such as risk assessments and audits, the technical team will be responsible for issues such as interoperability of messenger services, while the economic team will cover, among others, DMA-related unfair trading practices, such as data access or fair, reasonable and non-discriminatory (“FRAND”) conditions. A type of “programme office” will coordinate the close collaboration between the different teams and will handle international issues and litigation. Commissioner Breton also indicated that the staffing levels will increase and expertise will be built, particularly in data science and algorithms. Over 100 full time staff will form part of the DG CONNECT team devoted to the DSA and the DMA. For the DMA, DG CONNECT’s team will work alongside DG Competition, which will focus on the case handling. 

It has also been reported that the Commission is “on the hunt for up to five specialist contractors to keep in check the power of companies such as Meta, Google, Amazon and Apple.” These experts will help the Commission when “confronted with information and conflicting arguments that can be highly technical and/or can require specific sectoral and legal expertise and knowledge to process and examine.” 

The Commission has also reportedly “set up a structure to prepare for the effective enforcement of the DMA in a few months”, having already a joint task force in place to make sure that enforcement would be “fully operational from day one.” 

But, concrete details about the enforcement mechanism have yet to be revealed.  

The interplay between the DMA and other rules

The DMA will not apply in a vacuum; it will interact with existing EU and national rules that establish obligations for (gatekeeper) platforms. The DMA explicitly provides that the Regulation will apply “without prejudice” to several instruments, suggesting that all legislative instruments that govern the conduct of platforms (in the EU and domestically) will harmoniously co-exist and complement each other. 

Indeed, there are cases where no tension is expected to arise because the instrument that may apply concurrently with the DMA regulates unrelated matters through provisions that do not contradict the DMA. For example, under the Copyright Directive, a video-sharing platform is required to obtain an authorization from right holders in order to communicate or make available to the public their works. The DMA does not tackle copyright-related matters, nor does it impose any obligations that could put in jeopardy the regime established by the Copyright Directive.  

Yet, it is doubted whether the DMA will indeed apply without prejudice to (i.e., without detriment to any existing right or claim enshrined in) all the rules which have recently been revised or adopted to regulate platform practices. In certain cases (e.g., when it comes to the GDPR and the right to data portability it enshrines), the DMA may qualify as lex specialis, thereby prevailing over other rules. In other cases, based on the principle of supremacy of EU law, the DMA may override national rules that pursue objectives other than fairness and contestability (consider, for example, national rules that seek to protect media pluralism). What is more, it cannot be excluded that the implementation of the DMA may trigger the ne bis in idem principle in subsequent proceedings launched under competition rules (to the effect that those proceedings are discontinued). There may also be occasions where the DMA may render certain rules (e.g., rules introduced by the Platform-to-Business Regulation) devoid of purpose. In such cases, despite a “without prejudice” clause, the DMA would not necessarily complement (but could possibly endanger) the effectiveness of existing rules. 

What will happen in all those cases where tension between the DMA and other rules arises? Will the answer be directly provided by the Court of Justice of the EU, or can we expect some guidance from the Commission’s services? This brings us to the last big question we wanted to raise: are interpretative guidelines needed once the DMA enters into force? 

Interpretative Guidelines 

Undoubtedly, various interpretative issues will arise from the implementation of the DMA. As regards designation, though the DMA includes an Annex that sets out how gatekeepers should calculate the number of end and business users, the metrics identified are not always clear. For example, in the case of virtual assistants, the Annex states that gatekeepers should submit the “number of unique developers who offered at least one virtual assistant software application or a functionality to make an existing software application accessible through the virtual assistant during the year”. Does this mean that certification of a specific app by the gatekeeper platform is needed to qualify as “business user” or is that aspect not relevant? As regards compliance, most of the obligations included in the DMA reflect antitrust proceedings that concerned a specific platform employing a specific business model. How those obligations apply to other platforms that may differ significantly from the platform that has been subject to antitrust scrutiny will not be easy to determine. Other obligations that do not mirror the outcome of competition decisions, such as the provision mandating gatekeepers to grant access to data, raise their own set of challenges (e.g., what would qualify as “effective” data access that business users should be granted?). 

Guidelines are important for two reasons. First, as we explained in a previous post, guidelines will contribute to the effective application of the rules, enabling both platforms and their business users to understand under what conditions a gatekeeper complies with the DMA. Secondly, the DMA recitals do not always do a great job interpreting the provision they refer to. In fact, on many occasions, they are limited to repeating the main text. And where recitals do provide some useful clarifications, it is recalled that there is a long line of case law whereby “recitals can help to establish the purpose of a provision or its scope [b]ut they cannot take precedence over its substantive provisions” and have no binding legal force.


The imminent entry into force of the DMA constitutes a significant step in the regulation of gatekeeper digital platforms, making the EU a frontrunner when it comes to digital regulation. As the countdown to the application of the DMA has started, big questions await their answers.

Co-authored by Konstantina Bania and Theano Karanikioti

Photo available on Unsplash

UK and Germany double up on Amazon

Some days you just can’t get a break. Amazon was the recipient of not one but two pieces of bad news yesterday, with the UK Competition and Markets Authority (CMA) announcing that it has launched an investigation under the Competition Act 1998 into possible abuses of dominance by Amazon, and the German Federal Cartel Office (FCO) designating Amazon as a digital gatekeeper under its new regulatory regime.

It comes at a time when Amazon is reported to be close to completing an early resolution to the European Commission’s investigations into whether it breached EU competition laws. Below, we dissect the importance of the UK and German developments.

CMA’s investigation into Amazon


As is well known, the European Commission has been investigating Amazon since July 2019 for its collection and use of third-party seller data and it opened an additional investigation in November 2020 relating to the criteria Amazon uses for selection in its “Buy Box” and for eligibility to sell under the “Prime” label. As a result of Brexit, the UK market would no longer be covered by these investigations. It was therefore somewhat of an open secret that the CMA was considering what action it should take with respect to these practices.

Rather than waiting for the European Commission to conclude its investigation and seeing whether Amazon might be willing to extend any remedies imposed by (or agreed with) the Commission to the UK, the CMA has decided to open a full-blown investigation itself.

Taking into account reports that the Commission is about to market test commitments offered to it by Amazon, the CMA’s decision to open proceedings could mean one of three things: it wants Amazon formally to offer the same commitments for the UK (which is only possible if there are formal proceedings); it thinks Amazon’s commitments do not go far enough and therefore wants to insist on further measures; or it disagrees that this is an appropriate case for commitments, and wants to retain the possibility of imposing a large fine.

What the CMA is investigating and how it connects to other investigations

The CMA has announced that it is investigating:

How Amazon collects and uses third-party seller data, including whether this gives Amazon an unfair advantage in relation to business decisions made by its retail arm.How Amazon sets criteria for allocation of suppliers to be the preferred/first choice in the ‘Buy Box’. The Buy Box is displayed prominently on Amazon’s product pages and provides customers with one-click options to ‘Buy Now’ or ‘Add to Basket’ in relation to items from a specific seller.How Amazon sets the eligibility criteria for selling under the Prime label. Offers under the Prime label are eligible for certain benefits, such as free and fast delivery, that are only available to Prime users under Amazon’s Prime loyalty programme.

There are clear parallels with the two Amazon investigations the European Commission is carrying out, with the collection and use of marketplace seller data the subject of an investigation in which it issued a statement of objections in November 2020, and the criteria for Buy Box and Prime the subject of a further Commission investigation launched when that statement of objections was issued.

The EU/UK antitrust case against Amazon

Amazon has many activities today, but it is of course best known as an ecommerce platform. In that respect, it operates a marketplace where independent sellers can sell products directly to consumers, but it also sells products itself as a retailer. When it does so, it competes with the independent sellers active on its marketplace. It owns, operates and sets rules for the market, but it also competes on that market.

The cases at the Commission and the CMA must be seen in that context. When it comes to the use of third-party seller data (the Commission case opened in 2019), Amazon, as the marketplace owner, operator and rule maker, has access to confidential commercial data of independent sellers. This includes the number of ordered and shipped units of products, the prices at which sellers sell and the impact of price increases and decreases on sales, sellers’ marketplace revenues, the number of visits to their offers, shipping data, etc. The Commission is concerned that this sensitive data gives Amazon a competitive advantage over independent sellers. The data is available in large quantities to Amazon’s retail business and flows directly into its automated systems. Those systems aggregate the data and help Amazon calibrate its retail offers and strategic business decisions. This allows Amazon, for example, to focus its own offers on those products that are most popular, on the basis of sales data from third parties (the independent marketplace sellers) that is not available to others.

In the Commission’s provisional view, the use of non-public marketplace seller data allows Amazon to avoid the normal risks of retail competition and to leverage its dominance in the market for the provision of marketplace services in France and Germany – the biggest markets for Amazon in the EU.

Not much public information is available about the Commission’s concerns about Buy Box and Prime. However, the Italian competition authority (Autorità Garante della Concorrenza, or “AGCM”) imposed a fine of more than $1bn on Amazon in December 2021 about similar issues.

The AGCM took issue with the way Amazon leveraged its dominant position to get businesses who sell through Amazon Marketplace to adopt Amazon’s own logistics service. In particular, the AGCM was concerned about Amazon’s own logistics service called Fulfilment by Amazon (FBA). Sellers who sell products through can choose FBA to deliver the product to the consumer, but can also select competing logistics services. However, they only have access to certain Amazon benefits if they adopt FBA. The most important of these is the “Prime” label, which is only available to sellers who use FBA. The Prime label in turn allows participation in special events like Black FridayCyber Monday, and Prime Day – and increases the likelihood of a seller’s offer to be selected in the Buy Box.

According to the AGCM, this harmed competing logistics suppliers and other online marketplaces, since sellers who were induced to use FBA would be less likely to sell through other marketplaces due to the duplication of logistics costs.

It will now be interesting to see in what respects the Commission and CMA will take a different approach to their Italian colleagues. For one, the CMA has indicated that it is investigating Buy Box and Prime practices in the context of whether they give an unfair advantage to Amazon’s own retail business or sellers that use its services, compared to other third-party sellers on the Amazon UK Marketplace. The AGCM, on the other hand, was concerned about harm to competing logistics suppliers and other online marketplaces.

In other words, the Italian investigation was interested in the impact of Amazon’s practices on providers of services that compete with Amazon’s own marketplace and logistics services, whereas the CMA’s investigation appears to be interested in the impact of those practices on third-party sellers that compete with Amazon’s own retail business. That is however not a matter of one authority being right and the other being wrong, rather it demonstrates how Amazon’s practices may have an impact at multiple levels of the value chain.

What comes next?

The Commission’s next steps will be very important. If, as is reported, it is about to market test commitments offered by Amazon, this would open the possibility of a “quick win” – that rarest of beasts in the antitrust enforcer world – for the CMA if Amazon simply extends the geographical scope of the commitments to post-Brexit Britain. However, there are some obstacles still in the way.

