How DMA gatekeepers are responding to the EU’s new competition rules — in their own words

The compliance deadline for the six tech giants regulated under the European Union’s Digital Markets Act (DMA) expired yesterday. Which means Alphabet/Google, Amazon, Apple, ByteDance/TikTok, Meta and Microsoft are now under active assessment by EU enforcers.

The bloc will monitor whether they’re abiding by DMA requirements to deal fairly with business users of their regulated core platform services and meeting other legal requirements in areas like data portability, platform interoperability and user choice. Failure to do so risks big fines — of up to 10% or even 20% of their global annual turnover.

The first batch of gatekeeper compliance reports — aka the non-confidential versions — have been published on the Commission’s DMA website. (See below for links to the individual reports.)

These reports provide varying levels of detail on actions taken in response to the regulation so far. Apple’s public-facing report is by far the briefest (just a 12-page summary, focused on changes to its App Store, iOS and Safari browser, though it’s written in quite readable prose), whereas Microsoft has opted for multi-part reportage — dividing disclosures into a series of discrete documents, related to its two designated core platform services (Windows and LinkedIn).

While Apple uses the public report as another opportunity to rail against the EU’s enforced changes to its “integrated, end-to-end system” — warning of the DMA creating “new avenues for malware, fraud and scams, illicit and harmful content, and other privacy and security threats” — Microsoft’s reporting seems intended to be too boring for anyone to bother reading. As well as breaking it out into multiple downloads, its compliance disclosures are written in dry legal language and include redactions, suggesting it’s opted to reproduce formal submissions to the Commission for this public-facing part of its DMA reporting obligations. The massive overall page toll is also notable.

Elsewhere, Amazon has produced the glossiest-looking report, packaging its DMA disclosures in a graphic wrapper of photos, charts and pull-quotes — for a distractingly ‘easy to skim’ business brochure vibe.

At over 200 pages, Google’s report is long and extremely dense. It’s also not very visually appealing as it’s written in light grey text with extensively hyperlinked footnotes, as well as being augmented with screenshots, diagrams and box-outs. The length is at least justified: Reflecting the fact a full eight of its products are designated as core platform services.

Social networking giants Meta and ByteDance have fewer regulated services — so, unsurprisingly, their reports hit a middling length.

ByteDance’s report reads like raw, redacted legalese, with no effort to polish anything. Whereas Meta has applied its usual thick PR gloss. It kicks off the report with a summary of how many employees (11,000) and engineering hours/technical work (590,000) it claims to have applied to working on its DMA response. It also top-loads the document with heavy spin about “new and meaningful choices” it claims it’s offering European users in response to the law.

Pity the Commission enforcers whose job will require wading through all these disclosures — and wrangling a lot more information — to determine whether or not the tech giants are actually DMA compliant.

For handy reference, we’ve rounded up links to the gatekeepers’ first batch of public-facing DMA compliance reports below.

If you’re looking for an analytic overview of the DMA, its aims and early impacts, check out our earlier explainer.

Links to gatekeeper DMA compliance reports:

Alphabet/Google (211 pages)

Amazon (32 pages)

Apple (12 pages)

ByteDance/TikTok (52 pages)

Meta (57 pages)

Microsoft being Microsoft it has split its non-confidential DMA compliance reporting into several discrete documents: Summary (13 pages); Windows PC OS (164 pages); LinkedIn (244 pages) — making a total of 421 pages.

Additionally, Microsoft has published a further five documents disclosing audits of the consumer profiling techniques used in its core platform services (here, here, here, here and here), the latter two of which are written by the third party it engaged for the audits (Deloitte) — adding a further 104 pages to its reporting tally. Or 525 pages in total for this reporting round.