Digital Markets Act (DMA)

febbraio 10 2026, di Paul Waite
19 tempo di lettura minimo

The Digital Markets Act has reshaped how the world’s largest technology platforms operate within the European Union. If you’re a business user relying on major platforms, an app developer seeking fair treatment, or simply a consumer wondering why your phone now asks you to choose a default browser, this regulation directly affects you.

This guide breaks down everything you need to know about the DMA—from gatekeeper designation to enforcement mechanisms—so you can understand how this landmark legislation is transforming digital markets across the EU.

Quick facts: what the Digital Markets Act does

The DMA (Regulation (EU) 2022/1925) is an EU law designed to ensure large digital platforms—designated as “gatekeepers”—behave fairly toward business users and european consumers.
The regulation entered into force on 1 November 2022 and has applied since 2 May 2023, with full gatekeeper compliance required from 6 March 2024.
It targets specific core platform services (online search engines, app stores, online social networking, operating systems, online marketplaces, and more) when provided by large companies with entrenched market power.
The DMA adds ex-ante rules (clear do’s and don’ts) on top of traditional antitrust enforcement and is enforced centrally by the european commission.
Headline sanctions include fines up to 10% of global annual turnover (20% for repeated non compliance) and potential structural remedies for systematic violations.

What is the Digital Markets Act? (Regulation (EU) 2022/1925)

The Digital Markets Act stands as a cornerstone of the EU digital strategy, sitting alongside the Digital Services Act (DSA), GDPR, and the Platform-to-Business (P2B) Regulation. Its full legal citation is Regulation (EU) 2022/1925 of the European Parliament and of the Council of 14 September 2022 on contestable and fair markets in the digital sector.

The DMA aims to address structural problems in digital markets—network effects, data advantages, and lock-in dynamics—by imposing harmonised rules directly on designated gatekeepers. This regulation applies irrespective of where a company is headquartered, as long as it serves business users or end users established or located in the EU.

Unlike traditional competition law, which requires lengthy case-by-case investigations after harm occurs, the DMA takes a forward-looking approach with pre-defined obligations imposed on all relevant core platform service providers meeting specific thresholds. This enables faster intervention before unfair practices become entrenched.

The DMA’s core regulatory objectives include:

Ensuring contestable and fair markets for core platform services
Preventing gatekeepers from leveraging their position to disadvantage competitors
Promoting innovation by reducing barriers for market participants
Expanding consumer choice and control over personal data

Timeline and legislative process

The DMA emerged from the 2020 European Digital Strategy, part of a broader wave of EU tech regulation aimed at creating fair markets and protecting users in the digital sector.

The European Commission presented the DMA proposal on 15 December 2020, alongside the Digital Services Act. The european parliament adopted its position in December 2021 and reached a political agreement with the Council on 24 March 2022.

Key dates in the DMA’s development:

14 September 2022: Formal adoption of the Regulation
12 October 2022: Publication in the Official Journal of the EU
1 November 2022: Entry into force
2 May 2023: Start of application
3 July 2023: Deadline for companies to notify potential gatekeeper status
6 September 2023: Commission designated the first gatekeepers
6 March 2024: Deadline for gatekeepers to fully comply with all obligations imposed

The Commission must review the Regulation’s effectiveness every three years, with a first comprehensive evaluation expected around 2026. Non compliance investigations began in March 2024, marking the start of active enforcement.

Key concepts and definitions under the DMA

Articles 1–2 of the DMA establish the core terms that determine who falls under regulation and for which services. Understanding these definitions is essential for navigating the Regulation’s requirements.

A gatekeeper is an undertaking designated by the Commission that meets specific quantitative thresholds and qualitative criteria, providing an important gateway between business users and end users. Gatekeepers control access to digital markets in ways that give them significant impact over how other businesses reach end users.

Core platform services covered by the DMA include:

Online intermediation services (marketplaces, app stores)
Online search engines
Online social networking services
Video sharing platform services
Number-independent interpersonal communications services (messaging apps)
Operating systems
Web browsers
Virtual assistants
Cloud computing services
Online advertising services (including providing online advertising services across networks)

Additional key terms:

Business users: Companies that use core platform services to reach end users (merchants, app developers, advertisers)
End user: Any natural or legal person using core platform services for purposes outside their trade or business
Ranking: The relative prominence given to products or services in search results or recommendations

The DMA focuses on specific services rather than entire companies—a single company can have multiple designated core platform services while other services remain unaffected. All definitions apply uniformly across member states to prevent legal fragmentation in the internal market.

