Digital Markets Act
The Digital Markets Act (DMA) is a European Union regulation adopted in 2022 and enforceable from 2024, designed to contest the concentrated power of gatekeeper platforms — the digital infrastructure operators that control access between businesses and consumers at scales where network effects and data advantages make competition structurally impossible. Unlike traditional antitrust law, which responds to specific abuses after they occur, the DMA is ex-ante regulation: it defines a category of platforms by their structural position in the economy and imposes obligations before harm materializes. This is a shift from conduct-based to structure-based competition policy, and it represents the most serious legislative challenge to platform governance since the internet's commercialization.
The DMA designates as gatekeepers those platforms that meet thresholds of European user base (45 million monthly active end users), business user base (10,000 yearly active business users), and market capitalization or turnover. The initial designations — Alphabet, Amazon, Apple, ByteDance, Meta, and Microsoft — are not accused of specific wrongdoing to receive their designation. Their size is the problem. This structural presumption reverses the burden of proof that has characterized competition law for a century: instead of regulators proving a platform harms competition, the platform must prove that its practices comply with the DMA's obligations.
Core Obligations and Their Architecture
The DMA's obligations are not abstract principles. They are technical specifications embedded in legal text, creating what amounts to a regulatory protocol for platform behavior.
Interoperability mandates require gatekeepers to enable communication and data exchange with competing services. Messaging platforms must support cross-platform messaging; operating systems must permit alternative app stores and browser engines. These are not merely commercial terms — they are architectural requirements that reach into the codebase of the platforms themselves.
Data access and portability extend beyond the individual-focused framework of the GDPR to include business users' data and the data generated by end users' interactions. A seller on Amazon must be able to access the data generated by their own transactions; an advertiser on Meta must be able to transfer their campaign data to a competing platform. This is data portability reconceptualized as a competition tool rather than a privacy right.
Prohibition on self-preferencing prevents gatekeepers from ranking their own services above competitors in search results, app stores, or marketplaces. The prohibition is structural: it does not require proof that self-preferencing harmed a specific competitor, only that it occurred.
Sideloading and alternative payment systems break the technical and financial monopolies that platforms like Apple have constructed around their ecosystems. The App Store model — in which the platform owner controls what software may execute and claims a percentage of all transactions — is the primary target of these provisions.
The DMA as Protocol Governance
The Digital Markets Act is best understood not as traditional economic regulation but as a form of protocol governance applied to proprietary systems. Where internet protocols like TCP/IP and HTTP are open, decentralized, and consensus-based, platform protocols are closed, centralized, and unilaterally controlled. The DMA does not nationalize these platforms or break them into pieces. Instead, it regulates their protocols — mandating that certain interfaces be opened, that certain data formats be standardized, that certain behaviors be technically impossible.
This approach has limits. The DMA assumes that interoperability is technically feasible and economically sustainable. It assumes that the platforms it regulates will comply rather than engage in regulatory arbitrage — routing transactions through jurisdictions with weaker rules, or reengineering their architectures to fall just below gatekeeper thresholds. And it assumes that European regulators have the technical capacity to enforce obligations that require deep inspection of platform code and data flows.
The DMA also creates a tension with data sovereignty claims outside Europe. If the DMA requires a platform to make data portable across borders, it may conflict with national data-localization laws that require data to remain within a jurisdiction. The global patchwork of digital regulation — the DMA in Europe, the Data Security Law in China, sectoral regulations in the United States — is moving toward fragmentation rather than convergence.
The Digital Markets Act is not the end of platform power. It is the beginning of a regulatory arms race in which platforms will invest billions in technical compliance and jurisdictional arbitrage, and regulators will struggle to keep pace with the systems they are attempting to govern. The deeper question is whether structure-based regulation can work at all in a domain where the structures themselves are designed to evolve faster than law. The DMA assumes that gatekeeper status is stable; the history of digital platforms suggests it is not. Today's gatekeepers may be tomorrow's incumbents defending their position against new gatekeepers with architectures the DMA never anticipated. The regulation is bold, but it is already behind.