First, a market test can lead the Commission to drop the commitments route and pursue penalties, as happened in the Google Shopping case. Indeed, according to Regulation 1/2003, commitments are “not appropriate in cases where the Commission intends to impose a fine”. As the Commission’s Manual of Proceedings furthermore recognises, commitments have a “different precedent value” than infringement decisions and may have a “more limited deterrent effect” on other companies. Opting for commitments therefore carries a wider message from the Commission’s perspective: Amazon’s alleged infringements could be seen as less serious than those committed by other big tech firms that have been the target of penalties.

Second, it may of course be that the CMA is not interested in such a “quick win”. While it sometimes moves in concert with other regulators like the European Commission, there are other cases where it takes a different approach. One example is merger control, where the CMA has recently been considerably more interventionist than the Commission. It is possible that the CMA disagrees that the commitments go far enough or even that this is a good case for commitments at all. According to its guidance, commitments are not appropriate in case of a “serious abuse of a dominant position”, which “will typically include conduct which is inherently likely to have a particularly serious exploitative or exclusionary effect”. Accepting commitments would therefore mean the CMA does not view Amazon’s conduct as a “serious abuse of a dominant position”. That would stand in contrast to the AGCM’s penalty of more than €1 billion.

The case confirms that Amazon is high on competition authorities’ lists of priorities. And there are other areas of concern, as has been clear from lawsuits brought in the US. The CMA’s investigation opened today by no means precludes other investigations into Amazon being opened, and we have seen the CMA and European Commission launch several separate investigations into Apple and Google.

The CMA is also expected to launch a market study that would cover Amazon in preparation for the UK’s Digital Markets Unit regime. Indeed, a practice seems to be emerging at the CMA where the most serious conduct is investigated under the Competition Act (with fining powers), while it carries out market studies to get a wider picture of the sector (with the longer-term goal of imposing remedies that could change how markets operate).

The FCO proceedings against Amazon

Yesterday, the German Federal Cartel Office (“FCO”) formally designated Amazon as an undertaking of paramount significance for competition across markets (“UPSCAM”) pursuant to Section 19a of the German Competition Act.

Section 19a follows a two-step approach, namely designation and the adoption of a prohibition decision. The FCO has certainly not wasted any time in making use of this new tool; since January 2021, when Section 19a entered into force, it has also opened proceedings into the other big tech platforms and has recently designated Google/Alphabet and Meta/Facebook in decisions which are now final. The FCO has also opened proceedings into specific practices adopted by Apple, Google/Alphabet, and Facebook/Meta, which are ongoing.

The press release announcing Amazon’s designation refers to Amazon’s activities as a seller, e-commerce marketplace, and streaming and cloud service provider, which have all contributed to the creation of a digital ecosystem. The press release also refers to Amazon’s market share and revenues generated in Germany; Amazon’s power to impose terms and conditions on other sellers; and the integration Amazon has achieved by expanding into all levels of the supply chain (e.g., logistics, advertising, payment processing). There is nothing unusual or unexpected with respect to the above; the market position and financial strength of the undertaking concerned, its vertical integration, and the relevance of its activities for third party access to the market are all factors that the FCO should consider in determining whether a firm qualifies as UPSCAM. Yet, there are a few (arguably more) interesting issues arising from the press release that are worth taking a closer look at.

Starting from the relationship with “plain vanilla competition law”, it appears that Andreas Mundt was keen to clarify that, in addition to determining that Amazon qualifies as an UPSCAM, the FCO also “consider Amazon to be dominant in regard to its marketplace services for third-party sellers. The [FCO] can therefore also engage in parallel traditional oversight over abuse of dominance, on the basis of which proceedings against Amazon [are already being conducted]”. This statement is clearly related to two ongoing proceedings against Amazon that the FCO opened in 2021, which concern (a) the influence that Amazon exercises over the pricing of sellers on Amazon Marketplace by means of price control mechanisms and algorithms, and (b) the extent to which agreements between Amazon and brand manufacturers (e.g., Apple) exclude third-party sellers from selling products on Amazon Marketplace.

The finding (and statement) that Amazon is both an UPSCAM and a dominant undertaking illustrates how the FCO perceives the interaction between Section 19a and Section 19 (which prohibits abuses of dominance) of the German Competition Act; nothing prevents the FCO from applying the above provisions in parallel even in cases where conduct that could be prohibited under the former can also be caught by the latter. By means of example, the influence that Amazon exercises over third sellers’ pricing could fall under Section 19a(2)(2)(b).

It remains to be seen whether the European Commission will adopt a similar approach once the Digital Markets Act (“DMA”) enters into force. Under the DMA, the Commission is not required to define the relevant market(s) affected by the conduct under scrutiny; prove that the conduct in question generates anti-competitive effects; or assess efficiency justifications. Section 19a implies that the FCO is not altogether freed from identifying the relevant market that is affected by an UPSCAM’s conduct, whereas an UPSCAM may put forward objective justifications for its practices. These differences may indicate that, contrary to the FCO, what the Commission will be able to achieve under the DMA, it will not pursue through Article 102 TFEU proceedings.

In addition, the FCO’s designation of Amazon reminds us of the issues that may arise from the interplay between the DMA and national rules prohibiting unilateral conduct, such as those introduced by Section 19a. Article 1(4) of the DMA lays down that it is without prejudice to “(a) national competitionrules prohibiting anti-competitive agreements, decisions by associations of undertakings, concerted practices and abuses of dominant positions; [and] (b) national competition rules prohibiting other forms of unilateral conduct insofar as they are applied to undertakings other than gatekeepers or amount to the imposition of further obligations on gatekeepers”.  Section 19a would presumably fall under (b).

This raises two questions. First, once the DMA enters into force, could Section 19a be enforced to sanction the same form of unilateral conduct covered by the DMA? Article 1(4) seems to establish that the DMA would prevail over Section 19a in cases where the same practice falls under the scope of both instruments; a narrow interpretation of the provision would mean that the FCO could make use of Section 19a to prohibit practices other than those tackled by the DMA (and subject to the condition that those lead to additional obligations imposed on gatekeepers/UPSCAMs). Second, if a national competition authority opens proceedings based on Article 102 TFEU (as the FCO have already done with Amazon), could those proceedings trigger the application of the ne bis in idem principle if the same conduct is prohibited by the DMA? In our example, the FCO’s investigation into Amazon’s influence over the pricing of sellers on Amazon Marketplace could, for instance, be caught by Article 5(3) and (4) of the DMA. Moreover, the Court’s recent judgments in bpost and Nordzucker leave room for the ne bis in idem principle to apply under certain conditions in cases dealing with the same practices.

The above questions are far from easy to answer, and they simply illustrate some of the challenges that arise from the enforcement of the DMA and the initiatives undertaken by active competition agencies seeking to fight the harmful practices of big tech platforms. 

Konstantina Bania and Stijn Huijts, Geradin Partners. Photo by Daniel Eledut on Unsplash.

Five key issues about the regulation of AI

The first thing to be mindful of when thinking about artificial intelligence (“AI”) is the need to see through the hype that surrounds it. In the past few weeks alone there have been claims that an AI system has become sentient (it hasn’t), while narratives of AI either saving or destroying humanity are commonplace.

The regulation of AI poses significant challenges, and requires the involvement of different disciplines (e.g., data science, computer engineering, philosophy). Different stakeholders around the world have already started engaging with those challenges. Most notably, the European Union has recently started to develop a comprehensive regulatory framework for AI, a worthy pursuit which will undoubtedly shape the digital age and emerging algorithmic societies.

The purpose of this piece is to outline five key issues which have emerged from the legislative process around the Artificial Intelligence Act (“AIA”) in the 14 months that have passed since the proposal was published by the European Commission (the “Commission”). These issues will remain relevant until the legislative process is completed and the way in which they will be addressed will likely determine the effectiveness of the AIA. Before discussing these issues, I briefly introduce AI and its importance for modern societies.

What is AI?

One of the many challenges the regulation of AI brings about consists in determining what the term “AI” encompasses. A good place to start is the 2018 Commission Communication on AI, which states that “AI refers to systems that display intelligent behaviour by analysing their environment and taking actions – with some degree of autonomy – to achieve specific goals.” The AI High Level Expert Group (‘AIHLEG’) built on this definition, explaining that, as a scientific discipline, AI includes several approaches and techniques, such as machine learning, machine reasoning, and robotics.

The term “machine learning” is also important when discussing AI and its regulation. That is because machine learning is one of the most common and effective applications of AI, playing a key role in image recognition, product recommendations and spam filters. Many of the recent breakthroughs that have been made using AI involve machine learning.

Why is AI important?

The impact of AI on our daily lives is clear. Other than the three examples of machine learning applications described above (which may seem trivial), AI can also help create better drugs, help blind people navigate the world, create better prosthetics, and contribute to disaster relief and climate change. The capacity of AI to change the world is astonishing.

But the transformative power of AI has also given rise to concerns, which have led to the adoption of various sets of ethical principles, both by companies developing AI systems, such as Microsoft, and intergovernmental organisations, like the OECD, as well as calls for regulation.

Five key issues about the regulation of AI

Before exploring the key issues concerning the regulation of AI, it is worth outlining the relevant progress made by the EU institutions to date. The Commission published the Proposal for the AIA in April 2021. Since then, the Council of the European Union (“Council”) discussed it under both the Slovenian and the French presidencies, the latter publishing a consolidated version of the text on June 15th. In the European Parliament (“Parliament”) after a competency battle, the Internal Market (IMCO) and Civil Liberties (LIBE) emerged as the lead committees on the file in December 2021. In June 2022, MEPs from all committees tabled over 3000 amendments on the text.

Key Issue 1 – Definitions

As mentioned above, determining what the term “AI” refers to is far from a straightforward task. Consequently, the definition of AI for the purposes of the AIA has been a contentious point and will likely remain one throughout the legislative process. The definition suggested by the Commission in the Proposal has been criticised as being both too broad and not broad enough while the version in the Council’s consolidated version significantly departs from it.

A discussion related to what AI is or should be for the purposes of this regulation concerns the definition of “general purpose AI” (a term that was first introduced by the Slovenian Presidency in a partial compromise text, on which the French Presidency has done significant work since). In the most recent consolidated version, general purpose AI systems are defined as being those intended by their providers to perform generally applicable functions, such as image or speech recognition, translation or pattern detection (Article 3(1)(b). Several amendments tabled by MEPs also discuss general purpose AI and it remains to be seen how the final definition will determine the relations between the different actors involved in the AI lifecycle, given their unique intended purpose (see below).

Key Issue 2 – AI lifecycle dynamics

The Proposal put forward a relatively simple structure of the stakeholders present in the AI lifecycle, revolving mostly around providers, the entities that develop an AI system, and users, those who use it under their own authority.  Importers, distributors and operators will also fall in scope, but they will be subject to fewer and less substantial obligations.