How companies become gatekeepers

The Commission designates gatekeepers through a structured process combining quantitative thresholds with qualitative assessment. Companies meeting certain size and user metrics are presumed to be gatekeepers unless they can rebut this presumption with substantiated evidence.

Quantitative thresholds under Article 3:

Criterion	Threshold
Annual EU turnover	At least €7.5 billion in each of the last three financial years
Market capitalisation	At least €75 billion (or equivalent fair market value)
Geographic reach	Same relevant core platform service provided in at least three member states
Monthly active end users	At least 45 million located in the EU
Yearly active business users	At least 10,000 established in the EU

Companies meeting these thresholds must notify the Commission without undue delay, providing detailed and verifiable data. The Commission then has 45 working days to adopt a designation decision once complete information is received.

Beyond quantitative thresholds, the Commission can designate gatekeepers based on qualitative evidence—strong network effects, data-driven advantages, vertical integration, or significant lock-in effects that limit users from switching to similar services.

Designation decisions are reviewed at least every three years, and the Commission maintains a public list of gatekeepers and their designated core platform services.

Identified gatekeepers and core platform services (as of 2024–2025)

On 6 September 2023, the European Commission designated the first six gatekeeper companies, listing 22 core platform services. This list has since been updated through ongoing market investigation processes.

Designated gatekeepers as of late 2024/early 2025:

Alphabet – Google Search, Google Play (software application store), YouTube, Google Maps, Google Shopping, Google Chrome, Android, and online advertising services
Amazon – Amazon Marketplace and Amazon Ads
Apple – iOS, Safari, App Store, and iPadOS (added April 2024)
ByteDance – TikTok
Meta – Facebook, Instagram, WhatsApp, Messenger, and Meta Ads
Microsoft – Windows, LinkedIn

The April 2024 decision to classify Apple’s iPadOS as an additional core platform service followed a market investigation under Article 17 DMA. This demonstrates the Commission’s active approach to expanding the regulatory perimeter when services provided meet gatekeeper criteria.

In February 2024, the Commission investigated but ultimately did not designate Microsoft’s Bing, Edge, and Microsoft Advertising, as well as Apple’s iMessage, finding they did not meet the relevant thresholds at that stage.

Several large digital firms—including Booking.com, Airbnb, Spotify, X (formerly Twitter), and Samsung—have been scrutinised but remain undesignated as of late 2024. Some fall short of user thresholds, while others remain under ongoing assessment.

The Commission conducts annual checks for new potential gatekeepers and periodically updates the public list. This dynamic approach ensures emerging online platforms with growing market power can be captured by the regulatory framework.

Obligations and prohibitions for gatekeepers

The DMA’s core consists of a detailed catalogue of obligations and prohibitions in Articles 5–7, applicable to each designated core platform service. These rules aim to prevent unfair practices and ensure business users and consumers can access digital markets without facing unfair conditions.

Article 5 “hard” obligations (immediately applicable):

Prohibition on combining personal data across core platform services without explicit, GDPR-compliant consent from the end user
Ban on using personal data of business users and their customers for competing own services
Requirement allowing business users to offer products or services at different prices or conditions on other channels
Prohibition on requiring business users to use the gatekeeper’s identification or payment services
Ban on preventing business users from raising issues with public authorities about gatekeeper practices

Article 6 obligations (subject to further specification):

Ban on self-preferencing in rankings—gatekeepers cannot favour own services over those of competitors in search results
Requirement to allow installation of third party app stores and sideloading of software applications
Prohibition on tying core platform services to other services in ways that limit user choice
Obligation to provide advertisers and publishers with price paid information and performance data for independent verification
Requirement to enable end users to easily uninstall pre-installed apps and change default settings for web browsers, online search, and virtual assistants

Article 7 interoperability obligations for messaging services:

Gatekeepers providing number-independent interpersonal communications services must enable interoperability with third-party messaging providers. This includes phased timelines for cross-service text messaging, image and video sharing, and eventually voice and video calls—all while preserving end-to-end encryption and security standards.

User choice measures:

Enable end users to easily uninstall pre-installed software applications
Allow changing defaults for browsers, search engines, and virtual assistants without requiring excessive steps
Prohibit dark patterns that nudge users toward gatekeeper services through manipulative design

Gatekeepers must produce detailed compliance roadmaps and annual reports. The Commission can specify how particular obligations should be implemented, particularly for technically complex requirements around data generated by business users.

