Digital Markets Act

meta-defends-charging-fee-for-privacy-amid-showdown-with-eu

Meta defends charging fee for privacy amid showdown with EU

anti-competition, competition law, data privacy, Digital Markets Act, dma, European Commission, European Union, gdpr, General Data Protection Regulation, noyb, Policy / /
Meta defends charging fee for privacy amid showdown with EU

Meta continues to hit walls with its heavily scrutinized plan to comply with the European Union’s strict online competition law, the Digital Markets Act (DMA), by offering Facebook and Instagram subscriptions as an alternative for privacy-inclined users who want to opt out of ad targeting.

Today, the European Commission (EC) announced preliminary findings that Meta’s so-called “pay or consent” or “pay or OK” model—which gives users a choice to either pay for access to its platforms or give consent to collect user data to target ads—is not compliant with the DMA.

According to the EC, Meta’s advertising model violates the DMA in two ways. First, it “does not allow users to opt for a service that uses less of their personal data but is otherwise equivalent to the ‘personalized ads-based service.” And second, it “does not allow users to exercise their right to freely consent to the combination of their personal data,” the press release said.

Now, Meta will have a chance to review the EC’s evidence and defend its policy, with today’s findings kicking off a process that will take months. The EC’s investigation is expected to conclude next March. Thierry Breton, the commissioner for the internal market, said in the press release that the preliminary findings represent “another important step” to ensure Meta’s full compliance with the DMA.

“The DMA is there to give back to the users the power to decide how their data is used and ensure innovative companies can compete on equal footing with tech giants on data access,” Breton said.

A Meta spokesperson told Ars that Meta plans to fight the findings—which could trigger fines up to 10 percent of the company’s worldwide turnover, as well as fines up to 20 percent for repeat infringement if Meta loses.

Meta continues to claim that its “subscription for no ads” model was “endorsed” by the highest court in Europe, the Court of Justice of the European Union (CJEU), last year.

“Subscription for no ads follows the direction of the highest court in Europe and complies with the DMA,” Meta’s spokesperson said. “We look forward to further constructive dialogue with the European Commission to bring this investigation to a close.”

However, some critics have noted that the supposed endorsement was not an official part of the ruling and that particular case was not regarding DMA compliance.

The EC agreed that more talks were needed, writing in the press release, “the Commission continues its constructive engagement with Meta to identify a satisfactory path towards effective compliance.”

Meta defends charging fee for privacy amid showdown with EU Read More »

microsoft-risks-huge-fine-over-“possibly-abusive”-bundling-of-teams-and-office

Microsoft risks huge fine over “possibly abusive” bundling of Teams and Office

alfaview, anticompetitive behavior, Antitrust law, Digital Markets Act, European Commission, European Union, Google, microsoft, monopoly, Policy, SaaS, slack, software as a service / /
A screen shows a virtual meeting with Microsoft Teams at a conference on January 30, 2024 in Barcelona, Spain.

Enlarge / A screen shows a virtual meeting with Microsoft Teams at a conference on January 30, 2024 in Barcelona, Spain.

Microsoft may be hit with a massive fine in the European Union for “possibly abusively” bundling Teams with its Office 365 and Microsoft 365 software suites for businesses.

On Tuesday, the European Commission (EC) announced preliminary findings of an investigation into whether Microsoft’s “suite-centric business model combining multiple types of software in a single offering” unfairly shut out rivals in the “software as a service” (SaaS) market.

“Since at least April 2019,” the EC found, Microsoft’s practice of “tying Teams with its core SaaS productivity applications” potentially restricted competition in the “market for communication and collaboration products.”

The EC is also “concerned” that the practice may have helped Microsoft defend its dominant market position by shutting out “competing suppliers of individual software” like Slack and German video-conferencing software Alfaview. Makers of those rival products had complained to the EC last year, setting off the ongoing probe into Microsoft’s bundling.