Under the Proposal, the dynamics between providers and users is governed by two elements – (1) the intended purpose of the AI system in question – which is set by the provider – and (2) a substantial modification made to it by the user, which has the effect of transforming it into a provider. While apparently straightforward, this equation raises difficult questions, including how the intended purpose should be defined by the provider and what would amount to a “substantial modification”.  
Going forward, the meaning of both “intended purpose” and “substantial modifications” will be key to the formulation of the final text. The structure of the actors involved could also evolve (amendments that were recently tabled suggest the inclusion of players such as end users, affecter persons, new and original providers).

Key Issue 3 – Risk vs. Innovation

This dilemma is familiar to those who have followed the regulation of other emerging technologies and applications. There is broad consensus that regulation should not chill innovation. As a result, the way in which risk is defined has important implications. The Commission has opted for an approach that defines risk based on individual health, safety and fundamental rights, but the IMCO-LIBE report, prepared by the two co-lead rapporteurs on the file from the Parliament, has suggested expanding this approach, with reference to Article 2 of the Treaty on the European Union. This new approach would define risk by reference to the values listed in this Article, including democracy, freedom and rule of law.

Once the risk is defined, AI systems will be placed into various categories, namely unacceptable, which will be banned; high risk, which will attract specific obligations; and low or minimal, which will remain materially unaffected by the AIA. That being the case, it is not surprising that over 250 amendments have been tabled only in relation to Article 5 (11551406), which lists AI systems that give rise to unacceptable risks, and another 200 in relation to Annex III, which contains the list of high-risk AI systems (3042 – 3242).

Key Issue 4 – Enforcement

Against the backdrop of the discussions on the ineffective enforcement of the General Data Protection Regulation, and the approach taken in the Digital Services Act, which empowers the Commission to have an active role in enforcement, a key point to discuss is how the provisions of the AI Act will be enforced.

Enforcement raises many issues, ranging from the decision to create new National Supervisory Authorities focused only on AI, giving already existing Data Protection Authorities new powers to supervise implementation, to the role of the Commission and the (soon-to-be-created) European AI Board. The existence of a right to effective remedy for individuals is also under discussion.

Key Issue 5 – Liability The Commission has decided to tackle liability separately, but this is a matter inherently related to the discussions around the AIA. Recently, the Commission set a date for publishing the proposal for the Artificial Intelligence Liability Directive, which is 29 September. Even if separate from the AIA, this is integral to the broader goal of regulating AI in Europe. There is a danger that the different timelines and stakeholders involved in the legislative process could lead to discrepancies between the two instruments. Ensuring their coherence, for example the role of compliance with the AIA for liability purposes, will be key to their effectiveness.

Photo by Possessed Photography on Unsplash

Meta/Giphy court judgment: The CMA’s controversial merger analysis survives, but its procedures don’t

As readers of this blog know, the UK’s Competition and Markets Authority (“CMA”) blocked its first Big Tech merger in the Meta/Giphy case. Meta duly appealed to the UK’s Competition Appeal Tribunal (“CAT”) and the CAT’s judgment was issued last week.

The most discussed element of the case has been the CMA’s controversial theories of “dynamic competition”. These theories were on trial and they have been upheld by the CAT with – believe it or not – “no hesitation”.  As Simay Erciyas and I argue in a recent article on this case, the CMA has given itself the ability to block almost any merger it chooses to.

As we expected, the CAT has now given the CMA the legal cover it needs to continue its interventionist merger control approach. However, the CAT’s judgment has a sting in its tail. The CMA was found to have run an unfair process by failing to give Meta sufficient opportunity to see the relevant evidence and therefore defend itself. This will have ramifications for the CMA’s merger processes in future.

UK merger appeals

The UK’s merger appeals system is a difficult one for aggrieved merging parties. Appeals are only possible on judicial review grounds, which assess the legality (including the rationality) of the CMA’s decision.  As the CAT says, “[i]t is our task not to consider whether the CMA has “got it right”, but whether the decision it made was lawful or not” (para 125 of the Judgment).

And even if the appellant wins, the case is merely sent back to the same decision-making panel at the CMA to re-decide. Those panels rarely decide a case differently the second time around unless something significant has changed.

Dynamic competition

Much of the case focused on the CMA’s reliance on the concept of “dynamic competition”, which were cemented in the CMA’s assessments by the revised Merger Assessment Guidelines (the “MAGs”) that were published in March 2021. Dynamic competition is defined as follows:

“… existing firms and potential competitors can interact in an ongoing dynamic competitive process, and a merger could lead to a loss of dynamic competition. Firms that are making efforts or investments that may eventually lead to their entry or expansion will do so based on the opportunity to win new sales and profits, which may in part be ‘stolen’ from the other merger firm. Incumbent firms that are making efforts to improve their own competitive offering may do so to mitigate the risk of losing future profits to potential entrants. In this sense, potential entrants can be thought of as dynamic competitors, even before they effectively enter and begin supplying customers. A merger may reduce the incentives of dynamic competitors to continue with efforts to enter or expand, or the incentive of incumbent firms to mitigate the threat of future rival entry or expansion. The impact of such a reduction in efforts would affect customers in the present, rather than solely from the future point in time when entry or expansion has occurred.” (MAGs, para 5.3)

Dynamic competition is essentially the CMA’s answer to concerns that too many ‘killer acquisitions’, and other acquisitions of potential competitive threats by firms with market power, have been allowed. In other words, if Meta was buying Instagram today, it would be blocked on dynamic competition grounds.

It was therefore Giphy’s future potential that was being removed by the merger, rather than its present day conduct. We have covered the CMA’s theories in this case in a previous blog post, so we will not repeat ourselves. The important thing that has now changed is that the CAT has fully endorsed these theories. The CAT concludes that it has “no hesitation in concluding that the decision made by the CMA was one that it was entitled to make” (para 126 of the Judgment).

The CAT quite helpfully sets out its thoughts on a good framework for dynamic competition assessments. This is a helpful steer for the CMA in future cases. The CAT only has two minor requests for future cases:

because these types of theories require difficult questions of judgment, the CMA should spend more time in future cross-checking its analysis: “Accordingly, for the future, in cases of dynamic competition, we would find it easier to review decisions on a judicial review basis if the CMA were consciously to ask itself: ‘What is the position if your assessment of the impairment to dynamic competition is wrong?’” (para 128 of the Judgment); anddespite the CAT being certain that the CMA has the jurisdiction to block a merger between two foreign businesses, the CMA should consider principles of international comity in cases involving international businesses: “in international cases, regard needs to be had (even if it is not determinative or even immaterial) to the wider context” (para 129 of the Judgment).

These requests will not be difficult to fulfil and the CMA will feel fully vindicated.

An unfair process

The CMA had made redactions from the Provisional Findings and the Final Report, which restricted Meta’s ability to understand the case against it and make intelligent submissions in response. These redactions were to protect the confidential information of third parties, particularly Meta’s competitors such as Snap, which had purchased Gfycat.

However, the CAT found that, “[t]he excisions to the Provisional Findings were unlawful and cannot be justified by reference to the regime in the Enterprise Act 2002” (para 158 of the Judgment).

The CAT emphasised that consultation with the merging parties is a necessary part of due process: “The addressees of a decision and any other persons affected by a decision are entitled to understand exactly the basis on which the decision is made, and the decision-maker must stand by and defend the decision it has made, and not some variant that leaves bits out” (para 148(2) of the Judgment).

In making its redactions, the CMA had failed properly to balance the degree of sensitivity of the third party data (and therefore the potential harm to those parties of making the disclosure) against the necessity of disclosing the data to allow the merging parties to defend themselves. The Enterprise Act requires such a balancing act to be performed, but the CAT found that the CMA had focused too much on protecting third party data and disclosing it only to Meta when the third party gave consent for it to do so.

The CMA should have considered a confidentiality ring whereby the data is disclosed to the parties’ external counsel who have a professional obligation not to disclose the data to their client (para 157(12)). The CAT said that the CMA had failed to distinguish between: (1) the necessity of disclosing information to the general public in the published versions of the documents, and (2) the necessity of disclosing information to Meta, which was the party affected by its merger decision and who deserved greater transparency.

The CAT also suggests that the CMA should have first considered a confidentiality ring involving Meta staff, which seems odd to me. Meta’s staff are precisely the people who would cause the third parties commercial harm and therefore are the people in the world from whom the third parties would most wish to withhold their data – if a confidentiality ring needed to include them, the data could simply have been published on the CMA’s website.

Para 157 of the Judgment (which lasts for six pages and 12 sub-paragraphs) will be one that merger control practitioners will come to know by heart, and the CMA will quickly become sick of it being quoted at them in every case.

Rolling the CMA’s merger processes back a few years

The CMA will be upset about losing on a procedural ground of appeal. It will also be upset about the stridency of the CAT’s criticism.

It has been trying to reduce the burden of its investigations by streamlining the procedural steps and therefore by restricting the merging parties’ ability to disrupt it. This is particularly important for the CMA now that it is investigating more of the largest multinational mergers post-Brexit. Confidentiality rings are burdensome for the CMA case team.

However, the CMA might want to take this judgment on board by looking at its Phase 2 merger processes more holistically. Some practitioners argue that the CMA’s streamlining has gone too far, and I believe this point is implicit in the CAT’s judgment. If the CMA is going to pursue such an aggressive line towards mergers, with no right of appeal on the substance of a case, then it needs to act like it wants to give the merging parties a fair chance to contribute during the investigation.

At present, merging parties sometimes say that the process feels prosecutorial rather than inquisitive. They do not have the opportunity to contribute their industry expertise to the CMA’s evidence gathering strategy. For example, they may not know to whom the CMA has spoken, how respondents to customer or competitor surveys are chosen, what questions they are asked, and what they each said to the CMA. The parties do not have substantive meetings with the CMA to discuss how the economic theory of the case might be framed and tested. In the formal main party hearing, the CMA asks questions of the parties, but it does not involve an open two-way discussion between merger control experts. The CMA sends some working papers to the parties, but the extent of these has been scaled back considerably. The parties are then provided with a fait accompli in the Provisional Findings, at which point it is not plausible for the CMA to redesign its evidence base even if the parties were to make some valid criticisms. They may still not know what respondents were asked, and who the CMA has spoken to, because the Provisional Findings only summarise the gist of the evidence.

It was not always like this.  Several years ago, the parties often had substantive meetings with the CMA case team, including two-way discussions between the parties’ economists and the CMA economists.  They were discussed the questions that were sent out to customers, sometimes pointing out reasons why a certain question would be misleading to an industry participant because of the wording used. The parties were provided with detailed summaries of customers’ and competitors’ hearings with the CMA. They were given working papers of detailed prose so that they could examine the chains of reasoning and respond prior to the provisional decision being taken. At the Provisional Findings stage, the parties’ external counsel and economists were sometimes provided with third party information in a confidentiality ring so that they could see the full basis for the CMA’s reasoning.

Running these complex Phase 2 merger investigations is far from straightforward and the CMA is battling with companies like Meta that have effectively unlimited resources. However, while the CAT’s Meta/Giphy judgment is about disclosure rather than the process more generally, this might be the time for the CMA to roll the clock back a few years. If the CMA wishes to streamline its processes, I would argue that the Initial Enforcement Order regime is the better place to start. The burden of that regime sucks the resources of both the CMA and the merging parties away from substantive issues.

