Digital Markets Act (DMA) Resources

Your learning destination for Digital Markets Act (DMA) resources. From articles and ebooks to guides and checklists, you’re all set for a successful DMA compliance journey.

Blog

Computer with CMP banner and cookies in front
Privacy-Led Marketing and compliance with global privacy laws require companies to implement a cookie popup that informs users and asks them for their consent. Here’s what you need to know for great user experience, high-quality data, and privacy compliance.
Man holding phone with shield and lock
Most data privacy laws require that users be notified about the use of their data, their rights, and more. A privacy notice is a common way to provide this. Read on for everything you need to know about the what, when, why, and how of privacy notices.
Woman holding laptop with DPIA shield
The GDPR and other laws require a Data Protection Impact Assessment (DPIA) where data processing activities can result in a high risk to the rights and freedoms of individuals. We look at who is responsible for a DPIA, what it should contain, and how to carry it out for your organization.
Managing Google Tag Manager cookie consent and GDPR compliance is important for businesses operating in the EU, UK, and Switzerland. Here’s what you need to know about Google Tag Manager, cookie consent, and the GDPR.
We provide answers to the most frequently asked questions about the Digital Markets Act (DMA). Gain insights into the latest regulatory measures and discover how they are shaping the digital landscape and impacting businesses.
The ability to seamlessly connect with audiences across various platforms is now a fundamental aspect of any marketer’s playbook. But the rules are changing for businesses using Google Marketing Platform products, including Campaign Manager 360 and Display & Video 360.
DMA Marketer
Google Ads’ notification to “implement consent for ads personalization” isn’t just a policy change. It’s a significant call to action, reflecting a global pivot to user-centric data privacy practices. Learn what it’s all about and what you need to do to stay compliant with Google’s requirements.
Google continues to introduce product updates that advance data privacy requirements. New regulations like the Digital Markets Act (DMA) also require enhanced consent management efforts from the company and third parties that rely on its products and services, like Google Ads and Google Analytics 4.
Thumbnail Image
The ecommerce privacy world is shifting, and understanding the new consent requirements is crucial for online retailers. Let’s explore the impact of the new rules of the game on digital advertising and the strategies retailers must adopt to comply while still thriving in a competitive market.
DMA Marketer
With Meta’s new ad-free subscription model for EU users, the digital advertising industry is facing a major shift. Discover what this move means for user privacy and the future of digital marketing.
The European Digital Markets Act (DMA) came into force in November 2022 and gatekeepers have been nominated by the European Commission. But how does the DMA privacy law impact user privacy and consent management?
Google EU Policy
Google’s EU user consent policy sets the foundation for responsible data handling in digital advertising. We explore how websites that have received a noncompliance notice from Google can use a Consent Management Platform (CMP) to enable compliance and avoid suspension from Google’s platforms.
Load more
Usercentrics Web CMP
Usercentrics App CMP
  • Ensure your data-driven digital operations continue as the European regulatory landscape evolves
  • Obtain consent-based data and minimize data or revenue loss
  • Build trustworthy and compliant user experience without performance impact

See how easy consent management can be, and what it can do for your marketing practices.

Try Usercentrics free for 30 days.

LGPD compliance badge

Start a 30-day trial

Explore all the advanced features with no limits. Start now and cancel at any time. No credit card required.

START FREE

After the trial, continue with your plan from 50 per month.

Explore advanced features:
  • Unlimited configurations and domains
  • Daily Website Scanner
  • Privacy Policy Embeddings
  • Ensure your data-driven digital operations continue as the European regulatory landscape evolves
  • Obtain consent-based data and minimize data loss
  • Build trustworthy user experience without any performance impact
LGPD compliance badge

Start a 30-day trial

Explore all the advanced features with no limits. Start now and cancel at any time. No credit card required.

START FREE

After the trial, continue with your plan from 50 per month.

Explore advanced features:
  • Unlimited apps and unlimited configurations
  • Access to all App SDKs: iOS, Android, Flutter, React Native and Unity
  • Express setup with App Scanner

Frequently asked questions

What is the Digital Markets Act (DMA)?

The Digital Markets is a regulation developed by the European Commission that applies to large tech companies operating in the European Union, such as Google and Amazon. The law aims to foster competition and innovation and improve fairness for companies operating in digital markets. The DMA requires increased improvements in transparency, data sharing, and platform interoperability, as well as for consumer choice and data privacy.

Under the DMA six large, influential tech companies have so far been designated “gatekeepers”. This means they have specific obligations under the law. However, many third-party companies rely on the gatekeepers’ platforms and services, e.g. for advertising, and will also have obligations to ensure compliance, like for data privacy and consent.

When does the Digital Markets Act come into force?

The Digital Markets Act officially came into force November 1, 2022, with most of its rules active by May 2023. The European Commission designated the gatekeepers on September 6, 2023, and the gatekeepers have until March 6, 2024 to comply with the Digital Markets Act.

In what region(s) does the Digital Markets Act apply?

The Digital Markets Act applies to gatekeepers and third parties doing business with them that operate in the European Union, European Economic Area and United Kingdom. The law also applies to consumers living in those regions.

What companies does the Digital Markets Act apply to?