Customers should have choices, the EC said, and seemingly at every step, Microsoft sought instead to lock customers into using only its software.

“Microsoft may have granted Teams a distribution advantage by not giving customers the choice whether or not to acquire access to Teams when they subscribe to their SaaS productivity applications,” the EC wrote. This alleged abusive practice “may have been further exacerbated by interoperability limitations between Teams’ competitors and Microsoft’s offerings.”

For Microsoft, the EC’s findings are likely not entirely unexpected, although Tuesday’s announcement must be disappointing. The company had been hoping to avoid further scrutiny by introducing some major changes last year. Most drastically, Microsoft began “offering some suites without Teams,” the EC said, but even that wasn’t enough to appease EU regulators.

“The Commission preliminarily finds that these changes are insufficient to address its concerns and that more changes to Microsoft’s conduct are necessary to restore competition,” the EC said, concluding that “the conduct may have prevented Teams’ rivals from competing, and in turn innovating, to the detriment of customers in the European Economic Area.”

Microsoft will now be given an opportunity to defend its practices. If the company is unsuccessful, it risks a potential fine up to 10 percent of its annual worldwide turnover and an order possibly impacting how the leading global company conducts business.

In a statement to Ars, Microsoft President Brad Smith confirmed that the tech giant would work with the commission to figure out a better solution.

“Having unbundled Teams and taken initial interoperability steps, we appreciate the additional clarity provided today and will work to find solutions to address the commission’s remaining concerns,” Smith said.

The EC’s executive vice-president in charge of competition policy, Margrethe Vestager, explained in a statement why the commission refuses to back down from closely scrutinizing Microsoft’s alleged unfair practices.

“We are concerned that Microsoft may be giving its own communication product Teams an undue advantage over competitors by tying it to its popular productivity suites for businesses,” Vestager said. “And preserving competition for remote communication and collaboration tools is essential as it also fosters innovation” in these markets.

Changes coming to EU antitrust law in 2025

The EC initially launched its investigation into Microsoft’s allegedly abusive Teams bundling last July. Its probe came after Slack and Alfaview makers complained that Microsoft may be violating Article 102 of the Treaty on the Functioning of the European Union (TFEU), “which prohibits the abuse of a dominant market position.”

Nearly one year later, there’s no telling when the EC’s inquiry into Microsoft Teams will end. Microsoft will have a chance to review all evidence of infringement gathered by EU regulators to form its response. After that, the EC will review any additional evidence before making its decision, and there is no legal deadline to complete the antitrust inquiry, the EC said.

It’s possible that the EC’s decision may come next year when the EU is preparing to release new guidance to more “vigorously” and effectively enforce TFEU.

Last March, the EC called for stakeholder feedback after rolling out “the first major policy initiative in the area of abuse of dominance rules.” The initiative sought to update TFEU for the first time since 2008 based on reviewing relevant case law.

“A robust enforcement of rules on abuse of dominance benefits both consumers and a stronger European economy,” Vestager said at that time. “We have carefully analyzed numerous EU court judgments on the application of Article 102, and it is time for us to start working on guidelines reflecting this case law.”

Microsoft risks huge fine over “possibly abusive” bundling of Teams and Office Read More »

apple-must-open-ipados-to-sideloading-within-6-months,-eu-says

Apple must open iPadOS to sideloading within 6 months, EU says

Apple, apple digital markets act, Digital Markets Act, dma, EU, iOS, ipad, Tech / /

big regulations for a big iphone —

iPads must comply with the same DMA regulations as the iPhone.

Apple must open iPadOS to sideloading within 6 months, EU says

Andrew Cunningham

Starting in March with the release of iOS 17.4, iPhones in the European Union have been subject to the EU’s Digital Markets Act (DMA), a batch of regulations that (among other things) forced Apple to support alternate app stores, app sideloading, and third-party browser engines in iOS for the first time. Today, EU regulators announced that they are also categorizing Apple’s iPadOS as a “gatekeeper,” meaning that the iPad will soon be subject to the same regulations as the iPhone.