What happens next?

The CMA and Meta must now make submissions to the CAT about what should happen next. Given that the CAT has no ability to impose its own decision on the outcome of the merger, and it will be reluctant to hypothesise about whether Meta’s submissions on the redacted information would have changed the CMA’s decision, I don’t see an alternative but for the CAT to send the case back to the CMA to re-consult and then re-decide.

Readers can make up their own minds about whether anyone will benefit from the CMA going through the procedural motions and then inevitably prohibiting the merger again. Third parties to the merger certainly won’t benefit. They now risk their confidential information ending up in the hands of Meta (a gatekeeper with plenty of scope to retaliate against them commercially), and will incur costs in corresponding with the CMA on the subject.

In the meantime, the CMA is in a difficult situation. It has recently prohibited mergers and issued adverse provisional findings using what has now been found to be an illegal process. A recent prohibition in the helicopter services sector is still within its appeal period and therefore the merging parties might even be drafting an appeal following the CAT’s judgment. The CMA may be breathing a sigh of relief that the appeal period for Cargotec/Konecranes has expired – in this case, the CMA and the European Commission issued divergent decisions on the same facts and have had to deal with the political fallout.

More generally, as discussed in a previous blog post, this CAT judgment arguably affects the scope of the new regulatory regime for Big Tech in the UK. The CMA had asked for a reduced standard of proof under the forthcoming special mergers regime, which would have made it easier for the CMA to block Big Tech acquisitions. The UK Government has recently decided against doing that, and the CAT’s endorsement of the CMA’s aggressive merger analysis under the existing regime makes this seem like a wise decision. The CMA does not seem to need a reduced standard of proof in order to intervene in Big Tech mergers.

[Disclosure: Tom was previously Legal Director at the CMA where he was closely involved in writing the revised Merger Assessment Guidelines referred to above.]

The CMA Final Report on the Mobile Ecosystems market study: a repudiation of Apple’s narrative over privacy and safety as justifications for the status quo

On 10 June 2022, the UK Competition and Markets Authority (CMA) published its Final Report on its year-long market study into mobile ecosystems – namely mobile operating systems, app stores, and web browsers. The CMA found that Apple and Google have a tight grip over these increasingly crucial ecosystems, which in turn places them in a very powerful position. As a result, thousands of businesses which rely on these ecosystems to reach their users face restrictions and terms which they have little choice but to accept, while consumers are likely to miss out on new innovations, have less choice, and ultimately face higher prices. In response, the CMA has identified a wide range of potential interventions that could help unlock competition and protect millions of businesses and people.

Even so, ecosystem operators – and Apple in particular – have fiercely opposed any intervention on the part of the CMA, arguing that this would compromise user privacy, security, and safety. This is not the first (nor the last) time such arguments are raised – indeed, privacy and security considerations were among Apple’s chief defenses in recent antitrust litigation (see the Epic Games litigation in the US) and are likely to be relied upon by Apple in the future to resist compliance with ex ante regulation such as the EU Digital Markets Act.

It goes without saying that a platform operator such as an app store operator has a legitimate interest in setting (and enforcing) rules meant to ensure the quality of its platform, including rules on the products and services offered by business users to consumers through the platform. Platform governance (sometimes also referred to as ecosystem stewardship) is crucial to a platform’s success, in light of the strong indirect network externalities at play (if for example a platform gets infested with fraudsters, consumers’ trust in the platform will be compromised and consumers may start abandoning the platform, leading to a death spiral). Digital platforms thus often set rules aimed to protect the privacy, security, and online safety of their users.

In this context, the CMA accepts that ecosystem stewardship is essential and brings benefits for consumers and businesses. At the same time, the CMA rightly stresses there are clear risks that this rule-setting and oversight role oversteps the mark: “[w]here private companies such as Apple and Google adopt a quasi-regulatory role, for example in relation to data protection law, there are risks that these companies face conflicts of interests, as their own profit-driven incentives may not always be fully aligned with those of their users” (para. 7.9).

In its market study, the CMA did not hesitate to carefully examine Apple’s proffered privacy, security, and safety justifications, including by means of obtaining independent expert advice from a University Professor and a tech consultancy. The CMA found that many of the privacy and security risks flagged by Apple were likely to be overstated and not supported by the available evidence.

This is a significant blow for Apple and its strategy of relying on privacy, security, and safety as all-purpose justifications to defend problematic conduct. It also repudiates the narrative Apple has woven to resist intervention, whereby there is a binary choice and an inherent trade-off between enabling greater competition and protecting user privacy, security, and safety. These are not mutually exclusive objectives, and the evidence in the CMA Report clearly shows it is possible to increase competition while preserving user privacy, security, and safety. Considering the increasing frequency with which Apple (but also other digital platforms) invoke privacy and security to escape antitrust liability, the CMA’s evidence-based and balanced approach sets an important precedent for regulators across the world.

Against this background, this post discusses how the CMA has approached the various privacy, security, and safety arguments Apple has raised to justify its prima facie restrictive practices on its iOS mobile ecosystem. This is the case for at least the following restrictions and/or practices of Apple: restrictions in app distribution; restrictions in browser engines; restrictions in cloud gaming; restrictions in accessing the NFC chip; and the App Tracking Transparency framework.

Restrictions in app distribution: Apple does not allow alternative app stores or sideloading on iOS. The App Store is the only way to distribute native apps on iOS devices. The CMA considered that measures aimed at promoting competition in native app distribution (namely, allowing alternative app stores and sideloading on iOS) would have the potential to deliver a range of benefits, such as putting pressure on app stores to improve their services to attract users and improve their terms of access for developers, or allowing for the entry of specialist app stores (e.g., for gaming).

In response, Apple submitted that the envisaged interventions would fundamentally change the iPhone and have huge implications for consumers, whilst jeopardizing Apple’s holistic approach to security. Even so, the CMA is of the view that there appear to be several safeguards available that could enable greater competition in native app distribution without compromising the safety and security of users’ devices. The CMA’s understanding (informed by expert advice) is that security checks could be carried out by an approved reviewing party, such as the operating system owner or a certification body which digitally signs apps that have passed a review process. The CMA noted that the app review need not be tied to a specific app distribution channel. The CMA also referred to the notarization process on MacOS which scans apps for malicious content, and noted that the current app review process could be replicated for apps downloaded directly or through alternative app stores.

Restrictions in browser engines: Apple requires all browsers on iOS to use WebKit as their browser engine; browser vendors cannot make any adjustments to WebKit but have to rely on the engine already installed on iOS. Besides restricting competition between browsers (in the sense that their ability to differentiate themselves from Safari on factors such as speed and functionality is limited), the WebKit restriction is also likely to impede the adoption of web apps, as it limits their functionality (WebKit does not support important features related to web apps). The CMA noted that Apple benefits from the WebKit restriction, in that holding up the development of web apps limits the competitive constraint they may pose to the App Store.

In response, Apple submitted that the WebKit restriction is primarily motivated by security considerations; Apple said it has tightly integrated WebKit into iOS to protect users from malicious actors, providing key benefits including better distribution of security updates and security features leveraging technical integration with the operating system and hardware.

After considering the available evidence and obtaining expert advice, the CMA concluded that the WebKit restriction is unlikely to be justified by security concerns. According to the experts consulted by the CMA, all three main browser engines are very secure for the average user; Apple’s dedicated Safari sandbox and hardware-level security mitigation are not the only ways to secure a browser engine on Apple devices; and allowing Blink and Gecko to be used on iOS by dedicated browser apps is highly unlikely to materially worsen security. The CMA also provided evidence that Apple updates WebKit less frequently than Google updates Blink, and noted that Apple has no similar restriction on MacOS.

Restrictions in cloud gaming: The CMA found that Apple has obstructed the development of cloud gaming services on iOS, thus holding back potentially disruptive innovation. Under Apple’s Guidelines, an app providing access to a catalogue of games is not allowed on the App Store; each game must be individually submitted to the App Store so that it can be approved by Apple, has a product page, has user ratings and reviews, and can be managed with parental controls. Each game must be individually downloaded to the user’s device. This in turn limits the feasibility of developing cloud gaming apps on the App Store, and has pushed cloud gaming service providers to offer their services through web apps (in which case they are forced to offer a lower-quality service). The CMA found that the adoption of cloud gaming services on iOS has been much slower than on Android. Crucially, the CMA found that Apple has an incentive to obstruct the development of cloud gaming services, in that the latter (1) act as a distribution mechanism and may over time reduce users’ reliance on the App Store for discovering games (a key source of IAP revenue for Apple); and (2) may reduce the importance of premium hardware for users’ experience of gaming apps as well as reduce switching costs by offering platform-agnostic services, thereby threatening Apple’s device revenue.

Apple provided various justifications for its cloud gaming restrictions, including arguments about security, privacy, and user experience and expectations. It also tried to distinguish cloud gaming from other media streaming platforms based on the distinct nature of games (which are interactive). The CMA found that Apple’s proffered reasons did not provide a compelling justification:

The privacy and security protections for games distributed through the App Store could be replicated for games within cloud gaming apps – e.g., through a mixture of Apple applying them to the cloud gaming app as a whole and the cloud gaming service applying equivalent protections within their apps.Contrary to Apple’s assertions, user and market research evidence suggests that users expect to be able to instantly access all of the games in a cloud gaming service, without having to download additional applications.Other types of streaming content also demonstrate interactive features, e.g., Netflix, and Apple’s treatment of such apps provides a model for how it could allow cloud gaming apps on the App Store without compromising user safety or experience.Google allows cloud gaming apps without any indication that this has compromised user safety.

Restrictions in accessing the NFC chip: NFC is a standards-based technology allowing two NFC-enabled devices to transfer information between them. Modern mobile devices have NFC chips, which among others allow the device to transmit data to be read by other NFC devices. This is known as card emulation, and allows the user to make mobile contactless payments. On iOS, Apple does not allow third party developers to use the NFC chip for card emulation; the only service that can do so is the Apple Wallet, which provides Apple with a decisive advantage over competing mobile wallets.

Apple justified its restriction on security grounds. The card emulation mode is often used for security sensitive functionalities, where the user may identify themselves using secure credentials. To guard against the risk of malicious actors getting hold of the credentials, these are stored in secure environments. In the case of iOS devices, the payment credentials are stored in a physical chip known as Secure Element (SE). When a user makes a payment, the credentials are transmitted directly to the payment terminal via the NFC chip, bypassing the rest of the device. An alternative approach (used on Android devices) is host-card emulation (HCE), whereby the payment credentials are stored on the server of the wallet provider. When a user makes a payment, these details are passed through the device to the payment terminal via NFC. Apple argued that allowing the use of HCE on iOS, or granting third parties access to SE, would increase the “attack surface” of iOS and give third parties the ability to compromise details stored in the SE.