The Digital Markets Act applies to companies that own and operate large online digital platforms and services that meet the EC’s criteria, including the size of their user base, significant impact on digital markets, influence over innovation, how they act as intermediaries between businesses and users, and their durable position of power in digital markets. These platforms and services have been designated as “gatekeepers” and will be subject to enhanced regulatory obligations and scrutiny under the DMA.

Which companies have been designated gatekeepers by the European Commission?

The six gatekeepers designated by the European Commission to date are:

  • Alphabet (owner of Google and Android)
  • Amazon
  • Apple
  • ByteDance (owner of TikTok)
  • Meta (owner of Facebook, Instagram, WhatsApp, and others)
  • Microsoft

This list may grow or change in the future. Although the Digital Markets Act applies directly to these gatekeepers, many businesses work with and rely on their platforms and services. These third parties need to understand the law and its possible applications to their business, e.g. obtaining valid user consent. The gatekeepers will communicate and impose their own requirements of partners and customer companies to ensure Digital Markets Act compliance.

What is the scope of applicability for the Digital Markets Act?

The Digital Markets Act primarily focuses on developing digital markets that are more transparent, more fair to smaller businesses, and more competitive overall. The Act also aims to better protect user privacy and consumer choice.

Overall, the DMA should help smaller players to grow and innovate in digital markets in the EU to compete with the big tech platforms, and prevent the gatekeepers from using their power and reach to control operations and growth of smaller organizations that rely on them.

What are gatekeepers’ core platform services (CPS)?

These sites, software, and services are owned and operated by the gatekeepers, and are integral to digital business operations and online activities for millions of companies and consumers. The CPS include online search engines, operating systems, web browsers, voice assistants, online social networks, video sharing platforms, and more. To date 22 core platform services (CPS) have been identified under the Digital Markets Act, though the list may grow or change over time:

  • 6 intermediary platforms (Amazon Marketplace, Google Maps, Google Play, Google Shopping, iOS App Store, Meta Marketplace)
  • 4 social networks (Facebook, Instagram, LinkedIn, TikTok)
  • 3 online advertising services (Amazon, Google, and Meta)
  • 3 most popular operating systems (Google Android, iOS, Windows PC OS)
  • 2 large communication services (Facebook Messenger and WhatsApp)
  • 2 web browsers (Chrome and Safari)
  • 1 search engine (Google)
  • 1 video sharing platform (YouTube)

What regulatory obligations do gatekeepers have under the Digital Markets Act?

The Digital Markets Act levies a number of obligations on gatekeepers. However, broadly, these are the main ones that will require compliance:

  • eliminate anti-competitive or unfair business practices toward smaller companies
  • provide access to data that their platforms and services generate or that’s gathered on them
  • ensure interoperability and portability for consumers and businesses
  • prevent favoring their own or specific partners’ products or services

Will the Digital Markets Act impact EU businesses?

Digital Markets Act compliance will require the gatekeepers to update their operations and conditions for use of their platforms and services. This work may require significant investment in legal resources, technology infrastructure and staffing. This will likely lead to increases in operating costs, at least for a while. However, the gatekeepers have substantial resources and ways to recoup investment costs.

The Digital Markets Act can also result in significant fines or other penalties for noncompliance, which could be a further financial burden for gatekeepers.

For smaller companies, noncompliance could result in loss of access to the gatekeepers platforms and services, which could cause serious financial problems, as it would deny access to users, data, and revenue streams like advertising.

However, over time the DMA should help foster innovation and bring growth to smaller companies operating in the EU as the business playing field is leveled and they take advantage of additional data, larger potential audiences and new opportunities.

Will EU consumers benefit from the Digital Markets Act’s?

Consumers and users of digital platforms and services in the EU are likely to see more competitive pricing and more innovation in the CPS they use. It will become easier for them to switch providers and take their data with them. Consumers will have more control over the apps and services they use, and in customizing their user experience. They will also have additional data privacy and protection and choices regarding granting use of their personal data.

Will using a consent management platform help with Digital Markets Act compliance?

Prior consent for access to personal data is a key part of the Digital Markets Act’s requirements, so consent management is important to compliance there. Gatekeepers will need to ensure they obtain compliant consent from users, and will require third parties using their platforms and services to be able to prove that they obtain compliant consent as well.

Signally this consent can be done with existing tools, e.g. via Google Consent Mode for Google’s platforms. A consent management platform like Usercentrics CMP enables companies to obtain valid user consent for cookie and tracker usage, securely store the information, and signal it to gatekeepers. It also enables users to change their consent preferences in the future, and ensures that consent data is available to data protection authorities, who may perform compliance audits.

Will the Digital Markets Act coordinate with other European regulations?

The Digital Markets Act joins a number of regulations and frameworks already in force in the EU, so good coordination will be critical to ensure compliance and enforcement and not put an undue burden on companies.

The DMA is designed to complement existing regulations like the GDPR, which are well established. The European Commission, which will enforce the Digital Markets Act, will be working closely with other regulatory bodies to ensure harmonization and coordination. These will include national competition and data protection authorities. Regular consultations and mechanisms to enable good cooperation will be set up for information exchange, alignment where enforcement actions are required, and to address any inconsistencies or overlaps among the Digital Markets Act and other regulatory frameworks.