The EU began investigating whether iPadOS would qualify as a gatekeeper in September 2023, the same day it decided that iOS, the Safari browser, and the App Store were all gatekeepers.

“Apple now has six months to ensure full compliance of iPadOS with the DMA obligations,” reads the EU’s blog post about the change.

Apple technically split the iPad’s operating system from the iPhone’s in 2019 when it began calling its tablet operating system “iPadOS” instead of iOS. But practically speaking, little separates the two operating systems under the hood. Both iOS and iPadOS share the same software build numbers, they’re updated in lockstep (with rare exceptions), and most importantly for DMA compliance purposes, they pull software from the same locked-down App Store with the same Apple-imposed restrictions in place.

Apps distributed through alternate app stores or third-party websites will have to abide by many of Apple’s rules and will still generally be limited to using Apple’s public APIs. However, the ability to use alternate app stores and browser engines on the iPad’s large screen (and the desktop-class M-series chips) could make the tablets better laptop replacements by allowing them to do more of the things that Mac users can do on their systems.

Though Apple has made multiple changes to iOS in the EU to comply with the DMA, EU regulators are already investigating Apple (as well as Google and Meta) for “non-compliance.” Depending on the results of that investigation, the EU may require Apple to make more changes to the way it allows third-party apps to be installed in iOS and to the way that third-party developers are allowed to advertise non-Apple app store and payment options. Any changes that Apple makes to iOS to comply with the investigation’s findings will presumably trickle down to the iPad as well.

Of course, none of this directly affects US-based iPhone or iPad users, whose devices remain restricted to Apple’s app stores and the WebKit browsing engine. That said, we have seen some recent App Store rule changes that have arguably trickled down from Apple’s attempts to comply with the DMA, most notably policy changes that have allowed (some, not all) retro game console emulators into the App Store for the first time.

Apple must open iPadOS to sideloading within 6 months, EU says Read More »

facebook,-instagram-may-cut-fees-by-nearly-50%-in-scramble-for-dma-compliance

Facebook, Instagram may cut fees by nearly 50% in scramble for DMA compliance

Digital Markets Act, dma, European Union, facebook, Facebook marketplace, facebook messenger, gdpr, General Data Protection Regulation, Instagram, Meta, Online Privacy, Policy / /
Facebook, Instagram may cut fees by nearly 50% in scramble for DMA compliance

Meta is considering cutting monthly subscription fees for Facebook and Instagram users in the European Union nearly in half to comply with the Digital Market Act (DMA), Reuters reported.

During a day-long public workshop on Meta’s DMA compliance, Meta’s competition and regulatory director, Tim Lamb, told the European Commission (EC) that individual subscriber fees could be slashed from 9.99 euros to 5.99 euros. Meta is hoping that reducing fees will help to speed up the EC’s process for resolving Meta’s compliance issues. If Meta’s offer is accepted, any additional accounts would then cost 4 euros instead of 6 euros.

Lamb said that these prices are “by far the lowest end of the range that any reasonable person should be paying for services of these quality,” calling it a “serious offer.”

The DMA requires that Meta’s users of Facebook, Instagram, Facebook Messenger, and Facebook Marketplace “freely” give consent to share data used for ad targeting without losing access to the platform if they’d prefer not to share data. That means services must provide an acceptable alternative for users who don’t consent to data sharing.

“Gatekeepers should enable end users to freely choose to opt-in to such data processing and sign-in practices by offering a less personalized but equivalent alternative, and without making the use of the core platform service or certain functionalities thereof conditional upon the end user’s consent,” the DMA says.

Designated gatekeepers like Meta have debated what it means for a user to “freely” give consent, suggesting that offering a paid subscription for users who decline to share data would be one route for Meta to continue offering high-quality services without routinely hoovering up data on all its users.