The CMA noted it has not been able to comprehensively assess Apple’s justifications, but based on the evidence gathered, it considered that Apple has overstated the security risks of opening up NFC access, particularly through the use of HCE. Among others, the CMA relied on: (1) the fact that HCE is widely used in Android devices and has been accepted by the payments industry as offering a sufficient level of security (plus, there was no evidence there are higher fraud rates on Android); and (2) Apple’s inconsistency in arguing that HCE allows for sensitive details to be passed through the device, while at the same time arguing that rival mobile wallet providers can use Bluetooth for contactless payments, which similarly include sensitive details passing through the device.

App Tracking Transparency framework: App Tracking Transparency (ATT) is a privacy framework introduced by Apple in April 2021, which requires app developers wishing to access the iPhone’s advertising identifier (used to target and attribute app advertising) to show a specific prompt (the ATT prompt) asking users’ permission for the app to “track” them. The CMA (after engaging with the ICO) considers that ATT enhances user privacy and control, while improving compliance with privacy law by app developers. However, the CMA expressed the following concerns over the ATT framework.

First, the choice architecture for the ATT prompt – which Apple chose without conducting any user testing – may not maximise user comprehension and thus could unduly influence some users to opt out of data sharing. Among others, the framing of the prompt could result in limited user comprehension, while Apple bars developers from offering any incentives for users to opt in to sharing their data (which in principle is not unlawful under UK privacy legislation).

Second, the CMA is concerned that Apple is not applying the same standards to itself when it comes to seeking opt in from users for personalized advertising, in that it has introduced a Personalised Ads prompt employing a different choice architecture. While Apple has tried to draw a distinction between first-party and third-party data collection (arguing that it does not engage in “tracking”, as it only relies on first-party data), the CMA observed that Apple’s data processing activities for personalized advertising could be characterized as “tracking” as described in the ICO Commissioner’s Opinion on online advertising expectations.

The CMA considered that ATT has given Apple’s advertising services (which continue to grow very fast and are expected to reach $5.5 billion in 2022) a competitive advantage, and that this has likely contributed to Apple’s advertising revenue being higher than they would otherwise have been. In addition, the CMA is concerned that ATT may reinforce Apple’s market power in app distribution (by undermining app install ads as an alternative discovery channel) and cause developers to shift to monetization models where Apple charges a commission.

Photo by Dan Nelson on Unsplash

The CMA takes matters into its own hands

The UK’s Competition and Markets Authority (“CMA”) has published its report into mobile ecosystems a few days before its statutory deadline. This market study has focused on mobile browsers, mobile operating systems and app stores.

Following the UK Government’s disappointing decision to delay the necessary legislation that will give the Digital Markets Unit (“DMU”) its legal powers to regulate the Big Tech gatekeepers, the CMA has been putting a brave face on it.

However, actions speak louder than words, and the CMA’s action has been to reverse its previous decision not to conduct a fully-fledged market investigation.  The CMA is therefore taking matters into its own hands rather than rely on the Government to write legislation, at least in certain discrete areas where it feels it can make a targeted difference. This is exactly what we have been calling for it to do and we applaud the CMA’s decision.

The market investigation will focus on two specific areas of Google and Apple’s ecosystems – namely, mobile browsers and cloud gaming. In these areas, the CMA makes some particularly strong findings as regards Apple, for example saying it has “blocked the emergence of cloud gaming services on its App Store”, “bans alternatives to its own browser engine on its mobile devices” and “seriously inhibits the capability of web apps”. Pre-installed defaults for both Apple’s and Google’s browsers, and other restrictive practices, are also clearly in the firing line.

Market investigation

Market investigations are an unusual tool that are unique to the UK. They involve an 18-month (extendable to 24 months) investigation into an industry, at the end of which the CMA has huge powers to reshape the industry even without any wrongdoing on behalf of the industry players. The CMA has previously completed market investigations into retail banking, energy, airports and many other industries.

Over the years, the CMA (and its predecessors) have gone through phases where they favour this tool because it means the CMA has the power to implement its own interventions, and then phases where the legal challenges and large case teams required seem too burdensome and making recommendations to Government seem easier. The cycle then continues when the CMA discovers that it is not always straightforward to persuade Governments to do what the CMA wants it to do, so the market investigation tool comes back into favour. We may therefore be about to enter a new era of market investigations (albeit probably scoped more narrowly than in the past).

The CMA’s interim report into mobile ecosystems, published in December 2021 (the “Interim Report”) said that the legal test for launching a market investigation was met, but the CMA provisionally decided against making a reference because it believed the legislative route would be more efficient. However, the Interim Report foresaw the possibility of needing to revisit that provisional decision:

We may, for example, revisit our present decision not to make a reference if the legislation required to bring the proposed new regime into force is not laid before Parliament for some time, or its anticipated scope materially altered, such that it no longer appears to us that action by the DMU represents the most effective and timely means of addressing the issues we have identified.” (paragraph 9.12)

When the Government delayed the DMU legislation, it was therefore foreseeable that the CMA would reverse its decision, and that is what in fact has happened.

The CMA is proposing a market investigation into:

the supply of mobile browsers and mobile browser engines, andthe distribution of cloud gaming services through app stores on mobile devices. 

These are only two discrete areas out of the many issues covered by the mobile ecosystems report.  The CMA has decided to scope the market investigation narrowly to improve the deliverability of its interventions. Its previous experience in the retail banking and energy sectors is that wide-ranging market investigations are incredibly difficult to manage.

The DMU legislation is therefore still clearly required as a matter of urgency to tackle the market power of the digital gatekeepers more generally. The CMA takes great care to emphasise that point in today’s report.

It seems at first glance that browsers and cloud gaming are a clever choice for intervention. They are areas where the CMA can add value because they have not been the subject of detailed scrutiny internationally, and the CMA clearly has some targeted remedies in mind that it believes it can impose successfully. We have flagged in a previous blog post that we thought cloud gaming might be the biggest news from the CMA’s market study.

The CMA has decided, on the other hand, that successful interventions to improve competition in mobile operating systems and app distribution would be more difficult within the tight statutory timetable of a market investigation, which only allows a one-off intervention. These will be better suited to the ongoing regulatory regime of the DMU, assuming that there are not further delays in bringing forward the legislation.

For companies active in these sectors, the market investigation will form a huge opportunity to achieve real change in the ways in which Google and Apple operate. They will have until 22 July to comment on the CMA’s proposed scope.

Antitrust enforcement action

Separately, the CMA has also launched an antitrust case into the Play Store. This will investigate Google’s rules which oblige certain app developers to use Google’s own payment system (Google Play Billing) for in-app purchases. It seems to be the mirror image of the ongoing investigation into Apple’s in-app purchasing rules.

Readers may recall that the CMA had already launched a further antitrust case into Google’s adtech activities only a couple of weeks ago. This previous case is investigating Google’s practices in the digital advertising market to see whether Google unlawfully tied or gave prominence to its services in different levels of the market.

The CMA’s response

The CMA’s actions tell a clear story of its senior management being furious at the Government. Since the delay to the DMU legislation was formalised in the Queen’s Speech on 10 May, i.e. one month ago today, the CMA has already launched two antitrust cases and a market investigation.  We heavily suspect that there will be further announcements to come, perhaps before the Chief Executive, Andrea Coscelli, departs at the end of this month.

There is now a short consultation about the scope of the CMA’s market investigation (deadline 22 July) before it kicks off in earnest.  This is likely just a formality, although the final decision to make the market investigation may be taken by a CMA Board headed by a new interim Chief Executive (rumoured to be Sarah Cardell, the current General Counsel) and a new Chair (Marcus Bokkerink), so there is some scope for a further twist in this tale.

We may return to the findings of the CMA’s extensive report in future blog posts.

Servizio, competition on the merits, and Google Shopping

This is the second post on the CJEU’s judgment in Servizio, a preliminary ruling concerning the interpretation of Article 102 TFEU (see here for the first post discussing the relevance of consumer welfare and actual effects in establishing an abuse under Article 102 TFEU). In this post I would like to discuss the concept of competition on the merits.

By way of background, the referring court had asked the Court whether a practice of a dominant undertaking can be considered as abusive solely on the basis of its potential anticompetitive effects, or whether it is also necessary to show that the practice departs from “normal competition” (also referred to as “competition on the merits”) – and if yes, how to determine if conduct is in line with competition on the merits.

This is arguably the most interesting (and most complex) part of the judgment. After all, competition on the merits featured prominently on the General Court’s landmark ruling in Google Shopping (currently on appeal), where it was held that the Commission had to establish that Google’s conduct, besides having (at least potential) effects, deviated from competition on the merits. As argued below, the General Court in Shopping and the Court in Servizio seem to approach competition on the merits from a different perspective, but this does not necessarily give rise to an inconsistency.

What is competition on the merits?

The concept of competition on the merits has always been a bit nebulous in the case-law – and this despite the fact that the Court has long used similar phrases such as “normal competition” when defining abusive conduct (see e.g., the definition of abuse in Hoffman La-Roche). As AG Rantos noted in his Opinion, “the concept of ‘competition on the merits’ is therefore abstract, since it does not correspond to a specific form of practices and cannot be defined in such a way as to make it possible to determine in advance whether or not particular conduct comes within the scope of such competition.”

For this reason alone, it would not be wise to put forward an exhaustive definition of competition on the merits. Both AG Rantos and the Court are cognizant of this, hence they prefer to provide examples of conduct departing from/falling within competition on the merits.

In general terms, recent case-law (Post Danmark I and Intel) has drawn a link between the concept of competition on the merits and the principle (sometimes referred to as the “As Efficient Competitor principle”) according to which Article 102 TFEU does not protect less efficient competitors, in that competition on the merits may by definition lead to the departure from the market of less efficient rivals. The implication is that if certain conduct excludes an as efficient rival, then the conduct in question is not competition on the merits. The AEC test, used in pricing practices (e.g., predation, margin squeeze), is an economic manifestation of the AEC principle.

In Servizio, the Court seems to affirm this link, stating that when determining if conduct falls within the scope of competition on the merits, one of the criteria that can be used is whether the practice can be replicated by a (hypothetical) as efficient competitor (para. 82; another criterion mentioned in para. 77 is whether the conduct serves no economic interest other than to eliminate competition). The Court here largely follows the reasoning of AG Rantos. After examining past case-law on pricing and non-pricing practices in paras. 69-71 of his Opinion, AG Rantos considers that in principle, conduct that can be replicated by an as efficient rival is competition on the merits (and thus not abusive).

The phrase “in principle” is key, however, in that there can be situations where conduct can be replicated by as efficient rivals and still fall outside the scope of competition on the merits – the prime example being AstraZeneca (fn 52 of AG Rantos’ Opinion). I think it is important not to lose sight of these nuances in the Opinion of AG Rantos when reading the Court’s judgment, as otherwise there is a risk some passages in the Court’s judgment (e.g., paragraph 78, which cites the Opinion AG Rantos) could be misread.