Compliance, enforcement, and sanctions

Enforcement of the DMA is centralised—the European Commission serves as the sole enforcer, primarily through DG Competition and DG CONNECT (digital policy). This structure reflects the cross-border nature of gatekeepers’ activities and ensures consistent application across member states.

Commission investigative powers include:

Formal requests for information from gatekeepers and third parties
Interviews with company representatives and witnesses
Dawn raids and on-site inspections
Market investigations into new services or potential systematic non compliance
Interim measures in urgent cases to prevent serious harm

Compliance process requirements:

Gatekeepers must submit detailed compliance descriptions within six months of designation
Non-confidential summaries must be published annually
Regulatory dialogue is required when obligations need technical specification
The digital markets advisory committee assists the Commission in enforcement matters

Sanctions for violations:

Violation Type	Maximum Fine
Standard infringement	10% of total worldwide turnover
Repeated non compliance	20% of total worldwide turnover
Periodic penalty payments	5% of average daily turnover
Systematic non compliance	Structural remedies, including potential divestiture

For systematic non compliance—defined as at least three non compliance decisions within eight years—the Commission can impose structural or behavioural remedies, potentially including bans on acquisitions related to the non-compliant core platform service.

Early enforcement has been active. In 2024-2025, the Commission opened investigations into several gatekeepers, with reports of significant fines being imposed against major platforms like Apple and Meta for alleged DMA violations. These actions signal that enforcement is not merely theoretical.

All Commission decisions are subject to judicial review by the Court of Justice of the European Union, which has unlimited jurisdiction regarding fines and penalty payments under competition law and the markets act.

Interaction with EU and national laws

The DMA operates within a wider EU legal ecosystem and is specifically designed to avoid regulatory fragmentation across member states while complementing existing competition rules.

Relationship with EU competition law:

The DMA complements traditional antitrust enforcement under Articles 101 and 102 TFEU. While competition law addresses anti-competitive conduct through case-by-case investigations, the DMA sets ex-ante rules preventing harmful behaviour before it occurs. Both frameworks can apply simultaneously—conduct may violate the DMA while also triggering antitrust proceedings.

Interaction with other EU digital and data laws:

GDPR: Data combination across services requires GDPR-compliant consent; the DMA reinforces this by prohibiting forced consent as a condition of service use
Digital Services Act: Addresses content moderation and systemic risk, while DMA focuses on market power and fairness
P2B Regulation: Establishes transparency requirements for online platforms; DMA adds specific obligations for designated gatekeepers
Consumer protection rules: Continue to apply alongside DMA provisions

National regulatory coordination:

Member states cannot impose additional obligations on DMA gatekeepers regarding the core platform services and objectives already covered by the Regulation. This prevents divergent national gatekeeper regimes and ensures a harmonised approach across the internal market.

However, national competition authorities retain important roles. They can investigate non-gatekeepers under national or EU antitrust laws, assist the Commission in DMA investigations, and must cooperate to ensure consistent application. Germany, for instance, has used its national competition rules in parallel proceedings against large digital platforms, demonstrating how national authorities and the Commission can work in coordination.

France has been among the most vocal member states advocating for robust DMA enforcement, while national authorities across the EU contribute to the identification of potential gatekeeper candidates and market developments requiring regulatory attention.

Benefits and impacts of the DMA

The DMA aims to benefit multiple stakeholder groups: business users (especially SMEs and start-ups), consumers, and the broader digital economy in the EU.

Benefits for business users:

Lower barriers to enter or expand in markets dominated by large online platforms
Greater bargaining power for merchants and app developers in negotiations with gatekeepers
Access to non aggregated data and performance metrics needed to compete effectively
Protection against unfair delisting, ranking manipulation, or requiring business users to accept unfavourable terms
Ability to communicate directly with customers and offer products or services through alternative channels

Benefits for european consumers:

Expanded choice of apps, software applications, and services beyond gatekeeper offerings
Greater transparency in how rankings and advertising services operate
Potential for lower prices and higher quality as competition increases among market participants
Improved control over personal data and clearer consent mechanisms
Access to third party app stores and alternative payment options

Innovation impacts:

The DMA’s restrictions on self-preferencing, unfair bundling, and data hoarding should create space for new services and business models. Areas likely to see increased competition include messaging interoperability, app distribution beyond traditional app stores, and cloud computing services where data collected by gatekeepers previously created insurmountable advantages.