But EU privacy advocates like NOYB have protested Meta’s plan to offer a subscription model instead of consenting to data sharing, calling it a “pay or OK model” that forces Meta users who cannot pay the fee to consent to invasive data sharing they would otherwise decline. In a statement shared with Ars, NOYB chair Max Schrems said that even if Meta reduced its fees to 1.99 euros, it would be forcing consent from 99.9 percent of users.

“We know from all research that even a fee of just 1.99 euros or less leads to a shift in consent from 3–10 percent that genuinely want advertisement to 99.9 percent that still click yes,” Schrems said.

In the EU, the General Data Protection Regulation (GDPR) “requires that consent must be ‘freely’ given,” Schrems said. “In reality, it is not about the amount of money—it is about the ‘pay or OK’ approach as a whole. The entire purpose of ‘pay or OK’, is to get users to click on OK, even if this is not their free and genuine choice. We do not think the mere change of the amount makes this approach legal.”

Where EU stands on subscription models

Meta expects that a subscription model is a legal alternative under the DMA. The tech giant said it was launching EU subscriptions last November after the Court of Justice of the European Union (CJEU) “endorsed the subscriptions model as a way for people to consent to data processing for personalized advertising.”

It’s unclear how popular the subscriptions have been at the current higher cost. Right now in the EU, monthly Facebook and Instagram subscriptions cost 9.99 euros per month on the web or 12.99 euros per month on iOS and Android, with additional fees of 6 euros per month on the web and 8 euros per month on iOS and Android for each additional account. Meta declined to comment on how many EU users have subscribed, noting to Ars that it has no obligation to do so.

In the CJEU case, the court was reviewing Meta’s GDPR compliance, which Schrems noted is less strict than the DMA. The CJEU specifically said that under the GDPR, “users must be free to refuse individually”—”in the context of” signing up for services— “to give their consent to particular data processing operations not necessary” for Meta to provide such services “without being obliged to refrain entirely from using the service.”

Facebook, Instagram may cut fees by nearly 50% in scramble for DMA compliance Read More »

apple’s-imessage-is-not-a-“core-platform”-in-eu,-so-it-can-stay-walled-off

Apple’s iMessage is not a “core platform” in EU, so it can stay walled off

Apple, beeper, beeper mini, brendan carr, Digital Markets Act, European Union, FCC, federal communications commission, iMessage, IPhone, messaging, Policy, SMS, Tech / /

Too core to fail —

Microsoft’s Edge browser, Bing search, and ad business also avoid regulations.

Apple Messages in a Mac dock

Getty Images

Apple’s iMessage service is not a “gatekeeper” prone to unfair business practices and will thus not be required under the Fair Markets Act to open up to messages, files, and video calls from other services, the European Commission announced earlier today.

Apple was one of many companies, including Google, Amazon, Alphabet (Google’s parent company), Meta, and Microsoft to have its “gatekeeper” status investigated by the European Union. The iMessage service did meet the definition of a “core platform,” serving at least 45 million EU users monthly and being controlled by a firm with at least 75 billion euros in market capitalization. But after “a thorough assessment of all arguments” during a five-month investigation, the Commission found that iMessage and Microsoft’s Bing search, Edge browser, and ad platform “do not qualify as gatekeeper services.” The unlikelihood of EU demands on iMessage was apparent in early December when Bloomberg reported that the service didn’t have enough sway with business users to demand more regulation.

Had the Commission ruled otherwise, Apple would have had until August to open its service. It would have been interesting to see how the company would have complied, given that it provides end-to-end encryption and registers senders based on information from their registered Apple devices.

Google had pushed the Commission to force Apple into “gatekeeper status,” part of Google’s larger campaign to make Apple treat Android users better when they trade SMS messages with iPhone users. While Apple has agreed to take up RCS, an upgraded form of carrier messaging with typing indicators and better image and video quality, it will not provide encryption for Android-to-iPhone SMS, nor remove the harsh green coloring that particularly resonates with younger users.