Seen in this light, the Court in Servizio does not break new ground; it affirms the relevance, when examining conduct under Article 102 TFEU, of that conduct’s impact on equally efficient rivals, in line with Post Danmark I and Intel. The concept of replicability is used as a proxy for determining the impact on equally efficient rivals. At the same time, the Court is careful to state that this is one of the criteria that can be used to classify conduct as departing from competition on the merits.

Do competition authorities need to show that conduct deviates from competition on the merits? If not, where does Google Shopping fit?

It has been argued (see e.g., here) that there is no need for an authority to show that the dominant undertaking’s practice is not in keeping with competition on the merits. On the other hand, in Google Shopping the General Court repeatedly held that, besides establishing (at least potential) effects, the Commission had to also show that Google’s conduct departed from competition on the merits. So, is an authority required to show that conduct deviates from competition on the merits?

I think the response to this question depends on how one understands competition on the merits. To the extent competition on the merits is linked to the AEC principle mentioned above, there is no need to examine it separately. It suffices to show that the conduct is capable of excluding an as efficient rival (as in that case the conduct will be deemed as falling outside the scope of competition on the merits).

Even so, there may be cases in which the AEC principle can be irrelevant – when for instance, the characteristics of the market make the appearance of an as efficient rival impossible (see e.g., Post Danmark II for case law, or the remarks of Gaudin and Mantzari for literature). This is likely to be the case in many digital markets exhibiting high economies of scale, data-driven advantages, and strong network externalities. In such a setting, assessing unilateral conduct by reference to an as efficient competitor (that cannot exist) would be tantamount to turning a blind eye to market reality.

In such cases, “competition on the merits” could replace the AEC principle and serve as an additional requirement for establishing an abuse, beyond that of showing anticompetitive effects. This seems to me to be the approach taken by the General Court in Google Shopping.

Recall that in that case Google had argued that the Commission had failed to identify features distinguishing the practices at issue from competition on the merits. In its judgment, the General Court started its reasoning by recalling that not every exclusionary effect is necessarily detrimental to competition, and competition on the merits may by definition lead to the departure from the market of rivals that are less attractive to consumers (para. 157, citing Intel). However, and contrary to what one might have expected, the General Court did not state that, to distinguish between “accepted” and “prohibited” exclusionary effects, regard should be had to the conduct’s effects on as efficient rivals.

Instead, to make this distinction, the General Court had recourse to a (somewhat undefined) notion of “competition on the merits”, which it considered as an additional requirement under Article 102 TFEU (see e.g., paras 161-162 and 195). Seen in this light, the General Court may have had recourse to a somewhat broader concept of “competition on the merits” to make up for the fact that the analytical framework it applied did not involve the examination of effects on as efficient rivals.

Now, the reality is that the General Court did not provide much guidance as to what “competition on the merits” meant. In that case, the General Court agreed with the Commission that Google’s conduct departed from competition on the merits based on three circumstances: (i) the importance of Google traffic from its general search pages; (ii) the behaviour of users when searching online; and (iii) the fact that the diverted traffic could not be effectively replaced (para. 196). One could say that these three circumstances all related to the effects of Google’s conduct. In addition, the General Court also considered relevant (iv) the fact that a search engine would normally not have the incentive to engage in self-preferencing (hence Google’s conduct involved a certain “abnormality”); (v) the non-discrimination obligation imposed by the EU legislature on internet service providers; and (vi) the fact that Google had altered its conduct following the initial failure of “Froogle” (its original comparison-shopping webpage).

Unfortunately, the fact-specific approach adopted by the General Court makes it hard to distill general guidance for future cases. In that sense, it does not seem to contribute to legal certainty. On the other hand, the General Court’s approach has the obvious benefit of flexibility (as said at the outset, it would not be wise to exhaustively define competition on the merits). In any event, one could say that the General Court’s approach can only reduce the risk of false positives (to the benefit of the investigated undertaking), in that it requires the competition authority to satisfy an additional requirement to establish a breach of Article 102 TFEU (namely, that the conduct departs from competition on the merits). One may thus overlook the recourse to a somewhat undefined concept of “competition on the merits”.

Is Servizio limited to cases of liberalized markets? If not, is the General Court’s ruling in Google Shopping at risk of being reversed on appeal?

It has been suggested that the Court’s judgment in Servizio should be limited to cases of liberalized markets, where the case-law has historically been quite strict when assessing the conduct of incumbents that were former legal monopolies.

In my view, there is no basis for limiting the scope of Servizio to liberalized markets. True, the Court seems to have ultimately decided the case taking into account the fact that Servizio previously benefited from a legal monopoly (see in particular para. 91, where the Court cites case-law on dominant undertakings using their statutory monopoly to extend to adjacent markets). But this does not detract from the fact that the Court, following AG Rantos, laid down its analytical framework for assessing conduct under Article 102 TFEU in general terms, without limiting it in any respect to cases of liberalized markets (see paras. 65-86, citing general Article 102 TFEU case-law).

So, does this mean that the General Court’s ruling in Google Shopping (which seems to have approached competition on the merits from a different perspective) could be at risk of being reversed on appeal? While we can only wait and see, my first reaction is probably no. As noted above, the Court in Servizio was careful not to put forward an exhaustive definition of competition on the merits. In other words, the Court (and AG Rantos) tried to provide general guidance on Article 102 TFEU, while still allowing for flexibility. There is thus no inconsistency between Servizio and Google Shopping.

Photo by Thomas Despeyroux on Unsplash

The judgment of the Court of Justice in Servizio (C-377/20) – Part I

On 12 May, the Court of Justice delivered its eagerly anticipated judgment in Servizio (C-377/20), a preliminary ruling concerning the interpretation of Article 102 TFEU.

This is a very interesting ruling for a variety of reasons:

First, the conduct in question involved the (allegedly) abusive use of a database, and in particular the discriminatory use of data (customer lists acquired during statutory monopoly). As Advocate General Rantos noted in his Opinion delivered late last year, “[t]he guidance provided may therefore prove to be useful in the future for assessing, under Article 102 TFEU, conduct relating to the use of data.” Apple’s App Tracking Transparency framework (whereby Apple has allegedly discriminated in the manner it seeks consent for its own advertising activities) is a case that immediately springs to mind.

Second, the conduct in question has been aptly described as “atypical”, in that it does not fit neatly within a recognized competition law box such as margin squeeze or refusal to deal. This is important, since competition authorities are generally reluctant to investigate practices they cannot easily pigeonhole in a known category, even though the list of abusive practices in Article 102 TFEU is not exhaustive. In that regard, providing general guidance on the concept of abusive conduct can be very helpful, particularly in digital cases where the conduct may not easily fit into a recognized box.

Third, the case presented the Court with the opportunity to address some fundamental issues relating to the application of Article 102 TFEU, such as the concept of competition on the merits and the relevance of actual effects (or lack thereof) in establishing a breach of Article 102 TFEU. The case has some interesting analogies with Google Shopping, where competition on the merits and the role of effects feature prominently in the General Court’s judgment. This in turn may shed some light on the approach the Court may adopt when examining Google’s appeal of the General Court’s ruling.

Unsurprisingly, the judgment has already sparked some controversy (and the fact that the judgment is not always easy to follow at some places is not very helpful). For instance, Ibanez Colomo is of the view that, unlike the Opinion of AG Rantos (which he considers as a clean framework capturing the essence of the case law), the judgment of the Court seems to be tailored to the specifics of the case (and in particular the fact that the undertaking in question was a former statutory monopoly), to the effect it will not (or should not) apply to other cases. It is likely that we will have to wait for another ruling to see how the Court will treat Servizio, although my initial reaction is different from that of Ibanez Colomo for reasons I will discuss later.

Given the complexity of the topic, this blog post will limit itself to discussing some of the issues addressed by the Court, namely (1) the role of consumer welfare; and (2) the relevance of actual effects (or lack thereof) in establishing a breach of Article 102 TFEU. This will be followed by a second post, which will discuss the issue of competition on the merits and will lay down some general remarks on the scope of the judgment and whether it should be limited to cases of former statutory monopoly.


The dispute in the main proceedings arose in the context of the gradual liberalization of the market for the retail supply of electricity in Italy. The conduct in question took the form of a complex strategy implemented by companies in the Enel Group, the incumbent operator, to make it harder for competitors to enter the liberalized market.

In an initial phase of liberalization of the market, so called “captive” customers (individuals and small businesses) benefitted from a regulated regime in a protected market. The operator in the protected market was Servizio Elettrico Nazionale SpA (“SEN”), a company in the Enel Group, the incumbent operator. In a subsequent phase, these captive customers were gradually allowed access to the free market, where Enel Energia SpA (“EE”), another company in the Enel Group, competed with third party electricity suppliers.

Following a complaint, the Italian AGCM launched an investigation and eventually adopted an infringement decision on 20 December 2018 finding that the companies of the Enel Group had implemented an exclusionary strategy to “transfer” SEN’s customer base (from the protected market) to EE (active on the free market). This conduct consisted of (i) SEN obtaining the consent of its customers in the protected market to receive commercial offers in the free market using “discriminatory” methods, which resulted in customers tending to provide consent for companies of the Enel Group and refusing consent for other operators, and (ii) SEN transferring the names of the customers that had consented (“SEN lists”) to EE, which EE used to issue commercial offers to bring them to the free market.

The companies of the Enel Group brought actions challenging the contested decision but lost on first instance. On appeal, the Consiglio di Stato decided to stay proceedings and refer to the Court several questions relating to the interpretation of Article 102 TFEU. Among others, the referring court asked for guidance on (1) the role of consumer welfare in establishing an infringement of Article 102 TFEU; (2) the relevance of actual effects, or lack thereof, in establishing a breach of Article 102 TFEU; and (3) the concept of competition on the merits (additional issues concerned (4) the relevance of intention of the dominant undertaking and (5) the parental liability presumption).

The role of consumer welfare under Article 102 TFEU

The first question to which the Court responded concerned the role of consumer welfare under Article 102 TFEU. This issue has always been the subject of some controversy and one where the EU Courts and the European Commission have not been fully aligned. As part of its move towards a more economics-based approach in the application of Article 102 TFEU back in mid-2000s, the Commission elevated consumer welfare/harm to a central part of its analysis, stating that it will generally only intervene where a dominant undertaking’s conduct is liable to cause anticompetitive foreclosure, namely foreclose rivals in a manner that causes harm to consumers (e.g., in the form of higher prices, lower quality, or less innovation).

The EU Courts, however, have fallen short of requiring the Commission to demonstrate consumer harm for the purposes of establishing consumer harm (and in that sense, the standard set by the case-law seems to be lower than the one applied by the Commission itself – at least at the stage of case selection). The Court’s judgment in Servizio did not break any new ground in this respect: on the one hand, in paragraph 46 the Court agreed with AG Rantos that the ultimate objective of Article 102 TFEU is to protect the welfare of consumers – understood as both final and intermediate consumers, which technically speaking are not “consumers”. On the other hand, the Court disagreed with AG Rantos, holding that a competition authority is not required to show that a practice has the capacity to harm consumers; a competition authority satisfies its burden of proof by demonstrating that a practice is likely to undermine competition, by using resources or means other than those governing normal competition, an effective competitive structure (para. 47). Even so, the dominant undertaking may escape the prohibition laid down in Article 102 TFEU by showing that any anticompetitive effects were counterbalanced by efficiencies that also benefitted consumers.

