In the digital age, the issue of privacy is more relevant than ever before. From the first steps towards digital privacy protection with the introduction of the General Data Protection Regulation (GDPR), the EU has played a central role in the development of policies aimed at balancing technological innovation and individual right to privacy. Digital privacy has become a central theme in public debate as our online activities and interactions leave digital footprints that raise questions of control, trust and privacy.

In a world where tech giants dominate the landscape and shape our daily lives, concerns about digital privacy are on many people's lips. The enormous influence and data volumes of these companies raise questions about how our personal information is handled and what price we pay for the digital convenience they offer. Our lives, both personal and professional, are increasingly dependent on digital technologies and it is crucial to ensure that this dependence does not compromise the individual's right to privacy.

In this context, the EU Commission's Digital Markets Act (DMA) introduces new rules for platforms that act as digital 'gatekeepers'.

What is the Digital Markets Act?

DMA introduces rules for platforms that act as"gatekeepers" in the digital sector. These are platforms that 1) have a significant impact on the internal market, 2) act as an important"gateway" for business users to reach their end users, and 3) enjoy, or are expected to enjoy, a fixed and lasting position.

The DMA aims to prevent so-called gatekeepers from imposing unfair conditions on businesses and end-users, as well as to ensure the openness of important digital services

Examples of changes that gatekeepers will need to implement include ensuring that end users can easily uninstall pre-installed software or stopping the default installation of applications and allowing for choice. On the other hand, gatekeepers must ensure that business users can access performance data on advertising campaigns and information on ad prices, allow developers to use alternative in-app payment systems and enable interoperability options for messenger systems.

A more elaborate series of examples of what gatekeepers must do as a result of DMA:

  • Allow third parties to collaborate (interoperate) with the gatekeeper's own services in certain specific situations
  • Give their business users access to the data they generate using the gatekeeper's platform
  • Provide companies that advertise on their platform with the necessary tools and information so that advertisers and publishers can perform their own independent verification of their ads hosted by the gatekeeper
  • Allow their business users to promote their offers and enter into contracts with their customers outside the gatekeeper's platform 

Examples of what gatekeepers can no longer do as a result of DMA:

  • Treat services and products offered by the gatekeeper itself more favorably in ranking than similar services or products offered by third parties on the gatekeeper's platform
  • Prevent consumers from linking to companies outside their platform
  • Prevent users from uninstalling pre-installed software or app if they want to
  • Track end users outside the gatekeeper's core platform service for targeted advertising without consent

What is defined as a gatekeeper?

The EU Commission defines a gatekeeper as a company that achieves an annual turnover in the European Economic Area (EEA) equal to or above €7.5 billion in each of the last three financial years, or where its average market value or equivalent real market value was at least €75 billion in the most recent financial year and which provides a core platform service (CPS) in at least three Member States.

Likewise, if the company operates a CPS with more than 45million monthly active end users established or located in the EU and more than 10,000 annually active business users established in the EU in the most recent financial year.

If the gatekeepers do not comply with the rules, theCommission can impose fines on the company of up to 10% of their worldwide turnover. Repeated violations can result in fines of up to 20%.

Who are the gatekeepers?

There are currently six companies that, based on the EUCommission's definition, can be categorized as gatekeepers. These are 1) Alphabet, owner of for example Google and its many subproducts and services, 2) Amazon, the West's largest E-commerce platform, 3) Apple, which owns the iOS operating system that can be found on smartphones, tablets and computers across the EU, 4) ByteDance, the company behind the media sensation TikTok, 5) Meta, owner of Facebook, Instagram and WhatsApp, and 6) Microsoft, which owns a wide range of platforms and products, including the Windows operating system, the Office suite and LinkedIn.

To paint the picture of the scale these companies operate on, you can see the six gatekeepers' CPSs illustrated below.

The DMA is already in its initial phase and will come into force in earnest on March 6, 2024, for which all gatekeepers must comply with the rules introduced by the DMA.

Why introduce DMA?

The purpose of The Digital Markets Act is to ensure a fair level of competition for all digital businesses, regardless of their size. The regulation will lay down clear rules for large platforms - a list of "dos and don'ts" - aimed at preventing them from imposing unfair conditions on businesses and consumers (see what gatekeepers from 6 March 2024 must do and what they can no longer do in the section “What is The Digital Markets Act?” above).

As a result of DMA, for example, the interoperability between messaging platforms will be improved, so that users of small or large platforms will be able to exchange messages, send files or make video calls across messaging apps.

The goal is for the rules to boost innovation, growth and competitiveness, and will help smaller companies and start-ups to compete with the big players.

How does it affect you?

As privacy takes up more and more of the digital agenda, you must continue to consider how you handle the user data you collect and use in your advertising. It is therefore recommended that you consider these four points:

1. Obtain user consent

Consent continues to be a critical component of any advertiser's data collection. As an advertiser, make sure you have the basics in place when collecting data from your users. This includes ensuring that you obtain consent before collecting or tracking users who visit your website or interact with any of your platforms. Many advertisers already have a basic grasp of this, but there are still some who have yet to complete these initial steps in their work with consent. There are many ways to do this, but we suggest using a dedicated consent management platform.

2. Migrate to Google Analytics 4

If you haven't already, make sure you migrate to GA4. Going forward, it will not be possible to share conversion data or audiences fromUniversal Analytics to Google Ads or the Google Marketing Platform.

3. Take advantage of Consent Mode

In order for you as an advertiser to seamlessly continue to work effectively with Google's advertising platform, you must ensure that youcommunicate your users' consent preferences to the advertising platforms throughout the GMP (Google Marketing Platform). The way you do this is by using Google Consent Mode, as this technology will ensure that your users' consent preferences are properly communicated to Google so that you can continue to leverage the power of GMP. If you do not integrate Google Consent Mode with your Google advertising solutions, you may experience reduced functionality during 2024, depending on your setup.

4. Upgrade to Google's latest APIs and SDK

In order for you to continue to use offline data as part of your online advertising within GMP, you must ensure that you follow Google's guidelines when it comes to passing consent signals as part of your offline data. You can do this effectively by using Google's API and SDKs (more information to follow by the end of 2023).

Do you have any questions or want to know more?
Then get in touch with Sebastian Lochte Nielsen, Partner Manager at Acceleration, at