Apple is still obligated to comply with the Digital Markets Act’s other implications on its iOS operating system, its App Store, and its Safari browser. The European Union version of iOS 17.4, due in March, will offer “alternative app marketplaces,” or sideloading, along with the tools so that those other app stores can provide updates and other services. Browsers on iOS will also be able to use their own rendering engines rather than providing features only on top of mobile Safari rendering. Microsoft, among other firms, will make similar concessions in certain areas of Europe with Windows 11 and other products.

While it’s unlikely to result in the same kind of action, Brendan Carr, a commissioner at the Federal Communications Commission, said at a conference yesterday that the FCC “has a role to play” in investigating whether Apple’s blocking of the Beeper Mini app violated Part 14 rules regarding accessibility and usability. “I think the FCC should launch an investigation to look at whether Apple’s decision to degrade the Beeper Mini functionality… was a step that violated the FCC’s rules in Part 14,” Carr said at the State of the Net policy conference in Washington, DC.

Beeper Mini launched with the ability for Android users to send fully encrypted iMessage messages to Apple users, based on reverse-engineering of its protocol and registration. Days after its launch, Apple blocked its users and issued a statement saying that it was working to stop exploits and spam. The blocking and workarounds continued until Beeper announced that it was shifting its focus away from iMessage and back to being a multi-service chat app, minus one particular service. Beeper’s experience had previously garnered recognition from Senators Elizabeth Warren (D-Mass.) and Amy Klobuchar (D-Minn.).

Ars has reached out to Apple, Microsoft, and Google for comment and will update this post if we receive responses.

Apple’s iMessage is not a “core platform” in EU, so it can stay walled off Read More »

apple-announces-sweeping-eu-app-store-policy-changes—including-sideloading

Apple announces sweeping EU App Store policy changes—including sideloading

App Store, Apple, Apple App Store, Browsers, Digital Markets Act, European Union, NFC, sideloading, Tech / /
iPhone 15, iPhone 15 Plus, iPhone 15 Pro, and iPhone 15 Pro Max lined up on a table

Enlarge / The iPhone 15 lineup.

To comply with European Union regulations, Apple has introduced sweeping changes that make iOS and Apple’s other operating systems more open. The changes are far-reaching and touch many parts of the user experience on the iPhone. They’ll be coming as part of iOS 17.4 in March.

Apple will introduce “new APIs and tools that enable developers to offer their iOS apps for download from alternative app marketplaces,” as well as a new framework and set of APIs that allow third parties to set up and manage those stores—essentially new forms of apps that can download other apps without going through the App Store. That includes the ability to manage updates for other developers’ apps that are distributed through the marketplaces.

The company will also offer APIs and a new framework for third-party web browsers to use browser engines other than Safari’s WebKit. Until now, browsers like Chrome and Firefox were still built on top of Apple’s tech. They essentially were mobile Safari, but with bookmarks and other features tied to alternative desktop browsers.

The changes also extend to NFC technology and contactless payments. Previously, only Apple Pay could fully access those features on the iPhone. Now, Apple will introduce new APIs that will let developers of banking and wallet apps gain more comparable access.

Developers will have new options for using alternative payment service providers within apps and for directing users to complete payments on external websites via link-outs. They’ll be able to use their apps to tell users about promotions and deals that are offered outside of those apps. (Apple warns that it will not be able to provide refunds or support for customers who purchased something outside its own payment system.)

Apple says it will give users in the European Union the ability to pick default App Stores or default contactless payment apps, just like they already can for email clients or web browsers. EU users will be prompted to pick a default browser when they first open Safari in iOS 17.4 or later, too.

Developers can “submit additional requests for interoperability with iPhone and iOS hardware and software features” via a new form.