The relevance of actual effects (or lack thereof) and Intel

The referring court had sought guidance on whether evidence submitted by the investigated undertaking to show that its conduct did not produce actual anticompetitive effects (despite its abstract capability to do so) should be regarded as relevant, and if yes, whether the competition authority should examine that evidence in detail.

One may approach this matter on two levels. At a first level, there is the question as to the relevance to be attached by the competition authority to evidence adduced by the dominant undertaking during the administrative procedure to show that its conduct did not produce actual effects. This goes to procedure and aims at observing the undertaking’s right to be heard before the adoption of an infringement decision. At first sight this is a requirement of due process, although its implications affect also the substantive analysis, as discussed below. At a second level, there is the question whether proof of absence of actual effects suffices to exonerate the dominant undertaking to the effect it escapes liability under Article 102 TFEU. This goes to the substance of an Article 102 TFEU analysis.

Procedure: the Intel requirements

The Court recalled that under settled-case law, the abusive nature of exclusionary conduct presupposes that such conduct has the capacity to restrict competition, and in particular, produce the alleged exclusionary effect (para. 50, citing Generics). The Court then went on to apply paragraphs 138 and 140 of its landmark 2017 Intel ruling. In para. 51 the Court thus held that

“…where a dominant undertaking submits, during the administrative procedure, on the basis of supporting evidence, that its conduct did not have the capacity to restrict competition, the competition authority concerned must examine whether, in the circumstances of the case, the conduct in question did have such capacity (see, to that effect, judgment of 6 September 2017 in Case C-413/14 P, Intel v Commission, EU:C:2017:632, paragraphs 138 and 140).”

In Servizio the Court went even further and specified that the competition authority “must pay due attention to the observations submitted by the undertaking concerned and examine, with care and impartiality, all the relevant elements of the case and, in particular, the evidence submitted by that undertaking” (para. 52). This is in accordance with the right to be heard, which is a general principle of EU law (para. 52).

The above quotation of Intel (2017) is quite significant. As some readers of this blog may know, the Commission has adopted a fairly narrow approach to interpreting Intel, essentially limiting it to cases of loyalty rebates (exclusivity payments) and rejecting its application to other practices, including exclusive dealing. This is for example the approach the Commission adopted in its 2019 Google AdSense decision.

This approach of the Commission is problematic and hard to support as a matter of law. The Servizio judgment makes it even harder for the Commission to stick to that approach, in that the Court explicitly extended paragraphs 138 and 140 of Intel (2017) to all exclusionary practices. This has two implications, one procedural and one substantive:

First, the procedural guarantees of Intel (2017) apply to all exclusionary practices and are not limited to loyalty rebates.Second, where the dominant undertaking submits, on the basis of evidence, that its conduct was not capable of restricting competition, the Commission cannot rely on a formalistic analysis to condemn conduct under Article 102 TFEU. In such case, the competition authority must examine – the burden being on it – whether, in the circumstances of the case, the conduct in question did have a capacity to restrict competition.  

Substance: absence of actual effects as prima facie evidence

The Court recalled that a competition authority is not required to establish actual effects; it suffices to show that the conduct in question was capable of restricting competition (para. 53). As AG Rantos noted, this in line with the fact that the analysis under Article 102 TFEU is prospective in nature (it does not wait for anticompetitive effects to materialize) and the fact that the anticompetitive nature of conduct is to be assessed ex ante, at the time that conduct took place, which conforms to the general principle of legal certainty (paras. 110 and 114 of the Opinion).

Along the same lines, the Court noted that when the conduct in question has been in place for a sufficiently long time, the fact that it did not produce concrete anti-competitive effects does not automatically mean that such conduct did not have such capacity (para. 54). As a result, evidence of the absence of concrete foreclosure effects is not sufficient, in itself, to preclude the application of Article 102 TFEU (para. 55).

However, the absence of actual effects may be an indication that the conduct in question was not capable of restricting competition (para. 56), and therefore did not breach Article 102 TFEU. But it is up to the dominant undertaking to supplement this prima facie evidence with evidence showing that the lack of concrete effects was indeed the consequence of the inability of the conduct to have such effects (para. 56). In the circumstances of the case, the fact that EE had obtained through the use of SEN lists a tiny percentage of customers (0,002%) in the protected market was not considered sufficient for the undertaking in question to escape liability under Article 102 TFEU.

Now, the Court did not specify what exactly the dominant undertaking should demonstrate to supplement the “prima facie” evidence, but paragraph 54 offers some clues. There the Court held that the absence of actual effects is in itself not sufficient for precluding the application of Article 102 TFEU, in that “such a lack of effects could result from other causes and be due, inter alia, to changes in the relevant market since the conduct was initiated or the inability of the dominant undertaking to carry out the strategy which gave rise to the conduct”. Combined with para. 56, this suggests that a dominant undertaking would have to demonstrate that the lack of actual effects could not be attributed to external factors such as subsequent changes in the relevant market. This places the investigated company in a rather awkward position, in that it bears the burden of proving a negative fact (the infamous probatio diabolica).

Overall, I think the approach in Servizio should be seen as an effort of the Court to strike a balance. On the one hand, a dominant undertaking cannot escape liability merely by pointing to the absence of concrete effects in the market. On the other hand, the competition authority cannot on its part disregard such evidence; it has to carefully examine it, and in any event bears the burden of showing that the conduct was capable of restricting competition, in line with Intel (2017).

Interestingly, an attempt to strike a similar kind of balance can be found in the General Court’s judgment in Google Shopping, delivered last year (see here for our analysis). Among others, Google had relied on the General Court’s ruling in Servier (an Article 101 TFEU case) to argue that when the conduct has spanned many years, the Commission cannot merely demonstrate potential anticompetitive effects, but has to show actual effects. The General Court dismissed Google’s arguments, holding that the categorisation of practice as abusive cannot be altered by the fact it ultimately did not achieve the desired result (para. 442, citing TeliaSonera, and as regards the duration of the conduct, Telefonica Espana). Even so, the General Court considered that the lack of actual effects may indicate that the conduct in question was not capable to restrict competition in the first place. Therefore, if the undertaking in question relies on the absence of actual effects to contest the conduct’s ability to harm competition, Intel (2017) is triggered, and the competition authority “must analyse all the relevant circumstances in order to decide what the position is” (para. 439).

Stay tuned for Part II of this post!

Photo by Anthony Indraus on Unsplash

Embracing rather than fighting digital regulation: Microsoft’s vision for the future

Yesterday, I attended a presentation by Brad Smith, Microsoft’s President and Vice-Chair, at an event organised by Brussels think tank Bruegel. I have listened to Brad Smith a few times in the past, but yesterday he was really at his best. He is a truly impressive public speaker and I liked the message he was there to deliver.

Most of the speech focused on cloud computing, but it also covered broader issues which I found particularly interesting.

Cloud computing is an area where Microsoft has been criticized in the recent past by associations representing European cloud computing providers (although I understand these were pushed in the back by Amazon, the number one provider of cloud computing services), some of which also filed an antitrust complaint to the European Commission. Brad Smith was there to make amend, but also explain what Microsoft was planning to do in order to alleviate the concerns expressed by European cloud providers. The details of Microsoft’s action plan can be found in a long blog post that was published on the corporate website of the company. I am therefore not going to describe this plan in great details as everyone can read that blog post.

Essentially, Brad Smith discussed two important Microsoft initiatives.

The first initiative is a set of five European Cloud Principles that Microsoft is adopting. According to these principles, Microsoft will:

ensure its public cloud meets Europe’s needs and supports Europe’s values.ensure its cloud provides a platform for the success of European software developers.partner with and support European Cloud Providers.provide cloud offerings that meet European governments sovereign needs in partnership with local trusted technology providers.recognize that European governments are regulating technology; Microsoft will adapt to and support these efforts.

While the first four principles are very much focused on cloud computing, the fifth one is broader in nature and I will return to it below.

The second initiative, which implements the third principle highlighted above, seeks to support European Cloud Providers so that they can more easily host a wide variety of Microsoft products on their cloud infrastructure. Specifically, Microsoft will enable and help European Cloud Providers to host and run Microsoft products on their infrastructure for customers, including products that have traditionally been licensed to run only on a customer’s own desktop or server computers (“on-premises” licenses). In addition, Microsoft intends to introduce greater licensing flexibility for customers. They will make changes inspired by the fair software licensing principles created by European cloud associations CIGREF and CISPE, which have been particularly vocal about Microsoft’s cloud computing practices. Microsoft will also create a team that will work directly with and forge close partnerships with European Cloud Providers.

I assume that these efforts are designed to alleviate the concerns expressed in the complaint that Microsoft has been the target of (so far the reaction of European cloud providers has been rather mixed, with for example the European Cloud Association welcoming Microsoft’s announcement while CISPE considers they fall short of addressing its concerns). My experience as a competition lawyer is that the sooner a company addresses the concerns included in a complaint, the better, as otherwise the company will be drawn in a lengthy battle.

Brad Smith made it very clear that the company has learnt the lessons of its past antitrust cases and doesn’t want to go there anymore. After failing in their attempt to have the Commission decision that had found Microsoft guilty of abusing its dominant position annulled by the General Court (then Court of First Instance) in 2007 (which Brad Smith described as a total loss), the company decided that they had enough. When it was investigated again one year later for tying Internet Explorer to Windows, Microsoft was quick to offer commitments to the Commission, which the latter accepted. Since then, Microsoft has been spared from Commission investigations, with the Commission turning its attention to its rivals Apple and Google.

In that context, the part of the speech that I found the most inspiring relates to the final principle outlined by Brad Smith in this presentation, which is the recognition that European governments are regulating technology and Microsoft will adapt to and support these efforts. For someone like me who has been supporting the need for regulating digital gatekeepers, I find this position inspiring and I hope that Microsoft will stick to it. Unlike other big tech companies, Microsoft has never criticized the DMA, although it is clear that the implementation of some of its provisions will create challenges for the company. By taking this constructive attitude, I am confident that Microsoft will do better in regulatory processes.

As noted in prior blog posts (see e.g., here), the implementation and enforcement of the DMA will present significant challenges for the European Commission. Things won’t be easy considering the criticisms made by other big tech companies as well as their lobbies (e.g., the CCIA). I am even more worried when I see Apple’s decision to not comply with the ACM order mandating it to allow dating app developers to use the in app payment solution of their choice, preferring instead to pay a weekly penalty of €5 million, as well as Google deciding to follow in Apple’s footsteps although Apple’s conduct has been condemned by the ACM as a breach of EU competition law and will, in any event, will be prohibited under the DMA.