Potential challenges:

Increased compliance complexity for large companies designated as gatekeepers
Changes in product design (new consent prompts, choice screens, modified search results)
Ongoing debates balancing privacy concerns with interoperability requirements
Risk of lower quality experiences if gatekeepers reduce investment in services subject to heavy obligations

Global regulatory influence:

The DMA has inspired similar regulatory approaches worldwide. The UK’s Digital Markets, Competition and Consumers Act 2024 adopts comparable gatekeeper-style regulation. India, Japan, and other jurisdictions have introduced or proposed rules drawing on the DMA’s framework, suggesting the EU’s approach may become a global template for governing other businesses in the digital sector.

Frequently asked questions about the Digital Markets Act

Which services count as core platform services under the DMA?

The DMA covers ten categories of core platform services: online intermediation services (marketplaces), online search engines, online social networking services, video sharing platform services, number-independent interpersonal communications services (messaging), operating systems, web browsers, virtual assistants, cloud computing services, and online advertising services. A service only falls under DMA obligations when provided by a designated gatekeeper meeting the size and user thresholds.

How does the DMA affect app developers and merchants?

App developers gain significant new rights under the DMA. They can communicate directly with customers acquired through gatekeeper platforms, use alternative payment systems without being forced into gatekeeper services, access real time access to performance and data generated through the platform, and challenge unfair delisting or ranking decisions. Merchants using online marketplaces similarly benefit from prohibitions against gatekeepers leveraging data collected from business user transactions to compete against those same merchants.

Who enforces the DMA and how can decisions be challenged?

The European Commission is the sole enforcer of DMA rules, with DG Competition and DG CONNECT leading enforcement efforts. Companies subject to adverse decisions can appeal to the Court of Justice of the European Union, which has full jurisdiction to review fines and penalty payments. National competition authorities assist the Commission but cannot independently enforce DMA obligations against gatekeepers.

How does the DMA relate to GDPR consent?

The DMA explicitly incorporates GDPR standards for data combination across core platform services. Gatekeepers cannot combine personal data from different services without freely given, specific, and informed consent. Critically, consent cannot be forced as a condition of using the service—users must have genuine choice, and gatekeepers cannot use dark patterns to manipulate consent decisions.

Does the DMA apply to non-EU companies?

Yes. The DMA applies based on where users are located, not where companies are headquartered. Any company providing core platform services to a large number of business users established in the EU or end users located in the EU can be designated as a gatekeeper, regardless of its home jurisdiction. This explains why American companies like Alphabet, Amazon, Apple, and Meta, along with China-based ByteDance, are all subject to DMA obligations.

What happens if a gatekeeper doesn’t comply?

Non compliance can result in fines up to 10% of global annual turnover for initial violations and 20% for repeated infringements. The Commission can also impose periodic penalty payments of up to 5% of average daily turnover for ongoing breaches. In cases of systematic non compliance (three or more decisions in eight years), structural remedies—including forced divestiture of business units—become available.

Can national authorities add their own rules for gatekeepers?

No. Member states cannot impose additional obligations on gatekeepers regarding matters covered by the DMA. This ensures companies face a single harmonised regulatory framework rather than 27 different national approaches. However, national authorities can still apply general competition rules and case law to non-gatekeepers or conduct falling outside the DMA’s specific scope.

Outlook and future developments

The DMA remains in its initial enforcement phase, with its full impact still emerging through guidance documents, enforcement decisions, and periodic reviews.

The Commission can adopt implementing acts, guidelines, and standardisation mandates to clarify technical details—interoperability specifications, measurement methodologies for active users, and data access formats. These technical standards will significantly shape how obligations translate into practical compliance requirements for services provided by gatekeepers.

Areas to watch:

Ongoing market investigations may add new types of core platform services if harmful practices emerge in areas like generative AI, smart devices, or emerging advertising services
The three-year evaluation cycle may trigger legislative amendments if the initial framework proves insufficient or creates unintended burdens
Early enforcement decisions and resulting court rulings will refine interpretation of key obligations, particularly around interoperability and data access
New services launched by gatekeepers may require designation assessments, expanding the regulatory perimeter

The DMA’s interaction with parallel regimes in other jurisdictions—including the UK, Japan, and potentially the United States—will shape a new global governance model for large digital platforms. As enforcement matures and gatekeepers adapt their practices, the coming years will reveal whether the DMA achieves its ambitious goals of creating contestable and fair markets in the digital sector.

For business users, app developers, and anyone operating in european digital markets, staying informed about DMA developments is no longer optional—it’s essential for navigating an increasingly regulated landscape. The Commission’s public announcements, gatekeeper compliance reports, and enforcement decisions provide the most authoritative sources for tracking how these rules evolve in practice.