“We firmly believe the DMA needs a complete overhaul”

After three years in place, is the DMA a blueprint for competition law or an obstacle to innovation? Read a Q&A with Gary Davis, Apple’s Senior Director of Regulatory Legal.

1. Roughly three years after taking effect, how did the DMA affect the digital innovation landscape in the EU?

Over time, it’s become clear that the DMA is harming innovation, making it harder to do business in Europe, and creating new security and privacy vulnerabilities for EU users. The European Commission’s radical interpretation of the DMA’s “interoperability by design” requirement means Apple is now forced to hand over our innovation to competitors the day we launch new features for our own devices.

This means Apple is handing over our innovation and sharing our IP with our competitors for free. And the same obligations are not required of some of our major competitors and market leaders in Europe. Companies should compete to design the best technology for consumers, and be allowed to benefit from their hard-earned innovations. The ability to differentiate products based on innovation is precisely what drives competition and growth.

This also creates immense engineering challenges, privacy and security risks if not done with great care and attention, and as we’ve seen, can force us to delay or withhold features. The DMA lets other companies request access to user data and core technologies of Apple products and the most sensitive data on a user’s iPhone — data that even Apple can’t access. Apple is expected to meet almost every request, even if they create serious risks for our users.

So already successful companies are twisting the law to suit their own agendas — to collect more data from EU citizens, or to get Apple’s technology for free. Rules like these don’t promote innovation — they discourage it.

2. What would you recommend for the DMA moving forward?

We firmly believe the DMA needs a complete overhaul and have already proposed detailed recommendations for the European Commission’s DMA Review — points we have stressed many times now:

• Repeal or completely overhaul the “interoperability by design” mandate which is causing the most harm to innovation and to EU consumers.

• Formally integrate relevant EU independent agencies for data protection and cybersecurity into the DMA decision making process. The stakes are too high for the interpretation of the DMA to be decided solely by the European Commission, which has so far overlooked the risks to the privacy and security of personal data which are fundamental rights in the EU.

• Include an overarching proportionality test in DMA decision-making, that explicitly requires the EC to consider the interests of end users, including safety, security, privacy, integrity, and innovation. It should also acknowledge the importance of the fundamental rights of gatekeepers, such as intellectual property rights and the right to conduct their businesses, including through product differentiation.

By contrast, we think regulators in the UK and Japan have approached digital platform regulation with more proportionality, demonstrating that a more pragmatic and measured approach to regulation is possible. Japan’s Mobile Software Competition Act acknowledges the privacy, security, and safety of Apple users and makes clear that companies can take measures to protect users — with a special emphasis on protecting children and sensitive user data. It also recognizes the importance of intellectual property, something the DMA largely ignores, and recognizes that innovation requires investment and does not happen for free.

3. How does the DMA interplay or conflict with other regulations and how does it fit in the broader EU digital rulebook?

The tensions between the European Commission’s competition-only enforcement of the DMA and its long standing commitment to user privacy enshrined in law by the GDPR have become increasingly clear. Apple has consistently supported the GDPR, before, during and after its passage. We have done so because we believe privacy is a fundamental human right.

Unfortunately, the EC is forcing Apple to make users’ sensitive data available to third parties through a DMA interoperability mandate that takes no account of the GDPR. The EC’s interpretations are enabling data-hungry companies to create a detailed picture of users’ private behavior and patterns online, and promoting data sharing processes that can be too easily abused.

Just indicatively, the European Commission says we will have to hand over data that includes all the contents of their notifications, including those relating to their messages and emails. This is some of the most sensitive information on your iPhone which will let companies track people’s location, activities, and habits at a huge scale. We’ve suggested changes to these features that would protect our users’ data, but so far, the European Commission has rejected our proposals.

Our EU users are also experiencing new exposure to harmful apps: for the first time, pornography apps are available on iPhone from other marketplaces — apps we’ve never allowed on the App Store because of the risks they create, especially for children. We built the App Store to be a central, trusted place for our users where every app is reviewed, every developer follows the same rules, and parents have tools to protect their children.

The DMA should not come at the cost of sacrificing the rights of EU citizens and absolutely no legislation — whether it be the DMA or anything else — should be interpreted to undermine privacy, security and safety rights.

This Q&A was conducted after the strategy session “The DMA at Three: Blueprint for Competition Law or Roadblock for Innovation?” (November 25) in Berlin. Gary Davis (Senior Director of Regulatory Legal at Apple), Dr. Thorsten Käseberg (Head of the Department of General Issues of Competition Policy, Competition Law, and Competition Policy Issues of Digitalization at the Federal Ministry for Economic Affairs and Energy), and Svea Windwehr (Co-Chair of D64 e.V.) discussed the DMA three years after it took effect. The discussion was moderated by Johannes Kuhn, editor-in-chief of Tagesspiegel Background Digitization & AI.