In this context, Microsoft can be a role model for other large tech companies still fighting regulators even when the battle seems lost. Back in February Microsoft announced a set of Open App Store Principles in a proactive move to adapt ahead of regulation and further distance itself from Apple and Google (see here for our analysis of these principles).

The advantage of Brad Smith is that he has seen it all. He knows that fighting rearguard regulatory battles does not make sense in the long run. It is a costly distraction that harms the reputation of the company. It does not mean that large companies should not be allowed to defend their rights as regulators are not always right (and this is how the case law eventually develops), but it means that there is a point where it makes sense to move on. Microsoft has shown that you can be successful even after major regulatory setbacks.

The UK’s Digital Markets Unit: we’re not making any progress, but we promise we will “in due course”

Photo by David Jakab on

In the UK’s slow journey towards its Digital Markets Unit (“DMU”) regime, the Government has published its formal response to last summer’s consultation document (the “Response Document”). We now know that the necessary legislation will not be included in the next session of Parliament, and therefore will not be enacted within the next year, but at least this document confirms that it is still Government policy to do it “in due course” and “when Parliamentary time allows”.

The Response Document

The fundamentals of the regime are re-confirmed, for example:

The DMU will be part of the Competition and Markets Authority (“CMA”);The DMU will designate the activities of certain firms as having Strategic Market Status (“SMS”);The legal test for SMS will be based on substantial and entrenched market power in at least one digital activity, providing the firm with a strategic position;The DMU will write bespoke codes of conduct for each SMS firm;The DMU will have the ability to impose pro-competitive interventions (“PCIs”) such as interoperability to tackle the root causes of the SMS firms’ market power;SMS firms will be subject to an enhanced merger control regime; andThe DMU will be able to impose penalties of up to 10% of worldwide group revenues, and will have powers to impose interim measures and final orders.

This is all welcome. The UK’s framework for dealing with the digital gatekeepers is nicely crafted and sophisticated. Indeed, it is an excellent template for regulating in a fast-moving and complex industry without hindering innovation and investment.

The Response Document also includes some useful details, although it would be a lot more useful to see the wording of the draft legislation rather than another vaguely worded policy document.

Some of the details that jumped out at me included:

Objectives: The DMU’s objectives will be narrowly focused on competition and consumers rather than including a wider duty to protect the interests of “citizens”. In my view, this is a mistake because the DMU should have the duty to take account of issues such as privacy and press sustainability, which have always been core to the DMU proposals. The duty to consult with the other regulators such as the Information Commissioner’s Office and Ofcom will make up for the omission to some extent, but not entirely because the DMU will still take the final decision and it may choose to define the concept of “competition” narrowly.

Deadlines: Decisions to designate SMS firms and PCI decisions must be taken within nine months, extendable by a further three months. Tight deadlines like this have pros and cons for regulators. It will feel tight for the DMU case team, but it will also help the DMU to scope its inquiries proportionately and reject calls to dig deeper and deeper into issues ad infinitum. (I have always felt that antitrust investigations would benefit from statutory deadlines, but that’s a debate for another day).

Safe harbour:  There will be a minimum revenue threshold below which companies will have certainty that they cannot be designated as having SMS. The usefulness of this threshold obviously depends on how high it is set, so it is a shame that we still have no suggested figure to debate. Given that the Government has announced the regime will only apply to a “handful of firms”, we might assume that the threshold will (rightly) be set high enough to exclude non-gatekeeper firms such as Airbnb and

PCI test: The test for intervention will be based on finding an “adverse effect on competition”, which is the same test as the CMA’s existing market investigation test. The difference between the two regimes is more on the remedy side of things, where the PCI regime will enable more regular testing and tweaking of remedies.

Individual liability: There is a clear desire to make sure senior managers are made personally accountable for an SMS firm’s compliance. This is an important aspect of a regime that seeks to regulate the conduct of firms whose decisions are made overseas. The DMU will be able to disqualify individuals from acting as directors of companies (a power that has been effective for the CMA in competition cases) and it will be able to impose civil penalties on individuals.

Exemptions: One issue that policy officials have been considering in recent months was how to take account of conduct that may breach the rules, but has some wider countervailing benefits to consumers. The solution looks familiar to competition lawyers because it echoes the wording of Article 101(3) of the Treaty on the Functioning of the European Union. I hope that it is interpreted in practice as narrowly as that provision because otherwise SMS firms will be able too easily to plead privacy or innovation benefits for many breaches.

Merger control: The merger control provisions were quite confused in last summer’s consultation and therefore looked a bit under-cooked. It is therefore no surprise that this is where some of the more significant changes have been made. The Response Document sensibly tries to make the SMS regime align with the announced changes to the jurisdictional tests in the general merger control regime. SMS firms will be required to make mandatory notifications to the CMA for certain types of transactions, although it is not clear whether this will mean they are prevented from closing the transaction prior to CMA clearance. However, the CMA will be disappointed to see that the Government has rejected its proposals for lowering the standard of proof for intervening in mergers at Phase 2. I do wonder if the CMA’s prohibition of Meta/Giphy played a part here. If the CMA can block a foreign-to-foreign merger on (inter alia) horizontal unilateral effects grounds where the target business has no current activities in the UK, it does not seem that the standard of proof needs lowering!  Of course, the outcome of Meta’s appeal in this case is still pending, so we have not heard the last word in that case.

Information powers: The DMU’s information gathering powers will be enhanced compared to the Competition Act and Enterprise Act, both of which now look outdated in the digital age. The DMU will have the explicit ability to gather data held overseas, it will be able to interrogate how algorithms function, and it will be able to order SMS firms to carry out field testing, including A/B testing.

Funding: The regime will be funded by a levy on the SMS firms.

Overall, the Response Document is sensible and contains decisions that we would have expected. We can only hope that we now see some draft legislation as soon as possible.

News bargaining code

On the same day, the CMA and Ofcom published their advice to Government on a possible code that would govern the imbalance of power between platforms and content providers such as news publishers. This advice was given last November, so we must assume that its publication had been blocked by the Government up until now so as to make it coincide with the Response Document.

The CMA and Ofcom have advised that a bargaining code like the one already enacted in Australia would be effective. They would impose the code alongside some PCIs that would aim to address the source of the SMS firms’ market power.

The code would have four aims:

addressing concerns about the transparency of algorithms;giving publishers appropriate control over the presentation and branding of their content;improving the sharing of user data between publishers and those platforms that host their content; andredressing the imbalance in bargaining power in negotiations between publishers and platforms by providing a framework for the determination of fair financial terms for publishers’ content where this is hosted by large platforms with SMS.

The Government has agreed with their recommendation and is considering a final offer arbitration mechanism as a backstop for when the platform and the news publisher cannot agree a price. The details of this mechanism will be very interesting.

Final thoughts

There are plenty of initiatives in the tech sector in the UK at the moment that are seeking to promote competition in the years ahead. For example, the Digital Regulation Co-operation Forum, which is the alliance of UK regulators, has asked for submissions to inform its work on algorithms (the deadline for submissions is 8 June 2022).  And the CMA has ongoing antitrust investigations into Google, Apple and Meta (Amazon has so far escaped their attention).

However, it is now over three years since the Furman Report recommended the DMU regime. While the UK waits for “Parliamentary time”, the EU is racing ahead in enacting the Digital Markets Act and will be defining the meaning of core concepts such as interoperability, self-preferencing and leveraging. Brexit Britain will follow in the EU’s footsteps.

The CMA should revisit the conclusion of its online platforms and digital advertising market study, which was to rely on the Government to enact the DMU legislation rather than using its own extensive market investigation powers to achieve a similar outcome. If the CMA had launched a market investigation following the market study in July 2020, it would have completed it by now.

The CMA cannot wait forever, and it is by no means certain that the Government will ever enact the DMU legislation. A market investigation could implement some of the most urgent remedies, and these could then be folded into the DMU regime when, and if, it ever arrives. It would enable the CMA to hedge against continued Government inaction.

The CMA is currently proposing to make the same mistake a second time in its mobile ecosystems market study, the final report for which is due by 14 June 2022. Its interim report in December 2021 did foresee the situation in which we now find ourselves:

We may, for example, revisit our present decision not to make a reference if the legislation required to bring the proposed new regime into force is not laid before Parliament for some time, or its anticipated scope materially altered, such that it no longer appears to us that action by the DMU represents the most effective and timely means of addressing the issues we have identified.” (para 9.12)

Time to revisit.

When Brexit means falling behind: The probable death of the DMU regime

Everything had started well with the excellent Furman report, which emphasized the need to adopt an ex ante regulatory regime that would apply to Big Tech firms in the UK. That report had indeed found that competition rules would not be sufficient to control these firms’ market power.  The UK had the lead and was likely to become the first nation to adopt a coherent and flexible framework to regulate Big Tech. The UK government started the work on what this regulatory regime should look like and it was decided that a Digital Markets Unit (“DMU”) would be set up within the CMA. The DMU would designate firms with Significant Market Status (“SMS”) and adopt codes of conduct, pro-competition interventions, and an enhanced merger control regime. This approach was seen by many, including me, as preferable to the more rigid Digital Markets Act (“DMA”) to be soon formally adopted by the European Union.

Yet, the DMU, which now includes 60 officials, is largely toothless as it does not hold statutory powers. Such powers need to be included in a bill to be tabled in Parliament. Many hoped that this bill would be part of the UK government’s new legislative programme to be announced in the Queen’s speech on 10 May. Yet, the Financial Times reported this morning that the Queen’s speech will not include this bill. If this is correct, that would be a huge blow for the CMA and for the many civil servants that worked tirelessly on the DMU regime. But more importantly, this would be a setback for UK consumers and business users that depend on SMS firms.

Of course, this enabling legislation could be delayed by a year and placed in next year’s Queen speech, but I have my doubts. The apparent reason for not including the DMU bill in the government’s legislative programme is not that it is not ready or sound, but that it does not seem to fit the views of Number 10. Tellingly, the FT article reports that the prime minister’s deputy chief of staff has told colleagues that “Conservative governments don’t legislate their way to prosperity and growth.” So there you have it!

If confirmed, this unfortunate development would also leave in tatters the strategy of the CMA. The CMA had decided to rely on the Government to legislate instead of using its wide-ranging market investigation powers, and it decided not to use its antitrust powers to deal with some problematic practices that require comprehensive solutions, such as Google’s monopolization of ad tech or the parallel monopolies enjoyed by Apple and Google in mobile ecosystems. In the case of mobile ecosystems, the CMA can of course reconsider this strategy as the Final report of its Market Study has not been published yet.

Now, this does not mean that problematic practices by Big Tech firms can be left unchallenged. The CMA still enjoys quasi-regulatory powers through its ability to launch market studies and then market investigations, the latter allowing it to adopt significant remedies if needed. It has also shown itself able to impose quasi-regulatory remedies after an antitrust investigation in the Google Privacy Sandbox case. One can expect the CMA to make greater use of such tools.

Photo by Jack Finnigan on Unsplash