All of the above changes impact only the EU; Apple won’t bring them to the United States or other regions at this time. There is one notable change that extends beyond Europe, though: Apple says that “developers can now submit a single app with the capability to stream all of the games offered in their catalog.” That opens the door for services like Microsoft’s Xbox Game Pass or Nvidia’s GeForce Now.

Apple notes that “each experience made available in an app on the App Store will be required to adhere to all App Store Review Guidelines,” which could still pose some barriers for game streamers.

Apple announces sweeping EU App Store policy changes—including sideloading Read More »

meta-relents-to-eu,-allows-unlinking-of-facebook-and-instagram-accounts

Meta relents to EU, allows unlinking of Facebook and Instagram accounts

anti-competition, anticompetitive behavior, Antitrust law, Digital Markets Act, dma, EU, European Union, facebook, gdpr, General Data Protection Regulation, Instagram, Meta, online advertising, Online Privacy, Policy / /
Meta relents to EU, allows unlinking of Facebook and Instagram accounts

Meta will allow some Facebook and Instagram users to unlink their accounts as part of the platform’s efforts to comply with the European Union’s Digital Markets Act (DMA) ahead of enforcement starting March 1.

In a blog, Meta’s competition and regulatory director, Tim Lamb, wrote that Instagram and Facebook users in the EU, the European Economic Area, and Switzerland would be notified in the “next few weeks” about “more choices about how they can use” Meta’s services and features, including new opportunities to limit data-sharing across apps and services.

Most significantly, users can choose to either keep their accounts linked or “manage their Instagram and Facebook accounts separately so that their information is no longer used across accounts.” Up to this point, linking user accounts had provided Meta with more data to more effectively target ads to more users. The perk of accessing data on Instagram’s widening younger user base, TechCrunch noted, was arguably the $1 billion selling point explaining why Facebook acquired Instagram in 2012.

Also announced today, users protected by the DMA will soon be able to separate their Facebook Messenger, Marketplace, and Gaming accounts. However, doing so will limit some social features available in some of the standalone apps.

While Messenger users choosing to disconnect the chat service from their Facebook accounts will still “be able to use Messenger’s core service offering such as private messaging and chat, voice and video calling,” Marketplace users making that same choice will have to email sellers and buyers, rather than using Facebook’s messenger service. And unlinked Gaming app users will only be able to play single-player games, severing their access to social gaming otherwise supported by linking the Gaming service to their Facebook social networks.

While Meta may have had choices other than depriving users unlinking accounts of some features, Meta didn’t really have a choice in allowing newly announced options to unlink accounts. The DMA specifically requires that very large platforms designated as “gatekeepers” give users the “specific choice” of opting out of sharing personal data across a platform’s different core services or across any separate services that the gatekeepers manage.

Without gaining “specific” consent, gatekeepers will no longer be allowed to “combine personal data from the relevant core platform service with personal data from any further core platform services” or “cross-use personal data from the relevant core platform service in other services provided separately by the gatekeeper,” the DMA says. The “specific” requirement is designed to block platforms from securing consent at sign-up, then hoovering up as much personal data as possible as new services are added in an endless pursuit of advertising growth.

As defined under the General Data Protection Regulation, the EU requiring “specific” consent stops platforms from gaining user consent for broadly defined data processing by instead establishing “the need for granularity,” so that platforms always seek consent for each “specific” data “processing purpose.”

“This is an important ‘safeguard against the gradual widening or blurring of purposes for which data is processed, after a data subject has agreed to the initial collection of the data,’” the European Data Protection Supervisor explained in public comments describing “commercial surveillance and data security practices that harm consumers” provided at the request of the FTC in 2022.

According to Meta’s help page, once users opt out of sharing data between apps and services, Meta will “stop combining your info across these accounts” within 15 days “after you’ve removed them.” However, all “previously combined info would remain combined.”

Meta relents to EU, allows unlinking of Facebook and Instagram accounts Read More »